Skip to content

new domain holons.energy #215

new domain holons.energy

new domain holons.energy #215

name: Build and deploy
on:
push:
branches:
- main
- production
- acceptance
workflow_dispatch:
permissions:
contents: read
packages: write
jobs:
variables:
runs-on: ubuntu-latest
outputs:
result: ${{ steps.variables.outputs.result }}
tag: ${{ steps.tag.outputs.result }}
steps:
- uses: actions/checkout@v3
- name: Variables
uses: actions/github-script@v6
id: variables
with:
script: |
const getVariables = require('./.github/workflows/get-variables.js')
return getVariables('${{ github.ref_name }}')
- name: Tag
uses: actions/github-script@v6
id: tag
with:
result-encoding: string
script: return '${{ github.ref_name }}-${{ github.run_number }}'
build-and-push-images:
runs-on: ubuntu-latest
## Ideally we shouldn't expose environment variables for runtime during build time.
## This is necessary just to bundle the backend URL in the browser JavaScript.
needs: variables
steps:
- name: Check out repository
uses: actions/checkout@main
# Create environment variables ACTIONS_RUNTIME_TOKEN and ACTIONS_CACHE_URL
# to let docker access the cache.
- name: Expose variables
uses: crazy-max/ghaction-github-runtime@v2
- name: Log in GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Need to use driver --driver=docker-container to use GitHub cache integration.
# The GitHub cache is per-branch.
- name: Docker build and push
run: docker buildx create --use --driver=docker-container
- run: >
docker buildx build ./src
--file ./src/prod.Dockerfile
--target wagtail
--cache-to type=gha,mode=min,scope=${{ github.ref_name }}-wagtail
--cache-from type=gha,scope=${{ github.ref_name }}-wagtail
--tag ghcr.io/zenmo/holon-wagtail:${{ needs.variables.outputs.tag }}
--push
- run: >
docker buildx build ./frontend
--file ./frontend/prod.Dockerfile
--build-arg NEXT_PUBLIC_WAGTAIL_API_URL=https://${{ fromJson(needs.variables.outputs.result).WAGTAIL_HOSTNAME }}/wt/api/nextjs
--cache-to type=gha,mode=min,scope=${{ github.ref_name }}-nextjs
--cache-from type=gha,scope=${{ github.ref_name }}-nextjs
--tag ghcr.io/zenmo/holon-nextjs:${{ needs.variables.outputs.tag }}
--push
deploy-swarm:
runs-on: ubuntu-latest
environment: ${{ fromJson(needs.variables.outputs.result).GITHUB_ENVIRONMENT }}
needs:
- build-and-push-images
- variables
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
sparse-checkout: docker
- name: Deploy to Docker Swarm
uses: sagebind/docker-swarm-deploy-action@v2
env:
# Shared
TAG: ${{ needs.variables.outputs.tag }}
WAGTAIL_HOSTNAME: ${{ fromJson(needs.variables.outputs.result).WAGTAIL_HOSTNAME }}
# Wagtail
AZURE_STORAGE_KEY: ${{ secrets.AZURE_STORAGE_KEY }}
MEDIA_LOCATION: ${{ fromJson(needs.variables.outputs.result).MEDIA_LOCATION }}
STATIC_LOCATION: ${{ fromJson(needs.variables.outputs.result).STATIC_LOCATION }}
DB_USER: ${{ fromJson(needs.variables.outputs.result).DB_USER }}
DB_NAME: ${{ fromJson(needs.variables.outputs.result).DB_NAME }}
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
RETURN_SCENARIO: ${{ fromJson(needs.variables.outputs.result).RETURN_SCENARIO }}
SECRET_KEY: "${{ secrets.SECRET_KEY }}"
SENTRY_ENVIRONMENT: ${{ fromJson(needs.variables.outputs.result).SENTRY_ENVIRONMENT }}
DOMAIN_HOST: ${{ fromJson(needs.variables.outputs.result).DOMAIN_HOST }}
EMAIL_HOST_PASSWORD: ${{ secrets.EMAIL_HOST_PASSWORD }}
# NextJS
NEXT_HOSTNAME: ${{ fromJson(needs.variables.outputs.result).NEXT_HOSTNAME }}
NEXT_REDIRECT_HOSTS: ${{ fromJson(needs.variables.outputs.result).NEXT_REDIRECT_HOSTS }}
NEXT_PUBLIC_TINY_URL_API_KEY: ${{ secrets.TINY_URL_API_KEY }}
with:
remote_host: ssh://[email protected]
ssh_private_key: ${{ secrets.SWARM_SSH_PRIVATE_KEY }}
ssh_public_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ1E4LUG22qgzc8U7oNYGWCn0cyA31+iyX2pck9wcPMS
args: stack deploy --compose-file ./docker/compose-prod.yaml holon-${{ fromJson(needs.variables.outputs.result).GITHUB_ENVIRONMENT }}