Release #379
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
permissions: | |
packages: write | |
contents: write | |
on: | |
workflow_run: | |
workflows: ["Build Container"] | |
types: | |
- completed | |
branches: | |
- main | |
- master | |
workflow_dispatch: | |
env: | |
DOCKER_BUILDKIT: 1 | |
KAMAL_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
KAMAL_REGISTRY_USERNAME: ${{ github.actor }} | |
REDDIT_CLIENT: ${{ secrets.REDDIT_CLIENT }} | |
REDDIT_SECRET: ${{ secrets.REDDIT_SECRET }} | |
R2_ACCOUNT_ID: ${{ secrets.R2_ACCOUNT_ID }} | |
R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }} | |
R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }} | |
jobs: | |
release: | |
runs-on: ubuntu-latest | |
if: ${{ github.event.workflow_run.conclusion == 'success' }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Set up environment variables | |
run: | | |
echo "image_repository_name=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV | |
echo "repository_name=$(echo ${{ github.repository }} | cut -d '/' -f 2)" >> $GITHUB_ENV | |
echo "repository_name_lower=$(echo ${{ github.repository }} | cut -d '/' -f 2 | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV | |
echo "org_name=$(echo ${{ github.repository }} | cut -d '/' -f 1)" >> $GITHUB_ENV | |
if find . -maxdepth 2 -type f -name "Configure.Db.Migrations.cs" | grep -q .; then | |
echo "HAS_MIGRATIONS=true" >> $GITHUB_ENV | |
else | |
echo "HAS_MIGRATIONS=false" >> $GITHUB_ENV | |
fi | |
if [ -n "${{ secrets.KAMAL_DEPLOY_IP }}" ]; then | |
echo "HAS_DEPLOY_ACTION=true" >> $GITHUB_ENV | |
else | |
echo "HAS_DEPLOY_ACTION=false" >> $GITHUB_ENV | |
fi | |
# This step is for the deployment of the templates only, safe to delete | |
- name: Modify deploy.yml | |
if: env.HAS_DEPLOY_ACTION == 'true' | |
run: | | |
sed -i "s/service: my-app/service: ${{ env.repository_name_lower }}/g" config/deploy.yml | |
sed -i "s#image: my-user/myapp#image: ${{ env.image_repository_name }}#g" config/deploy.yml | |
sed -i "s/- 192.168.0.1/- ${{ secrets.KAMAL_DEPLOY_IP }}/g" config/deploy.yml | |
sed -i "s/host: my-app.example.com/host: ${{ secrets.KAMAL_DEPLOY_HOST }}/g" config/deploy.yml | |
sed -i "s/MyApp/${{ env.repository_name }}/g" config/deploy.yml | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ env.KAMAL_REGISTRY_USERNAME }} | |
password: ${{ env.KAMAL_REGISTRY_PASSWORD }} | |
- name: Set up SSH key | |
uses: webfactory/[email protected] | |
with: | |
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} | |
- name: Setup Ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 3.3.0 | |
bundler-cache: true | |
- name: Install Kamal | |
run: gem install kamal -v 2.3.0 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
driver-opts: image=moby/buildkit:master | |
- name: Kamal bootstrap | |
run: kamal server bootstrap | |
- name: Check if first run and execute kamal app boot if necessary | |
run: | | |
FIRST_RUN_FILE=".${{ env.repository_name }}" | |
if ! kamal server exec --no-interactive -q "test -f $FIRST_RUN_FILE"; then | |
kamal server exec --no-interactive -q "touch $FIRST_RUN_FILE" || true | |
kamal deploy -q -P --version latest || true | |
else | |
echo "Not first run, skipping kamal app boot" | |
fi | |
- name: Ensure file permissions | |
run: | | |
kamal server exec --no-interactive "mkdir -p /opt/docker/${{ env.repository_name }}/App_Data && chown -R 1654:1654 /opt/docker/${{ env.repository_name }}" | |
- name: Migration | |
if: env.HAS_MIGRATIONS == 'true' | |
run: | | |
kamal server exec --no-interactive docker pull ghcr.io/${{ env.image_repository_name }}:latest || true | |
kamal app exec --no-reuse --no-interactive --version=latest "--AppTasks=migrate" | |
- name: Deploy with Kamal | |
run: | | |
kamal lock release -v | |
kamal deploy -P --version latest |