Deployment (pre-AGM) (#126) #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD Production | |
| on: | |
| push: | |
| branches: [ production ] | |
| workflow_dispatch: | |
| jobs: | |
| build-cms: | |
| name: Build CMS Docker Image | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push | |
| uses: docker/build-push-action@v2 | |
| with: | |
| file: ./apps/cms/docker/staging/Dockerfile | |
| context: . | |
| push: true | |
| tags: | | |
| ghcr.io/${{ github.repository_owner }}/website/cms:${{ github.sha }} | |
| ghcr.io/${{ github.repository_owner }}/website/cms:latest | |
| build-merch: | |
| name: Build Merch Docker Image | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push | |
| uses: docker/build-push-action@v2 | |
| with: | |
| file: ./apps/merch/Dockerfile | |
| context: . | |
| push: true | |
| tags: | | |
| ghcr.io/${{ github.repository_owner }}/website/merch:${{ github.sha }} | |
| ghcr.io/${{ github.repository_owner }}/website/merch:latest | |
| deploy-to-production: | |
| name: Deploy To Production Server | |
| runs-on: ubuntu-22.04 | |
| needs: | |
| - build-cms | |
| - build-merch | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v3 | |
| - name: Deploy and run docker images | |
| env: | |
| PRIVATE_KEY: ${{ secrets.PROD_EC2_PRIVATE_KEY }} | |
| HOSTNAME: ${{ secrets.PROD_EC2_HOSTNAME }} | |
| USER_NAME: ${{ secrets.PROD_EC2_USERNAME }} | |
| run: | | |
| pwd | |
| ls | |
| echo "$PRIVATE_KEY" > private_key && chmod 600 private_key | |
| scp -o StrictHostKeyChecking=no -i private_key ./deployment/docker-compose.yml ${USER_NAME}@${HOSTNAME}:/home/ubuntu/deployment | |
| ssh -o StrictHostKeyChecking=no -i private_key ${USER_NAME}@${HOSTNAME} ' | |
| cd /home/ubuntu/deployment && | |
| docker system prune --force && | |
| docker compose pull && | |
| docker compose up -d | |
| ' | |
| build-web: | |
| name: Build Web next.js app | |
| runs-on: ubuntu-22.04 | |
| needs: | |
| - deploy-to-production | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v3 | |
| - name: Setup Node.js environment | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 16 | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn install --prefer-offline --frozen-lockfile | |
| - name: Cache next.js build | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ${{ github.workspace }}/apps/web/.next/cache | |
| # Generate a new cache whenever packages or source files change. | |
| key: CD-Production-${{ runner.os }}-nextjs-${{ hashFiles('**/yarn.lock') }}-${{ hashFiles('**/*.[jt]s', '**/*.[jt]sx') }} | |
| # If source files changed but packages didn't, rebuild from a prior cache. | |
| restore-keys: | | |
| ${{ runner.os }}-nextjs-${{ hashFiles('**/yarn.lock') }}- | |
| - name: Build web | |
| run: yarn turbo run build --filter=web | |
| env: | |
| WORDPRESS_API_URL: 'https://clubs.ntu.edu.sg/csec/graphql' | |
| NEXT_PUBLIC_MERCH_API_ORIGIN: 'https://merch.ntuscse.com' | |
| - name: Cache CD Production workflow for dependent jobs | |
| uses: actions/cache/save@v3 | |
| with: | |
| path: . | |
| key: CD-Production-${{ runner.os }}-${{ github.ref }}-${{ github.run_id }} | |
| deploy-to-vercel: | |
| name: Deploy To Vercel | |
| runs-on: ubuntu-22.04 | |
| needs: | |
| - deploy-to-production | |
| - build-web | |
| permissions: | |
| deployments: write | |
| env: | |
| VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }} | |
| VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} | |
| VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID_WEB }} | |
| steps: | |
| - name: Get build cache | |
| uses: actions/cache/restore@v3 | |
| with: | |
| path: . | |
| key: CD-Production-${{ runner.os }}-${{ github.ref }}-${{ github.run_id }} | |
| fail-on-cache-miss: true | |
| - name: Install Vercel CLI | |
| run: npm install --global vercel@latest | |
| - name: Pull Vercel Environment Information | |
| run: vercel pull --yes --environment=production --token=${{ secrets.VERCEL_TOKEN }} | |
| - name: Copy Build Artifacts to .vercel dir | |
| run: vercel build --token=${{ secrets.VERCEL_TOKEN }} | |
| - name: Deploy Project Artifacts to Vercel | |
| id: deploy-to-vercel | |
| run: | | |
| DEPLOYMENT_URL=$(vercel deploy --prebuilt --token=${{ secrets.VERCEL_TOKEN }}) | |
| echo "deployment-url=$DEPLOYMENT_URL" >> "$GITHUB_OUTPUT" | |
| - name: Print Deployment URL | |
| env: | |
| DEPLOYMENT_URL: ${{ steps.deploy-to-vercel.outputs.deployment-url }} | |
| run: echo $DEPLOYMENT_URL | |
| - uses: chrnorm/deployment-action@v2 | |
| name: Create GitHub deployment | |
| id: deployment | |
| with: | |
| token: '${{ github.token }}' | |
| environment-url: '${{ steps.deploy-to-vercel.outputs.deployment-url }}' | |
| environment: Production - website | |
| - name: Update deployment status (success) | |
| if: success() | |
| uses: chrnorm/deployment-status@v2 | |
| with: | |
| token: '${{ github.token }}' | |
| environment-url: '${{ steps.deploy-to-vercel.outputs.deployment-url }}' | |
| state: 'success' | |
| deployment-id: ${{ steps.deployment.outputs.deployment_id }} | |
| - name: Update deployment status (failure) | |
| if: failure() | |
| uses: chrnorm/deployment-status@v2 | |
| with: | |
| token: '${{ github.token }}' | |
| state: 'failure' | |
| deployment-id: ${{ steps.deployment.outputs.deployment_id }} |