General 0430a2b75e0899981cf5871703f7f2cdb6c95ff2 #8
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # General services (proxies to access dynamic stand deployments) | |
| name: General Stack | |
| run-name: General ${{ github.sha }} | |
| on: | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| LOCATOR_IMAGE_NAME: ${{ github.repository }}/locator | |
| jobs: | |
| ################################################################ | |
| build-locator: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| outputs: | |
| image_tag: ${{ steps.meta.outputs.tags }} # TODO: output SHA tag only | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: docker/metadata-action@v5 | |
| id: meta | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.LOCATOR_IMAGE_NAME }} | |
| tags: type=sha | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| file: src/Locator/Service/Dockerfile | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| ################################################################ | |
| deploy: | |
| needs: build-locator | |
| runs-on: ubuntu-latest | |
| permissions: | |
| deployments: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/composites/deploy-begin | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| environment: infra-general | |
| - uses: ./.github/composites/remote-deploy | |
| env: | |
| # environment variables that are used for compose | |
| STACK_NAME: general | |
| DATA_ROOT: /home/${{ secrets.REMOTE_USER }} | |
| SERVER_NAME: ${{ secrets.REMOTE_HOST }} | |
| DOMAIN_EMAIL: ${{ secrets.DOMAIN_EMAIL }} | |
| LOCATOR_IMAGE: ${{ needs.build-locator.outputs.image_tag }} | |
| with: | |
| ssh_user: ${{ secrets.REMOTE_USER }} | |
| ssh_host: ${{ secrets.REMOTE_HOST }} | |
| ssh_private_key: ${{ secrets.REMOTE_PRIVATE_KEY }} | |
| step_name: General Stack Deploy STACK_NAME=${{ env.STACK_NAME }} | |
| step_run: | | |
| #### general stack deploy | |
| set -x | |
| # initial setup #TODO: rm after swarm secrets will be used | |
| ssh -T $SSH_TARGET mkdir -p $DATA_ROOT/certbot/{www,conf} | |
| # deploy configs #TODO: rm after general nginx proxy image will be built | |
| scp -r deploy/ $SSH_TARGET:. | |
| docker stack deploy \ | |
| -c ./deploy/_general/compose.yaml \ | |
| -c ./deploy/_general/compose.swarm.yaml \ | |
| ${{ env.STACK_NAME }} | |
| #TODO: /docker-entrypoint.d/20-envsubst-on-templates.sh && nginx -s reload | |
| # force nginx config template render and reload | |
| docker service update --force ${{ env.STACK_NAME }}_nginx | |
| #TODO: enable coturn reload after config instead of CLI arguments will be used | |
| # # force coturn reload over updated configs | |
| # docker service update --force ${{ env.STACK_NAME }}_coturn | |
| - uses: ./.github/composites/deploy-status | |
| if: always() | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| state: ${{ job.status }} |