Run templ generate #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deployment | |
on: | |
push: | |
branches: | |
- main | |
- nickclyde/deployment-workflow | |
permissions: | |
id-token: write | |
jobs: | |
deploy: | |
name: Deploy phinvads-go | |
runs-on: ubuntu-latest | |
environment: main | |
steps: | |
- name: Check out changes | |
uses: actions/checkout@v4 | |
- name: Azure CLI Login | |
uses: azure/login@v2 | |
with: | |
client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
- name: Allow GitHub Runner IP | |
run: | | |
set -eu | |
agentIP=$(curl -s https://api.ipify.org/) | |
az network nsg rule create \ | |
--resource-group phinvads-go \ | |
--nsg-name phinvads-go-nsg \ | |
--name AllowSSHFromGitHubActions \ | |
--priority 200 \ | |
--direction Inbound \ | |
--access Allow \ | |
--protocol Tcp \ | |
--destination-port-ranges 22 \ | |
--source-address-prefixes $agentIP \ | |
--destination-address-prefixes '*' \ | |
--description "Allow SSH from GitHub Actions" | |
sleep 30 | |
- name: Deploy phinvads-go to VM | |
env: | |
AZURE_VM_IP: ${{ secrets.AZURE_VM_IP }} | |
AZURE_VM_SSH_KEY: ${{ secrets.AZURE_VM_SSH_KEY }} | |
run: | | |
go mod tidy | |
templ generate | |
go build -o phinvads-go ./cmd/phinvads-go | |
scp -i <(echo "$AZURE_VM_SSH_KEY") ./phinvads-go azureuser@${AZURE_VM_IP}:/home/azureuser/phinvads-go | |
- name: Disallow GitHub Runner IP | |
run: | | |
set -eu | |
agentIP=$(curl -s https://api.ipify.org/) | |
az network nsg rule remove \ | |
--resource-group phinvads-go \ | |
--nsg-name phinvads-go-nsg \ | |
--name AllowSSHFromGitHubActions |