Create new workflow file #174
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: | |
push: | |
branches: | |
- '*' | |
pull_request: | |
branches: | |
- '*' | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
env: | |
CI: false | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
# - name: Run Docker Compose | |
# run: | | |
# cp .env.example .env | |
# docker-compose -f docker-compose.yml up -d | |
- name: Authenticate to Google Cloud | |
uses: google-github-actions/auth@v2 | |
with: | |
credentials_json: ${{ secrets.GCP_SA_KEY }} | |
- name: Set up gcloud CLI | |
uses: google-github-actions/auth@v2 | |
with: | |
credentials_json: ${{ secrets.GCP_SA_KEY }} | |
- name: SSH into the VM | |
run: | | |
gcloud compute ssh ${{ secrets.GCP_INSTANCE_NAME}} --zone=${{ secrets.GCP_ZONE }} --command ' | |
ls -l | |
' | |
- name: SSH into the VM and clone the repo and install all dependencies | |
run: | | |
REPO_PATH=~ | |
repo_name=$(echo "${{ github.repository }}" | cut -d '/' -f 2) | |
# SSH into the VM and clone the repo if not exists | |
gcloud compute ssh ${{ secrets.GCP_INSTANCE_NAME}} --zone=${{ secrets.GCP_ZONE }} --command " | |
REPO_PATH=\$HOME | |
if [ ! -d \"\$REPO_PATH/$repo_name\" ]; then | |
git clone https://github.com/${{ github.repository }}.git \$REPO_PATH/$repo_name && | |
cd \$REPO_PATH/$repo_name && | |
sudo apt-get update && | |
sudo apt-get install -y nginx && | |
sudo service nginx status && | |
sudo apt update && | |
sudo apt install -y apt-transport-https ca-certificates curl software-properties-common && | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - && | |
sudo add-apt-repository \"deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable\" && | |
apt-cache policy docker-ce && | |
sudo apt install -y docker-ce && | |
sudo systemctl status docker && | |
sudo curl -L \"https://github.com/docker/compose/releases/download/1.29.2/docker-compose-\$(uname -s)-\$(uname -m)\" -o /usr/local/bin/docker-compose && | |
sudo chmod +x /usr/local/bin/docker-compose && | |
docker-compose --version | |
else | |
echo \"Repository already exists. Skipping clone.\" | |
fi | |
" | |
- name: SSH into the VM and build the Docker image | |
run: | | |
REPO_PATH=~ | |
branch_name=$(echo "${{ github.ref }}" | sed 's/refs\/heads\///') | |
repo_name=$(echo "${{ github.repository }}" | cut -d '/' -f 2) | |
gcloud compute ssh ${{ secrets.GCP_INSTANCE_NAME}} --zone=${{ secrets.GCP_ZONE }} --command " | |
REPO_PATH=\$HOME | |
cd \$REPO_PATH/$repo_name && | |
git checkout $branch_name && | |
cp .env.example .env && | |
sudo docker-compose -f docker-compose.yml up -d" | |
- name: SSH into the VM and edit the nginx file | |
run: | | |
gcloud compute ssh ${{ secrets.GCP_INSTANCE_NAME}} --zone=${{ secrets.GCP_ZONE }} --command " | |
cd /etc/nginx/sites-enabled && | |
sudo sh -c grep -E '^\s*try_files \$uri \$uri/ =404;' /etc/nginx/sites-enabled/default | grep -E -v '^\s*#' | sudo sed -i '/^\s*try_files \$uri \$uri\/ =404;/a \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ proxy_pass http:\/\/localhost:8000;' default && | |
sudo sh -c grep -E '^\s*try_files \$uri \$uri/ =404;' /etc/nginx/sites-enabled/default | grep -E -v '^\s*#' | sudo sed -i 's/^\(\s*try_files \$uri \$uri\/ =404;\)/# \1/' default && | |
sudo systemctl restart nginx | |
" | |
# - name: SSH into the VM and install certbot for https | |
# env: | |
# DOMAIN_SECRET: ${{secrets.DOMAIN_SECRET}} | |
# run: | | |
# gcloud compute ssh ${{ secrets.GCP_INSTANCE_NAME }} --zone=${{ secrets.GCP_ZONE }} --command " | |
# sudo apt update && | |
# sudo apt install -y nginx && | |
# cd /etc/nginx/sites-enabled && | |
# sudo sed -i 's/server_name _;/server_name $DOMAIN_SECRET;/' default && | |
# if [ ! -e /usr/bin/certbot ]; then | |
# sudo snap install --classic certbot && | |
# sudo ln -s /snap/bin/certbot /usr/bin/certbot; | |
# fi && | |
# echo -e '\n' | echo -e ${{secrets.EMAIL}} | sudo certbot --nginx && | |
# echo 'Y' && | |
# sudo systemctl restart nginx | |
# " | |