(chore) change secret name in ci/cd deploy pipeline #106
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and deploy JWizard API | |
| on: | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - ".github/workflows/deploy.yml" | |
| - "jwa-*/**" | |
| - ".dockerignore" | |
| - "Dockerfile.pipeline" | |
| - "build.gradle" | |
| - "gradle.properties" | |
| - "settings.gradle" | |
| workflow_dispatch: | |
| env: | |
| PM2_API_NAME: JWizardApi | |
| SSH_HOST: ${{ secrets.SSH_HOST }} | |
| SSH_USERNAME: ${{ secrets.SSH_USERNAME }} | |
| SSH_PORT: ${{ secrets.SSH_PORT }} | |
| SSH_KEY: ${{ secrets.SSH_KEY }} | |
| SSH_PASSPHRASE: ${{ secrets.SSH_PASSPHRASE }} | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'adopt' | |
| - name: Determinate build version | |
| id: version | |
| run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Run tests | |
| run: ./gradlew clean test --no-daemon | |
| env: | |
| JWIZARD_VERSION: ${{ steps.version.outputs.sha_short }} | |
| JWIZARD_MAVEN_NAME: ${{ secrets.MVN_LIB_READER_NAME }} | |
| JWIZARD_MAVEN_SECRET: ${{ secrets.MVN_LIB_READER_SECRET }} | |
| - name: Package to JAR | |
| run: ./gradlew clean shadowJar --no-daemon | |
| env: | |
| JWIZARD_VERSION: ${{ steps.version.outputs.sha_short }} | |
| JWIZARD_MAVEN_NAME: ${{ secrets.MVN_LIB_READER_NAME }} | |
| JWIZARD_MAVEN_SECRET: ${{ secrets.MVN_LIB_READER_SECRET }} | |
| - name: Upload generated JAR artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: output-jar | |
| path: .bin/jwizard-api.jar | |
| retention-days: 1 | |
| docker: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Download generated JAR artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: output-jar | |
| path: ${{ github.workspace }}/docker | |
| - name: Set up builder | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build the Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ./Dockerfile.pipeline | |
| push: true | |
| tags: milosz08/jwizard-api:latest | |
| - name: Logout from Docker Hub | |
| run: docker logout | |
| clear-context: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Stop existing process | |
| uses: appleboy/ssh-action@v1.1.0 | |
| with: | |
| host: ${{ env.SSH_HOST }} | |
| username: ${{ env.SSH_USERNAME }} | |
| port: ${{ env.SSH_PORT }} | |
| key: ${{ env.SSH_KEY }} | |
| passphrase: ${{ env.SSH_PASSPHRASE }} | |
| script: ~/exec/process stop ${{ env.PM2_API_NAME }} | |
| pre-deploy: | |
| runs-on: ubuntu-latest | |
| needs: clear-context | |
| steps: | |
| - name: Checkout tools repository | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.repository_owner }}/jwizard-tools | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup Python environment | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.12' | |
| cache: 'pip' | |
| - name: Install requirements | |
| run: pip install -r requirements.txt | |
| - name: Grand permissions to run packages grabber | |
| run: chmod +x exec/run-with-config | |
| - name: Run migrator | |
| run: exec/run-with-config db_migrator \ | |
| "${{ secrets.CONFIG_FILE_CONTENT }}" \ | |
| --pipeline infra | |
| - name: Cache version | |
| run: exec/run-with-config cache_version \ | |
| "${{ secrets.CONFIG_FILE_CONTENT }}" \ | |
| --repo ${{ github.repository }} | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: pre-deploy | |
| env: | |
| SERVER_OUTPUT: "/var/www/jwizard-api" | |
| steps: | |
| - name: Download generated JAR artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: output-jar | |
| - name: Move files to server | |
| uses: appleboy/scp-action@v0.1.7 | |
| with: | |
| host: ${{ env.SSH_HOST }} | |
| username: ${{ env.SSH_USERNAME }} | |
| port: ${{ env.SSH_PORT }} | |
| key: ${{ env.SSH_KEY }} | |
| passphrase: ${{ env.SSH_PASSPHRASE }} | |
| source: "jwizard-api.jar" | |
| target: ${{ env.SERVER_OUTPUT }} | |
| rm: true | |
| - name: Re-create config file | |
| uses: appleboy/ssh-action@v1.1.0 | |
| with: | |
| host: ${{ env.SSH_HOST }} | |
| username: ${{ env.SSH_USERNAME }} | |
| port: ${{ env.SSH_PORT }} | |
| key: ${{ env.SSH_KEY }} | |
| passphrase: ${{ env.SSH_PASSPHRASE }} | |
| script: exec/make-conf ${{ env.SERVER_OUTPUT }} "${{ secrets.APP_CONFIG_FILE_CONTENT }}" | |
| - name: Start process | |
| uses: appleboy/ssh-action@v1.1.0 | |
| with: | |
| host: ${{ env.SSH_HOST }} | |
| username: ${{ env.SSH_USERNAME }} | |
| port: ${{ env.SSH_PORT }} | |
| key: ${{ env.SSH_KEY }} | |
| passphrase: ${{ env.SSH_PASSPHRASE }} | |
| script: ~/exec/process start ${{ env.PM2_API_NAME }} |