Merge pull request #5 from KristienN/fix-deploy

fix: Flesh out deploy step
KristienN · Dec 3, 2024 · b9e5907 · b9e5907
2 parents 4e8ce62 + a443e48
commit b9e5907
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 23 deletions.
diff --git a/.github/workflows/main-ci.yml b/.github/workflows/main-ci.yml
@@ -11,6 +11,13 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
+      - name: "CONFIGURE SSH Key"
+        env:
+          PRIVATE_KEY: ${{ secrets.TF_SSH_PRIVATE_KEY }}
+        run: |
+          echo "$PRIVATE_KEY" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+
       - name: "Set up Terraform"
         uses: hashicorp/setup-terraform@v3
         with:
@@ -20,7 +27,7 @@ jobs:
         run: |
           terraform init
           terraform plan -var digitalocean_access_token=$DIGITALOCEAN_ACCESS_TOKEN -out=tfplan
-          terraform apply -var digitalocean_access_token=$DIGITALOCEAN_ACCESS_TOKEN -auto-approve tfplan
+          terraform apply tfplan -var digitalocean_access_token=$DIGITALOCEAN_ACCESS_TOKEN -auto-approve
         env:
           DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
       - name: "Post-deployment testing"

diff --git a/main.tf b/main.tf
@@ -13,11 +13,6 @@ provider "digitalocean" {
   token = var.digitalocean_access_token
 }
 
-resource "digitalocean_ssh_key" "portfolio-v2-server" {
-  name = "digitalocean_ssh_key"
-  public_key = file("~/.ssh/id_rsa.pub")
-}
-
 resource "digitalocean_droplet" "portfolio-v2-server" {
   image  = "ubuntu-24-10-x64"
   name   = var.droplet_name
@@ -26,6 +21,18 @@ resource "digitalocean_droplet" "portfolio-v2-server" {
   ssh_keys = [var.ssh_fingerprint]
   tags = ["portfolio-v2", "server"]
 
+  provisioner "file" {
+    source      = "./scripts/install.sh"
+    destination = "/tmp/install.sh"
+
+    connection {
+      type = "ssh"
+      user = "root"
+      private_key = file("~/.ssh/id_rsa")
+      host = self.ipv4_address
+    }
+  }
+
   provisioner "remote-exec" {
     connection {
       type = "ssh"
@@ -34,7 +41,10 @@ resource "digitalocean_droplet" "portfolio-v2-server" {
       host = self.ipv4_address
     }
 
-    script = "./scripts/install.sh"
+    inline = [
+      "chmod +x /tmp/install.sh",
+      "/tmp/install.sh ${var.digitalocean_access_token}"
+    ]
   }
 }
 
@@ -71,4 +81,12 @@ resource "digitalocean_firewall" "portfolio-v2-server" {
     protocol = "icmp"
     destination_addresses = ["0.0.0.0/0", "::/0"]
   }
+}
+
+resource "digitalocean_record" "portfolio-v2-server" {
+  name   = "www"
+  value  = digitalocean_droplet.portfolio-v2-server.ipv4_address
+  domain = "kristiennyamutsaka.com"
+  type   = "A"
+  ttl    = "1800"
 }
diff --git a/scripts/install.sh b/scripts/install.sh
@@ -1,21 +1,27 @@
-#!/usr/bin/env bash
+#!/bin/sh
 
-# Add Docker's official GPG key:
-sudo apt-get update -y
-sudo apt-get install ca-certificates curl
-sudo install -m 0755 -d /etc/apt/keyrings
-sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
-sudo chmod a+r /etc/apt/keyrings/docker.asc
+DOCTL_ACCESS_TOKEN=$1
 
-# Add the repository to Apt sources:
-echo \
-  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
-  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
-  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
-sudo apt-get update
+if [ -z "$DOCTL_ACCESS_TOKEN" ]; then
+  echo "Error: DOCTL_ACCESS_TOKEN is not set"
+  exit 1
+fi
 
-# Install latest version
-sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+echo "Updating package list and installing dependencies..."
+sudo apt-get update -y || { echo "Failed to update package list"; exit 1; }
+sudo apt install apt-transport-https ca-certificates curl -y
+curl -fsSL https://get.docker.com -o get-docker.sh
+sudo sh get-docker.sh
 
-sudo docker --version
 
+sudo snap install doctl
+sudo snap connect doctl:dot-docker
+sudo mkdir /root/.config
+
+echo "Logging into Digital Ocean Services"
+sudo doctl auth init --access-token $DOCTL_ACCESS_TOKEN
+sudo doctl registry login
+
+echo "Pulling latest image"
+sudo docker pull registry.digitalocean.com/kristien-docr/portfolio-v2:local || { echo "Failed to pull image"; exit 1; }
+sudo docker run --name portfolio-v2 -d -p 80:80 registry.digitalocean.com/kristien-docr/portfolio-v2:local
diff --git a/tfplan b/tfplan