seperate build and deploy steps #155
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Backend CI and CD | |
| on: | |
| push: | |
| paths: | |
| - .github/** | |
| - backend/** | |
| pull_request: | |
| paths: | |
| - .github/** | |
| - backend/** | |
| defaults: | |
| run: | |
| working-directory: ./backend | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: backend | |
| EC2_SSH_ADDRESS: ${{ secrets.EC2_SSH_ADDRESS }} | |
| EC2_SSH_ENDPOINT: ${{ secrets.EC2_SSH_USER }}@${{ secrets.EC2_SSH_ADDRESS }} | |
| jobs: | |
| ci: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.23.x' | |
| - name: Run unit tests | |
| run: | | |
| go test ./... -v -race -cover | |
| - name: Build image | |
| uses: ./.github/actions/docker-build | |
| with: | |
| context: ./backend | |
| dockerfile: ./backend/Dockerfile | |
| image-name: ${{ env.IMAGE_NAME }} | |
| target: production | |
| push: false | |
| container-registry: ${{ env.REGISTRY }} | |
| build-and-push-images: | |
| runs-on: ubuntu-latest | |
| if: ${{ format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }} | |
| permissions: | |
| packages: write | |
| contents: read | |
| needs: | |
| - ci | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Build and push image | |
| uses: ./.github/actions/docker-build | |
| with: | |
| context: ./backend | |
| dockerfile: ./backend/Dockerfile | |
| image-name: ${{ env.IMAGE_NAME }} | |
| target: production | |
| push: true | |
| container-registry: ${{ env.REGISTRY }} | |
| container-registry-username: ${{ github.actor }} | |
| container-registry-password: ${{ secrets.GITHUB_TOKEN }} | |
| deploy: | |
| runs-on: ubuntu-latest | |
| if: ${{ format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }} | |
| needs: | |
| - build-and-push-images | |
| steps: | |
| - name: Deploy services | |
| run: | | |
| # Setup ssh key | |
| echo "${{ secrets.EC2_SSH_PRIVATE_KEY }}" > ~/ec2-key.pem | |
| chmod 400 ~/ec2-key.pem | |
| mkdir -p ~/.ssh | |
| ssh-keyscan -H $EC2_SSH_ADDRESS >> ~/.ssh/known_hosts | |
| # Ensure remote directory exists | |
| ssh -q -i ~/ec2-key.pem -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null $EC2_SSH_ENDPOINT > /dev/null 2>&1 << 'EOF' | |
| sudo mkdir -p /tmp/deployment_backend | |
| sudo chown ${{ secrets.EC2_SSH_USER }}:${{ secrets.EC2_SSH_USER }} /tmp/deployment_backend | |
| EOF | |
| # Copy files | |
| scp -q -i ~/ec2-key.pem -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -r ./compose.app.yaml $EC2_SSH_ENDPOINT:/tmp/deployment_backend/ > /dev/null 2>&1 | |
| # Connect and deploy services | |
| ssh -q -i ~/ec2-key.pem -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null $EC2_SSH_ENDPOINT > /dev/null 2>&1 << 'EOF' | |
| export MONGO_USERNAME="${{ secrets.MONGO_USERNAME }}" | |
| export MONGO_PASSWORD="${{ secrets.MONGO_PASSWORD }}" | |
| export BACKEND_NATS_URL="${{ secrets.BACKEND_NATS_URL }}" | |
| export BACKEND_PRIVATE_KEY="${{ secrets.BACKEND_PRIVATE_KEY }}" | |
| export BACKEND_MONGO_HOST="mongodb" | |
| export BACKEND_MONGO_PORT="27017" | |
| export BACKEND_MONGO_SCHEME="mongodb" | |
| export BACKEND_MONGO_DATABASE_NAME="${{ secrets.BACKEND_MONGO_DATABASE_NAME }}" | |
| export BACKEND_MONGO_USERNAME="${{ secrets.MONGO_USERNAME }}" | |
| export BACKEND_MONGO_PASSWORD="${{ secrets.MONGO_PASSWORD }}" | |
| export BACKEND_MAIL_SMTP_PASSWORD="${{ secrets.BACKEND_MAIL_SMTP_PASSWORD }}" | |
| export BACKEND_MAIL_SMTP_HOST="${{ secrets.BACKEND_MAIL_SMTP_HOST }}" | |
| export BACKEND_MAIL_SMTP_FROM="${{ secrets.BACKEND_MAIL_SMTP_FROM }}" | |
| export BACKEND_MAIL_SMTP_USERNAME="${{ secrets.BACKEND_MAIL_SMTP_USERNAME }}" | |
| export BACKEND_MAIL_SMTP_PORT="${{ secrets.BACKEND_MAIL_SMTP_PORT }}" | |
| export BACKEND_S3_ENDPOINT="${{ secrets.BACKEND_S3_ENDPOINT }}" | |
| export BACKEND_S3_SECRET_KEY="${{ secrets.BACKEND_S3_SECRET_KEY }}" | |
| export BACKEND_S3_ACCESS_KEY="${{ secrets.BACKEND_S3_ACCESS_KEY }}" | |
| export BACKEND_S3_USE_SSL="${{ secrets.BACKEND_S3_USE_SSL }}" | |
| export BACKEND_S3_BUCKET_NAME="${{ secrets.BACKEND_S3_BUCKET_NAME }}" | |
| export APP_IMAGE="${{ secrets.APP_IMAGE }}" | |
| # Run Docker Compose | |
| cd /tmp/deployment_backend/ | |
| docker compose -f compose.app.yaml --project-name app up --pull always --detach | |
| sudo rm -rf /tmp/deployment_backend | |
| EOF |