-
Notifications
You must be signed in to change notification settings - Fork 8
145 lines (129 loc) · 4.48 KB
/
deploy_workflow_prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: Deploy project to prod server
on:
pull_request:
branches:
- master
types:
- closed
workflow_dispatch:
env:
REGISTRY: ghcr.io
REP_OWNER: studio-yandex-practicum
IMAGE_NAME: you_can_bot
DEPLOY_PATH: ~/you_can_bot
defaults:
run:
working-directory: .
jobs:
testing:
environment:
name: prod
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout@v4
with:
ref: master
- name: Setup Poetry
uses: Gr1N/setup-poetry@v9
with:
poetry-version: "1.8.2"
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install dependencies
run: |
poetry install
- name: Django tests
env:
NEED_SQLITE: True
run: |
poetry run python src/backend/manage.py test src/backend
- name: Bot tests
env:
NEED_SQLITE: True
run: |
cd src/bot
poetry run python -m unittest
build-and-push-image-to-github-packages:
environment:
name: prod
name: Push Docker image to GitHub Packages
runs-on: ubuntu-latest
needs: testing
permissions:
contents: read
packages: write
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: master
- name: GitHub Packages login
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
USERNAME: ${{ github.actor }}
GITHUB: ${{ env.REGISTRY }}
run: echo "$GITHUB_TOKEN" | docker login "${GITHUB}" -u "${USERNAME}" --password-stdin
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
file: Dockerfile
push: true
tags: |
${{ env.REGISTRY }}/${{ env.REP_OWNER }}/${{ env.IMAGE_NAME }}:prod
deploy:
name: Deploy changes on server
runs-on: ubuntu-latest
environment:
name: prod
needs: build-and-push-image-to-github-packages
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: master
- name: Copy docker compose file to server
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.SSH_USER }}
password: ${{ secrets.SSH_PASSWORD }}
source: "./infra/docker-compose.prod.yml, ./infra/default.prod.conf"
target: ${{ env.DEPLOY_PATH }}
- name: Executing remote ssh commands to deploy
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.SSH_USER }}
password: ${{ secrets.SSH_PASSWORD }}
script: |
cd ${{ env.DEPLOY_PATH }}
echo POSTGRES_DB=${{ secrets.POSTGRES_DB }} > .env
echo POSTGRES_USER=${{ secrets.POSTGRES_USER }} >> .env
echo POSTGRES_PASSWORD='${{ secrets.POSTGRES_PASSWORD }}' >> .env
echo SECRET_KEY='${{ secrets.SECRET_KEY }}' >> .env
echo DEBUG=${{ vars.DEBUG }} >> .env
echo ALLOWED_HOSTS=${{ secrets.DJANGO_ALLOWED_HOSTS }} >> .env
echo HOST=${{ secrets.HOST }} >> .env
echo CERT_EMAIL=${{ secrets.CERT_EMAIL }} >> .env
echo DOMAIN=${{ secrets.DOMAIN }} >> .env
echo INTERNAL_API_URL=${{ secrets.INTERNAL_API_URL }} >> .env
echo YOUCANBY_TOKEN=${{ secrets.YOUCANBY_TOKEN }} >> .env
echo YOUCANBY_URL=${{ secrets.YOUCANBY_URL }} >> .env
echo ROBOTGURU_TOKEN=${{ secrets.ROBOTGURU_TOKEN }} >> .env
echo ROBOTGURU_URL=${{ secrets.ROBOTGURU_URL }} >> .env
echo TOKEN=${{ secrets.TOKEN }} >> .env
echo EXTERNAL_REQUESTS_ARE_MOCK=${{ vars.EXTERNAL_REQUESTS_ARE_MOCK }} >> .env
echo MAIN_MENTOR_ID=${{ secrets.MAIN_MENTOR_ID }} >> .env
echo DEVELOPER_CHAT_ID=${{ secrets.DEVELOPER_CHAT_ID }} >> .env
docker pull ${{ env.REGISTRY }}/${{ env.REP_OWNER }}/${{ env.IMAGE_NAME }}:prod
docker image prune -f
docker compose -f infra/docker-compose.prod.yml stop nginx backend bot db
docker compose -f infra/docker-compose.prod.yml rm backend -f
docker compose -f infra/docker-compose.prod.yml rm bot -f
docker compose --env-file .env -f infra/docker-compose.prod.yml up -d
docker exec backend python backend/manage.py migrate
docker exec backend python backend/manage.py collectstatic --noinput