-
Notifications
You must be signed in to change notification settings - Fork 1
122 lines (108 loc) · 6.17 KB
/
docker-publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
name: Docker Compose Deploy
on:
push:
branches: ["main"]
release:
types: ["created"]
branches: ["main"]
env:
REGISTRY: ghcr.io
jobs:
deploy:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set Environment Variables
id: set-env
run: |
if [[ "${{ github.event_name }}" == "release" ]]; then
echo "ENV=prod" >> $GITHUB_ENV
echo "PSQL_DB_HOST=${{ secrets.PROD_PSQL_DB_HOST }}" >> $GITHUB_ENV
echo "PSQL_DB_NAME=${{ secrets.PROD_PSQL_DB_NAME }}" >> $GITHUB_ENV
echo "PSQL_DB_USER=${{ secrets.PROD_PSQL_DB_USER }}" >> $GITHUB_ENV
echo "PSQL_DB_PASSWORD=${{ secrets.PROD_PSQL_DB_PASSWORD }}" >> $GITHUB_ENV
echo "PSQL_DB_PORT=${{ secrets.PROD_PSQL_DB_PORT }}" >> $GITHUB_ENV
echo "GITLAB_PRIVATE_TOKEN=${{ secrets.PROD_GITLAB_PRIVATE_TOKEN }}" >> $GITHUB_ENV
echo "GITHUB_PRIVATE_TOKEN=${{ secrets.PROD_GITHUB_PRIVATE_TOKEN }}" >> $GITHUB_ENV
echo "JWT_SECRET=${{ secrets.PROD_JWT_SECRET }}" >> $GITHUB_ENV
echo "V6Y_STATIC_ANALYZER_API_PATH=${{ secrets.PROD_V6Y_STATIC_ANALYZER_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_STATIC_ANALYZER_API_PORT=${{ secrets.PROD_V6Y_STATIC_ANALYZER_API_PORT }}" >> $GITHUB_ENV
echo "V6Y_DEVOPS_API_PATH=${{ secrets.PROD_V6Y_DEVOPS_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_DEVOPS_API_PORT=${{ secrets.PROD_V6Y_DEVOPS_API_PORT }}" >> $GITHUB_ENV
echo "V6Y_DYNAMIC_ANALYZER_API_PATH=${{ secrets.PROD_V6Y_DYNAMIC_ANALYZER_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_DYNAMIC_ANALYZER_API_PORT=${{ secrets.PROD_V6Y_DYNAMIC_ANALYZER_API_PORT }}" >> $GITHUB_ENV
echo "V6Y_MAIN_API_PATH=${{ secrets.PROD_V6Y_MAIN_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_MAIN_API_PORT=${{ secrets.PROD_V6Y_MAIN_API_PORT }}" >> $GITHUB_ENV
echo "V6Y_BFF_API_PATH=${{ secrets.PROD_V6Y_BFF_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_BFF_API_PORT=${{ secrets.PROD_V6Y_BFF_API_PORT }}" >> $GITHUB_ENV
echo "NEXT_PUBLIC_V6Y_BFF_PATH=${{ secrets.PROD_NEXT_PUBLIC_V6Y_BFF_PATH }}" >> $GITHUB_ENV
echo "NEXTAUTH_URL=${{ secrets.PROD_NEXTAUTH_URL }}" >> $GITHUB_ENV
else
echo "ENV=dev" >> $GITHUB_ENV
echo "PSQL_DB_HOST=${{ secrets.DEV_PSQL_DB_HOST }}" >> $GITHUB_ENV
echo "PSQL_DB_NAME=${{ secrets.DEV_PSQL_DB_NAME }}" >> $GITHUB_ENV
echo "PSQL_DB_USER=${{ secrets.DEV_PSQL_DB_USER }}" >> $GITHUB_ENV
echo "PSQL_DB_PASSWORD=${{ secrets.DEV_PSQL_DB_PASSWORD }}" >> $GITHUB_ENV
echo "PSQL_DB_PORT=${{ secrets.DEV_PSQL_DB_PORT }}" >> $GITHUB_ENV
echo "GITLAB_PRIVATE_TOKEN=${{ secrets.DEV_GITLAB_PRIVATE_TOKEN }}" >> $GITHUB_ENV
echo "GITHUB_PRIVATE_TOKEN=${{ secrets.DEV_GITHUB_PRIVATE_TOKEN }}" >> $GITHUB_ENV
echo "JWT_SECRET=${{ secrets.DEV_JWT_SECRET }}" >> $GITHUB_ENV
echo "V6Y_STATIC_ANALYZER_API_PATH=${{ secrets.DEV_V6Y_STATIC_ANALYZER_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_STATIC_ANALYZER_API_PORT=${{ secrets.DEV_V6Y_STATIC_ANALYZER_API_PORT }}" >> $GITHUB_ENV
echo "V6Y_DEVOPS_API_PATH=${{ secrets.DEV_V6Y_DEVOPS_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_DEVOPS_API_PORT=${{ secrets.DEV_V6Y_DEVOPS_API_PORT }}" >> $GITHUB_ENV
echo "V6Y_DYNAMIC_ANALYZER_API_PATH=${{ secrets.DEV_V6Y_DYNAMIC_ANALYZER_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_DYNAMIC_ANALYZER_API_PORT=${{ secrets.DEV_V6Y_DYNAMIC_ANALYZER_API_PORT }}" >> $GITHUB_ENV
echo "V6Y_MAIN_API_PATH=${{ secrets.DEV_V6Y_MAIN_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_MAIN_API_PORT=${{ secrets.DEV_V6Y_MAIN_API_PORT }}" >> $GITHUB_ENV
echo "V6Y_BFF_API_PATH=${{ secrets.DEV_V6Y_BFF_API_PATH }}" >> $GITHUB_ENV
echo "V6Y_BFF_API_PORT=${{ secrets.DEV_V6Y_BFF_API_PORT }}" >> $GITHUB_ENV
echo "NEXT_PUBLIC_V6Y_BFF_PATH=${{ secrets.DEV_NEXT_PUBLIC_V6Y_BFF_PATH }}" >> $GITHUB_ENV
echo "NEXTAUTH_URL=${{ secrets.DEV_NEXTAUTH_URL }}" >> $GITHUB_ENV
fi
- name: Install Docker
run: |
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
docker --version
- name: Install Docker Compose
run: |
DOCKER_COMPOSE_VERSION=$(curl -s "https://api.github.com/repos/docker/compose/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
sudo curl -L "https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version
- name: Determine Image Tag
id: set-tag
run: |
if [[ "${{ github.event_name }}" == "push" ]]; then
echo "IMAGE_TAG=${{ github.sha }}" >> $GITHUB_ENV
elif [[ "${{ github.event_name }}" == "release" ]]; then
echo "IMAGE_TAG=${{ github.event.release.tag_name }}" >> $GITHUB_ENV
fi
shell: bash
- name: Log into Docker registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Update docker-compose.yml with dynamic image names
run: |
sed -i "s|<registry-owner>|${{ github.repository_owner }}|g" docker-compose.yml
sed -i "s|:latest|:${{ env.IMAGE_TAG }}|g" docker-compose.yml
- name: Validate Docker Compose Configuration
run: docker-compose -f docker-compose.yml config
- name: Build and push images using Docker Compose
run: |
docker-compose -f docker-compose.yml build
docker-compose -f docker-compose.yml push
- name: Deploy services using Docker Compose
if: github.event_name == 'push' || github.event_name == 'release'
run: |
docker-compose -f docker-compose.yml pull
docker-compose -f docker-compose.yml up -d