Staging #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Production CI/CD | |
| on: | |
| # push: | |
| # branches: [production] | |
| pull_request: | |
| branches: [production] | |
| types: [closed] | |
| env: | |
| LATEST_IMAGE_TAG: latest-production | |
| jobs: | |
| # build-public: | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - uses: actions/checkout@v4 | |
| # - uses: actions/setup-node@v4 | |
| # with: | |
| # node-version: '20.x' | |
| # - name: Setup Env Vars | |
| # run: | | |
| # mkdir secrets | |
| # mkdir secrets/prod/ | |
| # mkdir secrets/dev/ | |
| # echo "${{secrets.SAUSAGE_WEB_PRODUCTION_ENV }}" > secrets/prod/sausage-web.production.env | |
| # echo "${{secrets.SAUSAGE_WEB_DB_DEV_ENV }}" > secrets/dev/sausage-web-db.dev.env | |
| # echo "${{secrets.SAUSAGE_PUBLIC_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-public-frontend.production.env | |
| # echo "${{secrets.SAUSAGE_PUBLIC_REDESIGN_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-public-redesign-frontend.production.env | |
| # echo "${{secrets.SAUSAGE_ADMIN_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-admin-frontend.production.env | |
| # - name: Build - Prep | |
| # run: | | |
| # mkdir ./build | |
| # mkdir ./nginx-prod/build | |
| # - name: Public Frontend - Build | |
| # run: docker compose --file build_production.yml run public | |
| # - name: Upload artifact for container build jobs | |
| # uses: actions/upload-artifact@v4 | |
| # with: | |
| # name: build-public | |
| # path: ./nginx-prod/build/public.tgz | |
| # build-admin: | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - uses: actions/checkout@v4 | |
| # - uses: actions/setup-node@v4 | |
| # with: | |
| # node-version: '20.x' | |
| # - name: Setup Env Vars | |
| # run: | | |
| # mkdir secrets | |
| # mkdir secrets/prod/ | |
| # mkdir secrets/dev/ | |
| # echo "${{secrets.SAUSAGE_WEB_PRODUCTION_ENV }}" > secrets/prod/sausage-web.production.env | |
| # echo "${{secrets.SAUSAGE_WEB_DB_DEV_ENV }}" > secrets/dev/sausage-web-db.dev.env | |
| # echo "${{secrets.SAUSAGE_PUBLIC_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-public-frontend.production.env | |
| # echo "${{secrets.SAUSAGE_PUBLIC_REDESIGN_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-public-redesign-frontend.production.env | |
| # echo "${{secrets.SAUSAGE_ADMIN_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-admin-frontend.production.env | |
| # - name: Build - Prep | |
| # run: | | |
| # mkdir ./build | |
| # mkdir ./nginx-prod/build | |
| # - name: Public Admin - Build | |
| # run: docker compose --file build_production.yml run admin | |
| # - name: Upload artifact for container build jobs | |
| # uses: actions/upload-artifact@v4 | |
| # with: | |
| # name: build-admin | |
| # path: ./nginx-prod/build/admin.tgz | |
| build-public-redesign: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| - name: Setup Env Vars | |
| run: | | |
| mkdir secrets | |
| mkdir secrets/prod/ | |
| mkdir secrets/dev/ | |
| echo "${{secrets.SAUSAGE_WEB_PRODUCTION_ENV }}" > secrets/prod/sausage-web.production.env | |
| echo "${{secrets.SAUSAGE_WEB_DB_DEV_ENV }}" > secrets/dev/sausage-web-db.dev.env | |
| echo "${{secrets.SAUSAGE_PUBLIC_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-public-frontend.production.env | |
| echo "${{secrets.SAUSAGE_PUBLIC_REDESIGN_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-public-redesign-frontend.production.env | |
| echo "${{secrets.SAUSAGE_ADMIN_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-admin-frontend.production.env | |
| - name: Build - Prep | |
| run: | | |
| mkdir ./build | |
| mkdir ./nginx-prod/build | |
| - name: Public Redesign Frontend - Build | |
| run: docker compose --file build_production.yml run public_redesign | |
| - name: Upload artifact for container build jobs | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build-public-redesign | |
| path: ./nginx-prod/build/public-redesign.tgz | |
| build-django-static: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| - name: Setup Env Vars | |
| run: | | |
| mkdir secrets | |
| mkdir secrets/prod/ | |
| mkdir secrets/dev/ | |
| echo "${{secrets.SAUSAGE_WEB_PRODUCTION_ENV }}" > secrets/prod/sausage-web.production.env | |
| echo "${{secrets.SAUSAGE_WEB_DB_DEV_ENV }}" > secrets/dev/sausage-web-db.dev.env | |
| echo "${{secrets.SAUSAGE_PUBLIC_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-public-frontend.production.env | |
| echo "${{secrets.SAUSAGE_PUBLIC_REDESIGN_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-public-redesign-frontend.production.env | |
| echo "${{secrets.SAUSAGE_ADMIN_FRONTEND_PRODUCTION_ENV }}" > secrets/prod/sausage-admin-frontend.production.env | |
| - name: Build - Prep | |
| run: | | |
| mkdir ./build | |
| mkdir ./nginx-prod/build | |
| - name: Django - Build | |
| run: docker compose --file build_production.yml run django | |
| - name: Upload artifact for container build jobs | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build-django | |
| path: ./nginx-prod/build/django.tgz | |
| build-nginx: | |
| runs-on: ubuntu-latest | |
| # needs: [build-public, build-admin, build-public-redesign, build-django-static] | |
| needs: [build-public-redesign, build-django-static] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build - Prep | |
| run: | | |
| mkdir ./build | |
| mkdir ./nginx-prod/build | |
| - name: Download artifacts for container building | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: ./build/ | |
| - name: Move artifacts | |
| run: | | |
| cp -r ./public-legacy/prod/ ./nginx-prod/build/public-legacy/ | |
| cp -r ./admin-legacy/prod/ ./nginx-prod/build/admin-legacy/ | |
| mv ./build/build-public-redesign/public-redesign.tgz ./nginx-prod/build/public-redesign.tgz | |
| mv ./build/build-django/django.tgz ./nginx-prod/build/django.tgz | |
| - name: Containers - Build Nginx | |
| run: docker build -t keithmoss/demsausage-nginx:production-$GITHUB_SHA -t keithmoss/demsausage-nginx:${{ env.LATEST_IMAGE_TAG }} . | |
| working-directory: nginx-prod | |
| - name: Containers - Push to Docker Hub | |
| run: | | |
| docker push keithmoss/demsausage-nginx --all-tags | |
| build-django: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Containers - Build Django | |
| run: docker build -t keithmoss/demsausage-django:production-$GITHUB_SHA -t keithmoss/demsausage-django:${{ env.LATEST_IMAGE_TAG }} . | |
| working-directory: django | |
| - name: Containers - Push to Docker Hub | |
| run: | | |
| docker push keithmoss/demsausage-django --all-tags | |
| build-rq-dashboard: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Containers - Build RQ Dashboard | |
| run: docker build -t keithmoss/demsausage-rq-dashboard:production-$GITHUB_SHA -t keithmoss/demsausage-rq-dashboard:${{ env.LATEST_IMAGE_TAG }} . | |
| working-directory: rq-dashboard | |
| - name: Containers - Push to Docker Hub | |
| run: | | |
| docker push keithmoss/demsausage-rq-dashboard --all-tags | |
| deploy-app: | |
| runs-on: ubuntu-latest | |
| needs: [build-nginx, build-django, build-rq-dashboard] | |
| steps: | |
| - name: Deploy to Digital Ocean droplet via SSH action | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.SSH_PRODUCTION_HOST }} | |
| username: ${{ secrets.SSH_PRODUCTION_USERNAME }} | |
| key: ${{ secrets.SSH_PRODUCTION_KEY }} | |
| passphrase: ${{ secrets.SSH_PRODUCTION_KEY_PASSPHRASE }} | |
| script: | | |
| cd /apps/digitalocean-stack/ | |
| ./demsausage-production-redeploy.sh |