diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cf0e8de..c9afb2a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,10 +1,19 @@ --- name: CI/CD +permissions: + packages: write + contents: write + on: push: branches: [ main ] +env: + ECR_REGISTRY: ${{ secrets.ECR_REGISTRY }} + ECR_REPOSITORY: ${{ github.event.repository.name }} + IMAGE_TAG: ${{ github.sha }} + jobs: lint: name: Linting @@ -37,20 +46,24 @@ jobs: - name: Build, tag, and push image to Amazon ECR id: build-image - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - ECR_REPOSITORY: ${{ github.event.repository.name }} - IMAGE_TAG: ${{ github.sha }} run: | docker build --target prod --tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_ENV + echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT + + deploy_to_server: + name: Deploy to EC2 + needs: push_to_registry + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 - name: Create .env files with secrets run: | echo "${{ secrets.ENV_FILE_LAVALINK }}">> application.env echo "${{ secrets.ENV_FILE_BOT }}">> bot.env - echo "IMAGE=${{ env.image }}">> .env + echo "IMAGE=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG">> .env - name: SCP docker compose and lavalink config to server uses: appleboy/scp-action@v0.1.7 @@ -65,12 +78,12 @@ jobs: - name: SSH into EC2 instance and deploy uses: appleboy/ssh-action@v1.0.3 - with: + env: host: ${{ secrets.EC2_HOST }} username: ${{ secrets.EC2_USERNAME }} key: ${{ secrets.EC2_SSH_KEY }} script: | - aws ecr get-login-password | docker login -u ${{ secrets.EC2_USERNAME }} --password-stdin 730519783440.dkr.ecr.eu-central-1.amazonaws.com + aws ecr get-login-password | docker login -u $username --password-stdin $ECR_REGISTRY cd ~/.deploy/djs/ docker compose -f compose-prod-aws.yml pull docker compose -f compose-prod-aws.yml up -d \ No newline at end of file