Skip to content

Deploy Auth Service #34

Deploy Auth Service

Deploy Auth Service #34

Workflow file for this run

name: Deploy Auth Service
on:
workflow_dispatch:
inputs:
deploy:
description: 'Deploy the service'
required: true
default: 'false'
deploy_target:
description: 'Deployment target (k8s or vps)'
required: true
default: 'k8s'
env:
DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
NAMESPACE: ${{ secrets.NAMESPACE }}
VPS_SSH_KEY: ${{ secrets.VPS_SSH_KEY }}
VPS_USER: ${{ secrets.VPS_USER }}
VPS_HOST: ${{ secrets.VPS_HOST }}
IMAGE: andreq21/auth:${{ github.sha }}
IMAGE_MIGRATOR: andreq21/auth-migrator:${{ github.sha }}
jobs:
lint:
runs-on: ubuntu-latest
environment: auth-production
if: github.event_name == 'workflow_dispatch' && github.event.inputs.deploy == 'true'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.22.4
- name: Run linters
run: |
go install github.com/golangci/golangci-lint/cmd/[email protected]
golangci-lint run ./service/auth/... --config ./.golangci.pipeline.yaml
build:
runs-on: ubuntu-latest
environment: auth-production
needs: lint
if: github.event_name == 'workflow_dispatch' && github.event.inputs.deploy == 'true' && github.event.inputs.deploy_target == 'k8s'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build Docker image
run: |
docker build -t $IMAGE -f ./service/auth/Dockerfile .
docker build -t $IMAGE_MIGRATOR -f ./service/auth/migration.Dockerfile .
- name: Login to Docker Hub
run: |
echo $DOCKER_HUB_PASSWORD | docker login -u $DOCKER_HUB_USERNAME --password-stdin
- name: Push Docker image to Docker Hub
run: |
docker push $IMAGE
docker push $IMAGE_MIGRATOR
deploy-k8s:
runs-on: ubuntu-latest
environment: auth-production
needs: build
if: github.event_name == 'workflow_dispatch' && github.event.inputs.deploy == 'true' && github.event.inputs.deploy_target == 'k8s'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y gettext
- name: Create .env file
run: |
echo "ENV=${{ vars.ENV }}" >> .env
echo "POSTGRES_HOST=${{ vars.POSTGRES_HOST }}" >> .env
echo "POSTGRES_PORT=${{ vars.POSTGRES_PORT }}" >> .env
echo "POSTGRES_USER=${{ vars.POSTGRES_USER }}" >> .env
echo "POSTGRES_PASSWORD=${{ vars.POSTGRES_PASSWORD }}" >> .env
echo "POSTGRES_DB=${{ vars.POSTGRES_DB }}" >> .env
echo "HTTP_SERVER_HOST=${{ vars.HTTP_SERVER_HOST }}" >> .env
echo "HTTP_SERVER_PORT=${{ vars.HTTP_SERVER_PORT }}" >> .env
echo "HTTP_SERVER_TIMEOUT=${{ vars.HTTP_SERVER_TIMEOUT }}" >> .env
echo "GRPC_SERVER_HOST=${{ vars.GRPC_SERVER_HOST }}" >> .env
echo "GRPC_SERVER_PORT=${{ vars.GRPC_SERVER_PORT }}" >> .env
echo "GRPC_SERVER_TIMEOUT=${{ vars.GRPC_SERVER_TIMEOUT }}" >> .env
echo "JWT_ACCESS_SECRET=${{ vars.JWT_ACCESS_SECRET }}" >> .env
echo "JWT_ACCESS_DURATION=${{ vars.JWT_ACCESS_DURATION }}" >> .env
echo "JWT_REFRESH_SECRET=${{ vars.JWT_REFRESH_SECRET }}" >> .env
echo "JWT_REFRESH_DURATION=${{ vars.JWT_REFRESH_DURATION }}" >> .env
echo "POSTGRES_URL=${{ vars.POSTGRES_URL }}" >> .env
- name: Set up kubectl
run: |
mkdir -p $HOME/.kube
echo "$KUBE_CONFIG" | base64 --decode > $HOME/.kube/config
- name: Substitute environment variables in configmap
run: |
export $(cat .env | xargs)
envsubst < deploy/helm/auth/templates/configmap.yaml > ./configmap.yaml
mv ./configmap.yaml deploy/helm/auth/templates/configmap.yaml
- name: Deploy to Kubernetes
run: |
helm upgrade --install auth ./deploy/helm/auth --namespace=$NAMESPACE --set app.image.tag=$IMAGE --set migrator.image.tag=$IMAGE_MIGRATOR
deploy-vps:
runs-on: ubuntu-latest
environment: auth-production
needs: lint
if: github.event_name == 'workflow_dispatch' && github.event.inputs.deploy == 'true' && github.event.inputs.deploy_target == 'vps'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y sshpass
- name: Create .env file
run: |
echo "ENV=${{ vars.ENV }}" >> .env
echo "POSTGRES_HOST=${{ vars.POSTGRES_HOST }}" >> .env
echo "POSTGRES_PORT=${{ vars.POSTGRES_PORT }}" >> .env
echo "POSTGRES_USER=${{ vars.POSTGRES_USER }}" >> .env
echo "POSTGRES_PASSWORD=${{ vars.POSTGRES_PASSWORD }}" >> .env
echo "POSTGRES_DB=${{ vars.POSTGRES_DB }}" >> .env
echo "HTTP_SERVER_HOST=${{ vars.HTTP_SERVER_HOST }}" >> .env
echo "HTTP_SERVER_PORT=${{ vars.HTTP_SERVER_PORT }}" >> .env
echo "HTTP_SERVER_TIMEOUT=${{ vars.HTTP_SERVER_TIMEOUT }}" >> .env
echo "GRPC_SERVER_HOST=${{ vars.GRPC_SERVER_HOST }}" >> .env
echo "GRPC_SERVER_PORT=${{ vars.GRPC_SERVER_PORT }}" >> .env
echo "GRPC_SERVER_TIMEOUT=${{ vars.GRPC_SERVER_TIMEOUT }}" >> .env
echo "JWT_ACCESS_SECRET=${{ vars.JWT_ACCESS_SECRET }}" >> .env
echo "JWT_ACCESS_DURATION=${{ vars.JWT_ACCESS_DURATION }}" >> .env
echo "JWT_REFRESH_SECRET=${{ vars.JWT_REFRESH_SECRET }}" >> .env
echo "JWT_REFRESH_DURATION=${{ vars.JWT_REFRESH_DURATION }}" >> .env
echo "POSTGRES_URL=${{ vars.POSTGRES_URL }}" >> .env
- name: Copy .env file to VPS
run: |
echo "$VPS_SSH_KEY" > deploy_key.pem
chmod 600 ~/.ssh/id_rsa
scp -i deploy_key.pem -o StrictHostKeyChecking=no -r /service/auth/.env $VPS_USER@$VPS_HOST:/root/apps/auth/.env
ssh -i deploy_key.pem -o StrictHostKeyChecking=no $VPS_USER@$VPS_HOST "chmod 600 /root/apps/auth/.env"
- name: Copy binary to VPS
run: |
go mod download
go build -o ./bin ./service/auth/cmd/app/main.go
scp -i deploy_key.pem -o StrictHostKeyChecking=no ./bin $VPS_USER@$VPS_HOST:/root/apps/auth/bin
- name: Set up systemd service on VPS
run: |
scp -i deploy_key.pem -o StrictHostKeyChecking=no deploy/vps/auth.ini $VPS_USER@$VPS_HOST:/etc/systemd/system/auth
ssh -i deploy_key.pem -o StrictHostKeyChecking=no $VPS_USER@$VPS_HOST 'systemctl daemon-reload && systemctl restart auth && systemctl status auth'