new domain holons.energy #214
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and deploy to Azure Container Apps | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - production | |
| - acceptance | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| variables: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| result: ${{ steps.variables.outputs.result }} | |
| tag: ${{ steps.tag.outputs.result }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Variables | |
| uses: actions/github-script@v6 | |
| id: variables | |
| with: | |
| script: | | |
| const getVariables = require('./.github/workflows/get-variables.js') | |
| return getVariables('${{ github.ref_name }}') | |
| - name: Tag | |
| uses: actions/github-script@v6 | |
| id: tag | |
| with: | |
| result-encoding: string | |
| script: return '${{ github.ref_name }}-${{ github.run_number }}' | |
| build-and-push-images: | |
| runs-on: ubuntu-latest | |
| ## Ideally we shouldn't expose environment variables for runtime during build time. | |
| ## This is necessary just to bundle the backend URL in the browser JavaScript. | |
| needs: variables | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@main | |
| # Create environment variables ACTIONS_RUNTIME_TOKEN and ACTIONS_CACHE_URL | |
| # to let docker access the cache. | |
| - name: Expose variables | |
| uses: crazy-max/ghaction-github-runtime@v2 | |
| - name: Log in GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Need to use driver --driver=docker-container to use GitHub cache integration. | |
| # The GitHub cache is per-branch. | |
| - name: Docker build and push | |
| run: docker buildx create --use --driver=docker-container | |
| - run: > | |
| docker buildx build ./src | |
| --file ./src/prod.Dockerfile | |
| --target wagtail | |
| --cache-to type=gha,mode=min,scope=${{ github.ref_name }}-wagtail | |
| --cache-from type=gha,scope=${{ github.ref_name }}-wagtail | |
| --tag ghcr.io/zenmo/holon-wagtail:${{ needs.variables.outputs.tag }} | |
| --push | |
| - run: > | |
| docker buildx build ./frontend | |
| --file ./frontend/prod.Dockerfile | |
| --build-arg NEXT_PUBLIC_WAGTAIL_API_URL=https://${{ fromJson(needs.variables.outputs.result).WAGTAIL_HOSTNAME }}/wt/api/nextjs | |
| --cache-to type=gha,mode=min,scope=${{ github.ref_name }}-nextjs | |
| --cache-from type=gha,scope=${{ github.ref_name }}-nextjs | |
| --tag ghcr.io/zenmo/holon-nextjs:${{ needs.variables.outputs.tag }} | |
| --push | |
| deploy-swarm: | |
| runs-on: ubuntu-latest | |
| environment: ${{ fromJson(needs.variables.outputs.result).GITHUB_ENVIRONMENT }} | |
| needs: | |
| - build-and-push-images | |
| - variables | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| with: | |
| sparse-checkout: docker | |
| - name: Deploy to Docker Swarm | |
| uses: sagebind/docker-swarm-deploy-action@v2 | |
| env: | |
| # Shared | |
| TAG: ${{ needs.variables.outputs.tag }} | |
| WAGTAIL_HOSTNAME: ${{ fromJson(needs.variables.outputs.result).WAGTAIL_HOSTNAME }} | |
| # Wagtail | |
| AZURE_STORAGE_KEY: ${{ secrets.AZURE_STORAGE_KEY }} | |
| MEDIA_LOCATION: ${{ fromJson(needs.variables.outputs.result).MEDIA_LOCATION }} | |
| STATIC_LOCATION: ${{ fromJson(needs.variables.outputs.result).STATIC_LOCATION }} | |
| DB_USER: ${{ fromJson(needs.variables.outputs.result).DB_USER }} | |
| DB_NAME: ${{ fromJson(needs.variables.outputs.result).DB_NAME }} | |
| DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
| RETURN_SCENARIO: ${{ fromJson(needs.variables.outputs.result).RETURN_SCENARIO }} | |
| SECRET_KEY: "${{ secrets.SECRET_KEY }}" | |
| SENTRY_ENVIRONMENT: ${{ fromJson(needs.variables.outputs.result).SENTRY_ENVIRONMENT }} | |
| DOMAIN_HOST: ${{ fromJson(needs.variables.outputs.result).DOMAIN_HOST }} | |
| EMAIL_HOST_PASSWORD: ${{ secrets.EMAIL_HOST_PASSWORD }} | |
| # NextJS | |
| NEXT_HOSTNAME: ${{ fromJson(needs.variables.outputs.result).NEXT_HOSTNAME }} | |
| NEXT_REDIRECT_HOSTS: ${{ fromJson(needs.variables.outputs.result).NEXT_REDIRECT_HOSTS }} | |
| NEXT_PUBLIC_TINY_URL_API_KEY: ${{ secrets.TINY_URL_API_KEY }} | |
| with: | |
| remote_host: ssh://[email protected] | |
| ssh_private_key: ${{ secrets.SWARM_SSH_PRIVATE_KEY }} | |
| ssh_public_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ1E4LUG22qgzc8U7oNYGWCn0cyA31+iyX2pck9wcPMS | |
| args: stack deploy --compose-file ./docker/compose-prod.yaml holon-${{ fromJson(needs.variables.outputs.result).GITHUB_ENVIRONMENT }} |