test #64
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: CI/CD | |
| permissions: | |
| packages: write | |
| contents: write | |
| on: | |
| push: | |
| branches: [ main ] | |
| env: | |
| ECR_REGISTRY: ${{ secrets.ECR_REGISTRY }} | |
| ECR_REPOSITORY: ${{ github.event.repository.name }} | |
| IMAGE_TAG: ${{ github.sha }} | |
| jobs: | |
| lint: | |
| name: Linting | |
| permissions: | |
| contents: read | |
| statuses: write | |
| # FIXME: customize uri to point to your own reusable linter repository | |
| uses: k4mien/super-linter-bf/.github/workflows/reusable-super-linter.yaml@main | |
| with: | |
| filter-regex-include: src/.* | |
| push_to_registry: | |
| name: Push to ECR | |
| # needs: lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Build, tag, and push image to Amazon ECR | |
| id: build-image | |
| run: | | |
| docker build --target prod --tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT | |
| deploy_to_server: | |
| name: Deploy to EC2 | |
| needs: push_to_registry | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Create .env files with secrets | |
| run: | | |
| echo "${{ secrets.ENV_FILE_LAVALINK }}">> application.env | |
| echo "${{ secrets.ENV_FILE_BOT }}">> bot.env | |
| echo "IMAGE=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG">> .env | |
| - name: SCP docker compose and lavalink config to server | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USERNAME }} | |
| port: 22 | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| rm: true | |
| source: "./.env,./bot.env,./application.env,./compose-prod-aws.yml" | |
| target: "~/.deploy/djs/" | |
| - name: SSH into EC2 instance and deploy | |
| uses: appleboy/[email protected] | |
| env: | |
| USERNAME: ${{ secrets.EC2_USERNAME }} | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USERNAME }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| script: | | |
| aws configure set aws_access_key_id "${{ secrets.AWS_ACCESS_KEY_ID }}" | |
| aws configure set aws_secret_access_key "${{ secrets.AWS_SECRET_ACCESS_KEY }}" | |
| aws configure set region "${{ secrets.AWS_REGION }}" | |
| docker login -u $USERNAME -p $(aws ecr get-login-password) $ECR_REGISTRY | |
| cd ~/.deploy/djs/ | |
| docker compose -f compose-prod-aws.yml pull | |
| docker compose -f compose-prod-aws.yml up -d |