🔧 Build and Deploy #403
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Deploy | |
on: | |
# Push includes PR merge | |
push: | |
branches: | |
- main | |
- staging | |
- development | |
paths: | |
# Workflow is triggered only if src changes | |
- src/** | |
# Allow manual trigger | |
workflow_dispatch: | |
jobs: | |
pytest: | |
uses: ./.github/workflows/r-pytest.yml | |
with: | |
image_tag: ci-${{ github.ref_name }} | |
frontend-tests: | |
uses: ./.github/workflows/r-frontend_tests.yml | |
extract-vars: | |
needs: | |
- pytest | |
- frontend-tests | |
uses: ./.github/workflows/r-extract_vars.yml | |
with: | |
environment: ${{ github.ref_name }} | |
backend-build: | |
uses: hotosm/gh-workflows/.github/workflows/image_build.yml@main | |
needs: [extract-vars] | |
with: | |
context: src/backend | |
build_target: prod | |
image_tags: | | |
"ghcr.io/hotosm/fmtm/backend:${{ needs.extract-vars.outputs.api_version }}-${{ github.ref_name }}" | |
"ghcr.io/hotosm/fmtm/backend:latest" | |
build_args: | | |
APP_VERSION=${{ needs.extract-vars.outputs.api_version }} | |
frontend-main-build: | |
uses: hotosm/gh-workflows/.github/workflows/image_build.yml@main | |
needs: [extract-vars] | |
with: | |
context: src/frontend | |
dockerfile: prod.dockerfile | |
build_target: prod | |
image_tags: | | |
"ghcr.io/hotosm/fmtm/frontend:${{ needs.extract-vars.outputs.frontend_main_version }}-${{ github.ref_name }}" | |
"ghcr.io/hotosm/fmtm/frontend:latest" | |
build_args: | | |
APP_VERSION=${{ needs.extract-vars.outputs.frontend_main_version }} | |
VITE_API_URL=${{ needs.extract-vars.outputs.api_url }} | |
smoke-test-backend: | |
runs-on: ubuntu-latest | |
needs: | |
- extract-vars | |
- backend-build | |
environment: | |
name: ${{ github.ref_name }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Environment to .env | |
env: | |
GIT_BRANCH: ${{ github.ref_name }} | |
API_VERSION: ${{ needs.extract-vars.outputs.api_version }} | |
FRONTEND_MAIN_VERSION: ${{ needs.extract-vars.outputs.frontend_main_version }} | |
run: | | |
echo "${{ secrets.DOTENV }}" > .env | |
echo "GIT_BRANCH=${GIT_BRANCH}" >> .env | |
echo "API_VERSION=${API_VERSION}" >> .env | |
echo "FRONTEND_MAIN_VERSION=${FRONTEND_MAIN_VERSION}" >> .env | |
- name: Backend smoke test | |
run: | | |
echo "Not implemented" | |
# source .env | |
# docker network create fmtm | |
# docker pull "postgis/postgis:14-3.3-alpine" | |
# docker run --rm -d \ | |
# --name=fmtm-db \ | |
# --network=fmtm \ | |
# -e POSTGRES_USER=fmtm \ | |
# -e POSTGRES_PASSWORD=fmtm \ | |
# -e POSTGRES_DB=fmtm \ | |
# "postgis/postgis:14-3.3-alpine" | |
# docker pull "ghcr.io/hotosm/fmtm/backend:${API_VERSION}-${GIT_BRANCH}" | |
# docker run --rm -d \ | |
# --network=fmtm \ | |
# -p 8080:8080 \ | |
# -e OSM_CLIENT_ID="test" \ | |
# -e OSM_CLIENT_SECRET="test" \ | |
# -e OSM_SECRET_KEY="test" \ | |
# "ghcr.io/hotosm/fmtm/backend:${API_VERSION}-${GIT_BRANCH}" | |
# # First wait 10 seconds for API | |
# sleep 10 | |
# # Check the exit status of curl and exit the job if it fails | |
# if ! curl -f http://localhost:8080/docs; then | |
# echo "curl failed to access http://localhost:8080/docs" | |
# exit 1 | |
# fi | |
smoke-test-frontend: | |
runs-on: ubuntu-latest | |
needs: | |
- extract-vars | |
- frontend-main-build | |
environment: | |
name: ${{ github.ref_name }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Frontend smoke test | |
run: echo "Not implemented" | |
deploy-containers: | |
runs-on: ubuntu-latest | |
needs: | |
- extract-vars | |
- smoke-test-backend | |
- smoke-test-frontend | |
environment: | |
name: ${{ github.ref_name }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Environment to .env | |
env: | |
GIT_BRANCH: ${{ github.ref_name }} | |
API_VERSION: ${{ needs.extract-vars.outputs.api_version }} | |
FRONTEND_MAIN_VERSION: ${{ needs.extract-vars.outputs.frontend_main_version }} | |
run: | | |
echo "${{ secrets.DOTENV }}" > .env | |
echo "GIT_BRANCH=${GIT_BRANCH}" >> .env | |
echo "API_VERSION=${API_VERSION}" >> .env | |
echo "FRONTEND_MAIN_VERSION=${FRONTEND_MAIN_VERSION}" >> .env | |
- uses: webfactory/[email protected] | |
with: | |
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} | |
- name: Disable Host key verification | |
# Hack to prevent "Host key verification failed". Should be replaced with a ssh-keyscan based solution | |
run: echo "StrictHostKeyChecking no" >> ~/.ssh/config | |
- name: Deploy | |
run: | | |
docker compose --file docker-compose.deploy.yml pull | |
docker compose --file docker-compose.deploy.yml up --detach --remove-orphans | |
env: | |
DOCKER_HOST: ${{ vars.DOCKER_HOST }} |