Build🏗️ and Deploy Golang App 🛳️ to Prod 🚝 #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build🏗️ and Deploy Golang App 🛳️ to Prod 🚝 | |
on: | |
push: | |
branches: ["master"] | |
paths: ["occupi-backend/**"] | |
workflow_dispatch: | |
defaults: | |
run: | |
working-directory: occupi-backend | |
jobs: | |
build: | |
name: 🏗️ Build | |
runs-on: ubuntu-latest | |
steps: | |
- name: ⬇️ Checkout code | |
uses: actions/checkout@v4 | |
- name: 🏗 Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.21' # Specify the Go version you are using | |
- name: 🚀 Build the code | |
run: | | |
go build -v cmd/occupi-backend/main.go | |
# test docker build and up the container then down | |
build-test-docker: | |
name: 🐋 Build Test Docker Container | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: ⬇️ Checkout code | |
uses: actions/checkout@v4 | |
- name: 🏗 Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: 🏗 Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: 🐳 Build Docker image | |
run: | | |
docker build --no-cache -t ${{ secrets.DOCKER_USERNAME }}/occupi-backend:latest -f Dockerfile.prod . | |
- name: ✅ Echo success message | |
run: echo "Docker build successful" | |
build-push-docker: | |
needs: build-test-docker | |
name: 🐋 Build and Push Master Docker Image | |
runs-on: ubuntu-latest | |
steps: | |
- name: ⬇️ Checkout code | |
uses: actions/checkout@v4 | |
- name: 🏗 Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: 🏗 Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: 🧑💻 Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: 🔓 Decrypt default variables | |
run: | | |
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --quiet --batch --yes --decrypt --passphrase-fd 0 configs/config.yaml.gpg > configs/config.yaml | |
- name: 🔓 Decrypt prod variables | |
run: | | |
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --quiet --batch --yes --decrypt --passphrase-fd 0 configs/prod.yaml.gpg > configs/prod.yaml | |
- name: 🔓 Decrypt Centrifugo config | |
run: | | |
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --quiet --batch --yes --decrypt --passphrase-fd 0 configs/centrifugo.config.json.gpg > configs/centrifugo.config.json | |
- name: 🐳 Build and push Docker image | |
uses: docker/build-push-action@v5 | |
with: | |
context: occupi-backend | |
file: occupi-backend/Dockerfile.prod | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
tags: ${{ secrets.DOCKER_USERNAME }}/occupi-backend:latest | |
deploy: | |
needs: build-push-docker | |
name: 🛳️ Deploy for Prod | |
runs-on: ubuntu-latest | |
steps: | |
- name: ⬇️ Checkout code | |
uses: actions/checkout@v4 | |
- name: 🔓 Decrypt Centrifugo config | |
run: | | |
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --quiet --batch --yes --decrypt --passphrase-fd 0 configs/centrifugo.config.json.gpg > centrifugo.config.json | |
- name: 🪷 Copy files to VM | |
uses: appleboy/scp-action@v0.1.5 | |
with: | |
host: ${{ secrets.VM_IP }} | |
username: ${{ secrets.VM_USERNAME }} | |
key: ${{ secrets.VM_SSH_KEY }} | |
source: "occupi-backend/docker-compose.prod.yml,occupi-backend/Dockerfile.prod,occupi-backend/centrifugo.config.json" | |
target: "/home/${{ secrets.VM_USERNAME }}/occupi-backend-prod" | |
# SSH to VM and run commands | |
- name: 🚀 SSH to VM | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.VM_IP }} | |
username: ${{ secrets.VM_USERNAME }} | |
key: ${{ secrets.VM_SSH_KEY }} | |
script: | | |
cd /home/${{ secrets.VM_USERNAME }}/occupi-backend-prod/occupi-backend | |
echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin | |
MONGO_INITDB_ROOT_USERNAME=${{ secrets.MONGO_INITDB_ROOT_USERNAME }} \ | |
MONGO_INITDB_ROOT_PASSWORD=${{ secrets.MONGO_INITDB_ROOT_PASSWORD }} \ | |
RABBITMQ_DEFAULT_USER=${{ secrets.RABBITMQ_DEFAULT_USER }} \ | |
RABBITMQ_DEFAULT_PASS=${{ secrets.RABBITMQ_DEFAULT_PASS }} \ | |
DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }} \ | |
docker compose -f docker-compose.prod.yml down --rmi all | |
docker image prune -f | |
MONGO_INITDB_ROOT_USERNAME=${{ secrets.MONGO_INITDB_ROOT_USERNAME }} \ | |
MONGO_INITDB_ROOT_PASSWORD=${{ secrets.MONGO_INITDB_ROOT_PASSWORD }} \ | |
RABBITMQ_DEFAULT_USER=${{ secrets.RABBITMQ_DEFAULT_USER }} \ | |
RABBITMQ_DEFAULT_PASS=${{ secrets.RABBITMQ_DEFAULT_PASS }} \ | |
DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }} \ | |
docker compose -f docker-compose.prod.yml pull | |
MONGO_INITDB_ROOT_USERNAME=${{ secrets.MONGO_INITDB_ROOT_USERNAME }} \ | |
MONGO_INITDB_ROOT_PASSWORD=${{ secrets.MONGO_INITDB_ROOT_PASSWORD }} \ | |
RABBITMQ_DEFAULT_USER=${{ secrets.RABBITMQ_DEFAULT_USER }} \ | |
RABBITMQ_DEFAULT_PASS=${{ secrets.RABBITMQ_DEFAULT_PASS }} \ | |
DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }} \ | |
docker compose -f docker-compose.prod.yml up -d |