Merge pull request #33 from devsargam/chore/env #79
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy FRONTEND | |
| env: | |
| PROJECT_NAME: qat | |
| PROJECT_TYPE: frontend | |
| WORKING_DIRECTORY: frontend | |
| CURR_WORKING_DIRECTORY: ./frontend | |
| DEV_APP_PORT: 4000 | |
| DEV_DOMAIN_NAME: qat-dev.hsingh.site | |
| PROD_APP_PORT: 4001 | |
| PROD_DOMAIN_NAME: qat.hsingh.site | |
| ENABLE_CACHE: false | |
| ENABLE_CACHE_CONTROL: false | |
| ENABLE_RATE_LIMITING: false | |
| DEV_DOTENV_KEY: ${{ secrets.DEV_FRONTEND_DOTENV_KEY }} | |
| PROD_DOTENV_KEY: ${{ secrets.PROD_FRONTEND_DOTENV_KEY }} | |
| DEV_SERVER_USER: ${{ secrets.DEV_SERVER_USER }} | |
| DEV_SERVER_IP: ${{ secrets.DEV_SERVER_IP }} | |
| DEV_SERVER_PASSWORD: ${{ secrets.DEV_SERVER_PASSWORD }} | |
| PROD_SERVER_USER: ${{ secrets.PROD_SERVER_USER }} | |
| PROD_SERVER_IP: ${{ secrets.PROD_SERVER_IP }} | |
| PROD_SERVER_PASSWORD: ${{ secrets.PROD_SERVER_PASSWORD }} | |
| on: | |
| push: | |
| branches: | |
| - '*' | |
| # paths: | |
| # - './frontend' | |
| workflow_dispatch: {} | |
| jobs: | |
| build: | |
| timeout-minutes: 30 | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: ${{ env.CURR_WORKING_DIRECTORY }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 'latest' | |
| - name: Cache Node.js packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.pnpm-store | |
| key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm- | |
| - run: npm install -g pnpm | |
| - run: pnpm install --no-frozen-lockfile | |
| - run: pnpm run lint | |
| - run: pnpm run build | |
| deploy: | |
| timeout-minutes: 30 | |
| needs: [build] | |
| runs-on: ubuntu-latest | |
| if: (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/main') && success() | |
| defaults: | |
| run: | |
| working-directory: ${{ env.CURR_WORKING_DIRECTORY }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set environment variables for Dev | |
| if: github.ref == 'refs/heads/dev' | |
| run: | | |
| echo "SERVER_USER=${{ env.DEV_SERVER_USER }}" >> $GITHUB_ENV | |
| echo "SERVER_IP=${{ env.DEV_SERVER_IP }}" >> $GITHUB_ENV | |
| echo "SERVER_PASSWORD=${{ env.DEV_SERVER_PASSWORD }}" >> $GITHUB_ENV | |
| echo "ENVIRONMENT=dev" >> $GITHUB_ENV | |
| echo "APP_PORT=${{ env.DEV_APP_PORT }}" >> $GITHUB_ENV | |
| echo "DOMAIN_NAME=${{ env.DEV_DOMAIN_NAME }}" >> $GITHUB_ENV | |
| echo "DOTENV_KEY=${{ env.DEV_DOTENV_KEY }}" >> $GITHUB_ENV | |
| echo "${{ secrets.DEV_ENV}}" > .env | |
| - name: Set environment variables for Prod | |
| if: github.ref != 'refs/heads/dev' | |
| run: | | |
| echo "SERVER_USER=${{ env.PROD_SERVER_USER }}" >> $GITHUB_ENV | |
| echo "SERVER_IP=${{ env.PROD_SERVER_IP }}" >> $GITHUB_ENV | |
| echo "SERVER_PASSWORD=${{ env.PROD_SERVER_PASSWORD }}" >> $GITHUB_ENV | |
| echo "ENVIRONMENT=prod" >> $GITHUB_ENV | |
| echo "APP_PORT=${{ env.PROD_APP_PORT }}" >> $GITHUB_ENV | |
| echo "DOMAIN_NAME=${{ env.PROD_DOMAIN_NAME }}" >> $GITHUB_ENV | |
| echo "DOTENV_KEY=${{ env.PROD_DOTENV_KEY }}" >> $GITHUB_ENV | |
| echo "${{ secrets.PROD_ENV}}" > .env | |
| - name: SSH and Prepare Server | |
| uses: appleboy/[email protected] | |
| with: | |
| timeout: 120s | |
| host: ${{ env.SERVER_IP }} | |
| username: ${{ env.SERVER_USER }} | |
| password: ${{ env.SERVER_PASSWORD }} | |
| script: | | |
| SITE_PATH="/home/${{ env.SERVER_USER }}/sites/${{ env.PROJECT_NAME }}/${{ env.ENVIRONMENT }}/${{ env.WORKING_DIRECTORY }}" | |
| rm -rf $SITE_PATH | |
| mkdir -p $SITE_PATH | |
| - name: SCP to Server | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ env.SERVER_IP }} | |
| username: ${{ env.SERVER_USER }} | |
| password: ${{ env.SERVER_PASSWORD }} | |
| source: ${{ env.CURR_WORKING_DIRECTORY }} | |
| target: /home/${{ env.SERVER_USER }}/sites/${{ env.PROJECT_NAME }}/${{ env.ENVIRONMENT }} | |
| - name: Deploy | |
| uses: appleboy/[email protected] | |
| with: | |
| timeout: 120s | |
| host: ${{ env.SERVER_IP }} | |
| username: ${{ env.SERVER_USER }} | |
| password: ${{ env.SERVER_PASSWORD }} | |
| script: | | |
| SITE_PATH="/home/${{ env.SERVER_USER }}/sites/${{ env.PROJECT_NAME }}/${{ env.ENVIRONMENT }}/${{ env.WORKING_DIRECTORY }}" | |
| cd $SITE_PATH | |
| pnpm install | |
| pnpm run build | |
| pm2 delete ${{ env.PROJECT_NAME }}_${{ env.ENVIRONMENT }}_${{ env.PROJECT_TYPE }} | |
| if [ "${{ env.ENVIRONMENT }}" = "dev" ]; then | |
| pnpm run start-pm2-dev | |
| else | |
| pnpm run start-pm2-prod | |
| fi | |
| ansible-playbook /home/${{ env.SERVER_USER }}/ansible/set_nginx_conf.ansible.yml -e "ansible_become_pass=${{ env.SERVER_PASSWORD }} env_type=${{ env.ENVIRONMENT }} project_name=${{ env.PROJECT_NAME }} project_type=${{ env.PROJECT_TYPE }} app_port=${{ env.APP_PORT }} working_directory=${{ env.WORKING_DIRECTORY }} server_name=${{ env.DOMAIN_NAME }} enable_rate_limiting=${{env.ENABLE_RATE_LIMITING}} rate_burst=${{env.RATE_BURST}} enable_cache=${{env.ENABLE_CACHE}} enable_cache_control=${{env.ENABLE_CACHE_CONTROL}}" |