-
Notifications
You must be signed in to change notification settings - Fork 19
195 lines (175 loc) · 8.08 KB
/
backend_deploy_test.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
name: Test backend build and deploy
concurrency:
group: test_deploy
cancel-in-progress: true
on:
workflow_dispatch:
inputs:
name:
description: 'Please, enter your name and surname'
default: 'Имя Фамилия'
required: true
env:
REGISTRY: ghcr.io
IMAGE_NAME: lubimovka_backend
DEPLOY_PATH: /LUBIMOVKA
defaults:
run:
working-directory: .
jobs:
tests:
name: Run tests
runs-on: ubuntu-latest
steps:
-
name: Check out the repo
uses: actions/checkout@v2
-
name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.9
-
name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements/dev.txt
-
name: Test with pytest
run: pytest
build-and-push-image-to-github-packages:
name: Push Docker image to GitHub Packages
runs-on: ubuntu-latest
needs: tests
permissions:
contents: read
packages: write
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Docker login
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Set variables
run: |
echo REP_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]') >> $GITHUB_ENV
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: .
file: Dockerfile_dev
labels: runnumber=${GITHUB_RUN_ID}
push: true
tags: |
${{ env.REGISTRY }}/${{ env.REP_OWNER }}/${{ env.IMAGE_NAME }}:test,
${{ env.REGISTRY }}/${{ env.REP_OWNER }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
deploy:
name: Deploy changes on server
runs-on: ubuntu-latest
environment:
name: test_deploy
needs: build-and-push-image-to-github-packages
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Create SSH key
# (SSH_KNOWN_HOSTS=ssh-keyscan -H сервер, SSH_PRIVATE_KEY - ключ с ПК, которому разрешен вход)
run: |
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts
chmod 644 ~/.ssh/known_hosts
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
-
name: Create folder for application
run: ssh ${{ secrets.USERNAME }}@${{ secrets.HOST }} mkdir -p ${{ env.DEPLOY_PATH }}
-
name: Deploy with scp
run: scp -r infra_deploy/test/ ${{ secrets.USERNAME }}@${{ secrets.HOST }}:${{ env.DEPLOY_PATH }}
-
name: Copy postfix setup
run: scp -r infra_deploy/postfix/ ${{ secrets.USERNAME }}@${{ secrets.HOST }}:${{ env.DEPLOY_PATH }}/test/
-
name: executing remote ssh commands to deploy
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
passphrase: ${{ secrets.PASSPHRASE }}
script: |
cd ${{ env.DEPLOY_PATH }}/test/
# GitHub variables
echo "IMAGE_BACK=${{ secrets.IMAGE_BACK }}" > .github_vars
echo "IMAGE_BACK_TAG=${{ secrets.IMAGE_BACK_TAG }}" >> .github_vars
echo "IMAGE_FRONT=${{ secrets.IMAGE_FRONT }}" >> .github_vars
echo "IMAGE_FRONT_TAG=${{ secrets.IMAGE_FRONT_TAG }}" >> .github_vars
echo "FRONT_BASE_URL=${{ secrets.FRONT_BASE_URL }}" >> .github_vars
echo "API_BASE_URL=${{ secrets.API_BASE_URL }}" >> .github_vars
echo "SUBDOMAIN=${{ secrets.SUBDOMAIN }}" >> .github_vars
# PostgreSQL environment variables
echo POSTGRES_DB=${{ secrets.POSTGRES_DB }} > .env-test
echo POSTGRES_USER=${{ secrets.POSTGRES_USER }} >> .env-test
echo POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} >> .env-test
echo POSTGRES_HOST=${{ secrets.POSTGRES_HOST }} >> .env-test
echo POSTGRES_PORT=${{ secrets.POSTGRES_PORT }} >> .env-test
# Postfix settings
echo POSTFIX_DB_PASSWORD=${{ secrets.POSTFIX_DB_PASSWORD }} >> .env-test
echo POSTFIX_HOSTNAME=${{ secrets.POSTFIX_HOSTNAME }} >> .env-test
echo POSTFIX_MAIL_DOMAIN=${{ secrets.POSTFIX_MAIL_DOMAIN }} >> .env-test
# Django environment variables
echo DEBUG=${{ secrets.DEBUG }} >> .env-test
echo DJANGO_SETTINGS_MODULE=${{ secrets.DJANGO_SETTINGS_MODULE }} >> .env-test
echo DJANGO_SECRET_KEY=${{ secrets.DJANGO_SECRET_KEY }} >> .env-test
echo DJANGO_ALLOWED_HOSTS=${{ secrets.DJANGO_ALLOWED_HOSTS }} >> .env-test
echo DJANGO_EMAIL_BACKEND=${{ secrets.DJANGO_EMAIL_BACKEND }} >> .env-test
echo DJANGO_SUPERUSER_USERNAME=${{ secrets.DJANGO_SUPERUSER_USERNAME }} >> .env-test
echo DJANGO_SUPERUSER_EMAIL=${{ secrets.DJANGO_SUPERUSER_EMAIL }} >> .env-test
echo DJANGO_SUPERUSER_PASSWORD=${{ secrets.DJANGO_SUPERUSER_PASSWORD }} >> .env-test
echo SERVER_EMAIL=${{ secrets.SERVER_EMAIL }} >> .env-test
echo MAILJET_API_KEY=${{ secrets.MAILJET_API_KEY }} >> .env-test
echo MAILJET_SECRET_KEY=${{ secrets.MAILJET_SECRET_KEY }} >> .env-test
echo MAILJET_TEMPLATE_ID_QUESTION=${{ secrets.MAILJET_TEMPLATE_ID_QUESTION }} >> .env-test
echo MAILJET_TEMPLATE_ID_REGISTRATION_USER=${{ secrets.MAILJET_TEMPLATE_ID_REGISTRATION_USER }} >> .env-test
echo MAILJET_TEMPLATE_ID_PARTICIPATION_APPLICATION=${{ secrets.MAILJET_TEMPLATE_ID_PARTICIPATION_APPLICATION }} >> .env-test
echo MAILJET_TEMPLATE_ID_RESET_PASSWORD_USER=${{ secrets.MAILJET_TEMPLATE_ID_RESET_PASSWORD_USER }} >> .env-test
# Secrets variables for google sheets in Django:
echo GOOGLE_PRIVATE_KEY_ID=${{ secrets.GOOGLE_PRIVATE_KEY_ID }} >> .env-test
echo GOOGLE_PRIVATE_KEY=\"${{ secrets.GOOGLE_PRIVATE_KEY }}\" >> .env-test
# Swag environment variables
echo PUID=${{ secrets.PUID }} >> .env-test
echo PGID=${{ secrets.PGID }} >> .env-test
echo URL=${{ secrets.URL }} >> .env-test
echo EMAIL=${{ secrets.SSL_EMAIL }} >> .env-test
# Token for yandex disk
echo YNDX_DISK_TOKEN=${{ secrets.YNDX_DISK_TOKEN }} >> .env-test
# Уделение старых данных
systemctl stop lubimovka-frontend-test.service
systemctl stop lubimovka-backend-test.service
docker compose -f lubimovka_backend_test_deploy.yml --env-file /LUBIMOVKA/test/.github_vars down -v
# Очистка неиспользуемых контейнеров, образов, сетей
# docker system prune --force
# Создание сети вынесено отдельно для возможности независимо перезапускать контейнеры (через external networks)
docker network create test_db_network || true
docker network create test_nginx_network || true
# Установка приложения - backend
cp -rf ${{ env.DEPLOY_PATH }}/test/lubimovka-backend-test.service /etc/systemd/system/lubimovka-backend-test.service
systemctl daemon-reload
systemctl restart lubimovka-backend-test.service
# Установка приложения - frontend
cp -rf ${{ env.DEPLOY_PATH }}/test/lubimovka-frontend-test.service /etc/systemd/system/lubimovka-frontend-test.service
systemctl daemon-reload
systemctl restart lubimovka-frontend-test.service
# После установки удаляем файлы
rm ${{ env.DEPLOY_PATH }}/test/lubimovka-backend-test.service
rm ${{ env.DEPLOY_PATH }}/test/lubimovka-frontend-test.service