Merge pull request #47 from htdguide/testing #152
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy Docker Image to Server | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| build-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # 1) Check out the repo | |
| - name: Check out repository | |
| uses: actions/checkout@v2 | |
| # 2) Set up Node | |
| - name: Set up Node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| # 3) Install Dependencies | |
| - name: Install Dependencies | |
| run: npm install --legacy-peer-deps | |
| # 4) Run Tests (optional) | |
| - name: Run Tests | |
| run: npm run test | |
| # 5) Build Production Artifacts -> "dist" folder | |
| - name: Build | |
| run: npm run build | |
| # 6) Log in to Docker registry (example: Docker Hub) | |
| - name: Login to Docker Hub | |
| run: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| # 7) Build Docker image (uses a Dockerfile that only copies 'dist/' + 'nginx.conf') | |
| - name: Build Docker Image | |
| run: | | |
| docker build --no-cache \ | |
| -t ${{ secrets.DOCKER_USERNAME }}/webportfolio:latest \ | |
| -f Dockerfile \ | |
| . | |
| # 8) Push Docker Image to registry | |
| - name: Push Docker Image | |
| run: | | |
| docker push ${{ secrets.DOCKER_USERNAME }}/webportfolio:latest | |
| # 9) Set up SSH key for server connection | |
| - name: Set up SSH key | |
| uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| # 10) Optional: Upload SSL cert/key from secrets to server | |
| - name: Upload SSL Cert & Key to Server | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.VPS_HOST }} | |
| username: ${{ secrets.VPS_USERNAME }} | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| script: | | |
| # If directories named ssl.crt or ssl.key exist, remove them: | |
| if [ -d ssl.crt ]; then sudo rm -rf ssl.crt; fi | |
| if [ -d ssl.key ]; then sudo rm -rf ssl.key; fi | |
| # Write secrets to files on the server | |
| echo "${{ secrets.SSL_CERT_CHAIN }}" > ssl.crt | |
| echo "${{ secrets.SSL_PRIVATE_KEY }}" > ssl.key | |
| # Move them into place | |
| sudo mkdir -p /etc/ssl/certs /etc/ssl/private | |
| sudo mv ssl.crt /etc/ssl/certs/ssl.crt | |
| sudo mv ssl.key /etc/ssl/private/ssl.key | |
| # Secure permissions | |
| sudo chmod 600 /etc/ssl/private/ssl.key | |
| sudo chmod 644 /etc/ssl/certs/ssl.crt | |
| # 11) Deploy container | |
| - name: Deploy Container | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.VPS_HOST }} | |
| username: ${{ secrets.VPS_USERNAME }} | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| script: | | |
| # Stop and remove old containers | |
| sudo docker stop $(sudo docker ps -aq) || true | |
| sudo docker rm $(sudo docker ps -aq) || true | |
| # Pull latest image | |
| sudo docker pull ${{ secrets.DOCKER_USERNAME }}/webportfolio:latest | |
| # Run container (mounting SSL certs if your nginx.conf references them) | |
| sudo docker run -d \ | |
| --name webportfolio \ | |
| -p 80:80 \ | |
| -p 443:443 \ | |
| -v /etc/ssl/private/ssl.key:/etc/ssl/private/ssl.key:ro \ | |
| -v /etc/ssl/certs/ssl.crt:/etc/ssl/certs/ssl.crt:ro \ | |
| ${{ secrets.DOCKER_USERNAME }}/webportfolio:latest |