Merge pull request #62 from openfoodfacts/release-please--branches--main #75
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy project | |
on: | |
push: | |
branches: | |
- main | |
- deploy-* | |
tags: | |
- v*.*.* | |
# Note on secrets used for connection | |
# They are configured as environment secrets | |
# HOST is the internal ip of VM containing docker | |
# PROXY_HOST is the host of VMs | |
# USERNAME is the user used for operations | |
# SSH_PRIVATE_KEY is the private key (shared between VM and host) | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
env: | |
# Note: env is also the name of the directory on the server | |
- ${{ startsWith(github.ref, 'refs/tags/v') && 'nutripatrol-org' || 'nutripatrol-net' }} | |
environment: ${{ matrix.env }} | |
concurrency: ${{ matrix.env }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
cache: "yarn" | |
- name: Install dependencies | |
run: yarn install --immutable | |
- name: Build (staging) | |
run: | | |
yarn build-staging | |
if: matrix.env == 'nutripatrol-net' | |
- name: Build (prod) | |
run: | | |
yarn build-prod | |
if: matrix.env == 'nutripatrol-org' | |
# Deploy | |
- name: Set common variables | |
run: | | |
# We use the prod oauth server for all environments | |
echo "SSH_PROXY_HOST=ovh1.openfoodfacts.org" >> $GITHUB_ENV | |
echo "SSH_USERNAME=off" >> $GITHUB_ENV | |
- name: Set various variable for staging (net) deployment | |
if: matrix.env == 'nutripatrol-net' | |
run: | | |
echo "SSH_HOST=10.1.0.200" >> $GITHUB_ENV | |
- name: Set various variable for production deployment | |
if: matrix.env == 'nutripatrol-org' | |
run: | | |
echo "SSH_HOST=10.1.0.201" >> $GITHUB_ENV | |
- name: Copy dist via scp | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ env.SSH_HOST }} | |
username: ${{ env.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
proxy_host: ${{ env.SSH_PROXY_HOST }} | |
proxy_username: ${{ env.SSH_USERNAME }} | |
proxy_key: ${{ secrets.SSH_PRIVATE_KEY }} | |
source: "dist" | |
target: "/home/${{ env.SSH_USERNAME }}/${{ matrix.env }}/static" | |
rm: true | |
strip_components: 1 | |
- name: Restart nginx | |
uses: appleboy/ssh-action@master | |
if: ${{ always() }} | |
with: | |
host: ${{ env.SSH_HOST }} | |
username: ${{ env.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
proxy_host: ${{ env.SSH_PROXY_HOST }} | |
proxy_username: ${{ env.SSH_USERNAME }} | |
proxy_key: ${{ secrets.SSH_PRIVATE_KEY }} | |
script_stop: false | |
script: | | |
cd ${{ matrix.env }} | |
docker-compose restart nginx |