-
Notifications
You must be signed in to change notification settings - Fork 1
210 lines (173 loc) · 6.6 KB
/
deploy-dev.yml
File metadata and controls
210 lines (173 loc) · 6.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
name: Deploy to Azure (Dev)
on:
push:
branches:
- dev
workflow_dispatch:
env:
DOCKER_BUILDKIT: 1
COMPOSE_DOCKER_CLI_BUILD: 1
jobs:
deploy:
name: Deploy Backend to Azure
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: dev
- name: Setup SSH Key
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan -H ${{ secrets.HOST }} >> ~/.ssh/known_hosts
- name: Create .env file on server
run: |
ssh ${{ secrets.USERNAME }}@${{ secrets.HOST }} << 'EOF'
mkdir -p ~/verifydev-backend
cat > ~/verifydev-backend/.env << 'ENVEOF'
${{ secrets.BACKEND_ENV_FILE }}
ENVEOF
EOF
- name: Setup GitHub Deploy Key on Server
run: |
ssh ${{ secrets.USERNAME }}@${{ secrets.HOST }} << 'EOF'
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# Add GitHub to known_hosts
ssh-keyscan -H github.com >> ~/.ssh/known_hosts 2>/dev/null || true
# Setup GitHub deploy key if not already present
if [ ! -f ~/.ssh/github_deploy_key ]; then
echo "Setting up GitHub deploy key..."
cat > ~/.ssh/github_deploy_key << 'KEYEOF'
${{ secrets.DEPLOY_SSH_KEY }}
KEYEOF
chmod 600 ~/.ssh/github_deploy_key
# Configure SSH to use deploy key for GitHub
cat > ~/.ssh/config << 'SSHEOF'
Host github.com
HostName github.com
User git
IdentityFile ~/.ssh/github_deploy_key
StrictHostKeyChecking no
SSHEOF
chmod 600 ~/.ssh/config
fi
EOF
- name: Deploy application
run: |
ssh ${{ secrets.USERNAME }}@${{ secrets.HOST }} << 'EOF'
set -e
# Ensure GitHub is in known_hosts
mkdir -p ~/.ssh
ssh-keyscan -H github.com >> ~/.ssh/known_hosts 2>/dev/null || true
# Create and navigate to project directory
mkdir -p ~/verifydev-backend
cd ~/verifydev-backend
# Handle repository setup
if [ -d ".git" ]; then
echo "Updating existing repository..."
git fetch origin
git checkout dev
git reset --hard origin/dev
git pull origin dev
else
# Check if directory has files but no git repo
if [ "$(ls -A)" ]; then
echo "Directory exists but is not a git repository. Cleaning up..."
rm -rf ./*
rm -rf ./.??*
fi
echo "Cloning repository..."
git clone -b dev git@github.com:${{ github.repository }}.git .
fi
# Stop existing containers
echo "Stopping existing containers..."
docker-compose down || true
# Remove old images to free up space (optional)
echo "Cleaning up old images..."
docker image prune -af --filter "until=24h" || true
# Pull latest base images
echo "Pulling latest base images..."
docker-compose pull || true
# Build and start services
echo "Building and starting services..."
docker-compose up -d --build
# Wait for services to be healthy
echo "Waiting for services to be healthy..."
sleep 30
# Check service status
echo "Service status:"
docker-compose ps
# Show logs for debugging
echo "Recent logs:"
docker-compose logs --tail=50
# Cleanup
echo "Cleaning up unused resources..."
docker system prune -f || true
echo "Deployment completed successfully!"
EOF
- name: Verify deployment
run: |
ssh ${{ secrets.USERNAME }}@${{ secrets.HOST }} << 'EOF'
cd ~/verifydev-backend
# Check if all services are running
RUNNING_SERVICES=$(docker-compose ps --services --filter "status=running" | wc -l)
TOTAL_SERVICES=$(docker-compose ps --services | wc -l)
echo "Running services: $RUNNING_SERVICES / $TOTAL_SERVICES"
if [ "$RUNNING_SERVICES" -lt "$TOTAL_SERVICES" ]; then
echo "Warning: Not all services are running!"
docker-compose ps
exit 1
fi
echo "All services are running successfully!"
EOF
- name: Cleanup SSH
if: always()
run: |
rm -f ~/.ssh/id_rsa
- name: Send deployment notification
if: always()
run: |
if [ "${{ job.status }}" == "success" ]; then
echo "✅ Deployment to Azure (Dev) completed successfully!"
else
echo "❌ Deployment to Azure (Dev) failed!"
fi
health-check:
name: Health Check
needs: deploy
runs-on: ubuntu-latest
steps:
- name: Setup SSH for health check
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan -H ${{ secrets.HOST }} >> ~/.ssh/known_hosts
- name: Wait for services to stabilize
run: sleep 60
- name: Check Gateway Health
run: |
RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" http://${{ secrets.HOST }}:8000/health || echo "000")
if [ "$RESPONSE" == "200" ] || [ "$RESPONSE" == "000" ]; then
echo "✅ Gateway is healthy (or health endpoint not configured)"
else
echo "⚠️ Gateway returned status code: $RESPONSE"
fi
- name: Check Auth Service
run: |
ssh ${{ secrets.USERNAME }}@${{ secrets.HOST }} << 'EOF'
CONTAINER_STATUS=$(docker inspect -f '{{.State.Status}}' verifydev-auth 2>/dev/null || echo "not found")
if [ "$CONTAINER_STATUS" == "running" ]; then
echo "✅ Auth service is running"
else
echo "❌ Auth service status: $CONTAINER_STATUS"
exit 1
fi
EOF
- name: Cleanup SSH
if: always()
run: |
rm -f ~/.ssh/id_rsa