General ec2c26174f253857f5e9e86d7f1cfce063ca4b66 #11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # General services (proxies to access dynamic stand deployments) | |
| name: General Stack | |
| run-name: General ${{ github.sha }} | |
| on: | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| LOCATOR_IMAGE_NAME: ${{ github.repository }}/locator | |
| jobs: | |
| ################################################################ | |
| build-locator: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| outputs: | |
| image_tag: ${{ steps.meta.outputs.tags }} # TODO: output SHA tag only | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: docker/metadata-action@v5 | |
| id: meta | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.LOCATOR_IMAGE_NAME }} | |
| tags: type=sha | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| file: src/Locator/Locator.Service/Dockerfile | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| ################################################################ | |
| deploy: | |
| needs: build-locator | |
| runs-on: ubuntu-latest | |
| permissions: | |
| deployments: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/composites/deploy-begin | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| environment: infra-general | |
| - uses: ./.github/composites/remote-deploy | |
| env: | |
| # environment variables that are used for compose | |
| STACK_NAME: general | |
| DATA_ROOT: /home/${{ secrets.REMOTE_USER }} | |
| SERVER_NAME: ${{ secrets.REMOTE_HOST }} | |
| DOMAIN_EMAIL: ${{ secrets.DOMAIN_EMAIL }} | |
| LOCATOR_IMAGE: ${{ needs.build-locator.outputs.image_tag }} | |
| TURN_USERNAME: ${{ secrets.TURN_USERNAME }} | |
| TURN_PASSWORD: ${{ secrets.TURN_PASSWORD }} | |
| with: | |
| ssh_user: ${{ secrets.REMOTE_USER }} | |
| ssh_host: ${{ secrets.REMOTE_HOST }} | |
| ssh_private_key: ${{ secrets.REMOTE_PRIVATE_KEY }} | |
| step_name: General Stack Deploy STACK_NAME=${{ env.STACK_NAME }} | |
| step_run: | | |
| #### general stack deploy | |
| set -x | |
| # initial setup #TODO: rm after swarm secrets will be used | |
| ssh -T $SSH_TARGET mkdir -p $DATA_ROOT/certbot/{www,conf} | |
| # deploy configs #TODO: rm after general nginx proxy image will be built | |
| scp -r deploy/ $SSH_TARGET:. | |
| docker stack deploy \ | |
| -c ./deploy/_general/compose.yaml \ | |
| -c ./deploy/_general/compose.swarm.yaml \ | |
| ${{ env.STACK_NAME }} | |
| #TODO: /docker-entrypoint.d/20-envsubst-on-templates.sh && nginx -s reload | |
| # force nginx config template render and reload | |
| docker service update --force ${{ env.STACK_NAME }}_nginx | |
| #TODO: enable coturn reload after config instead of CLI arguments will be used | |
| # # force coturn reload over updated configs | |
| # docker service update --force ${{ env.STACK_NAME }}_coturn | |
| - uses: ./.github/composites/deploy-status | |
| if: always() | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| state: ${{ job.status }} |