forked from Catrobat/Catroweb
-
Notifications
You must be signed in to change notification settings - Fork 0
74 lines (65 loc) · 2.87 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# ** Continuous Delivery **
#
# Test deployments are handled by a python script that run on a schedule: https://github.com/Catrobat/Catroweb-API
# However, the deployment to production is handled by this workflow.
#
# - Secrets required!
#
# ToDo: currently disabled.
#
name: Continuous Delivery
# Run-on every merge of a pull request into the master branch
on:
push:
branches:
- master
jobs:
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Deployment:
#
# - requires a VPN connection to the TU Graz. (SSH is only allowed inside the university network)
# - a SSH connection is required (public key must be registered on server!)
# - Add all credentials hidden in secrets to the configuration files
# - The current script is build within the Symfony framework, hence, the container is used to run the script.
#
deploy:
if: false # Currently disabled!
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Connect to TUG via VPN
run: |
sudo apt-get --yes --force-yes install openconnect
printf '${{ secrets.VPN_PASSWD }}' | sudo openconnect vpn.tugraz.at --user=${{ secrets.VPN_USER }} & disown
- name: Set deployment script secrets (.env.local)
run: |
printf '\nDEPLOY_GIT=https://github.com/Catrobat/Catroweb-Symfony.git\n' >> .env.local
printf 'DEPLOY_WEBTEST=${{ secrets.DEP_WEBTEST_HOST }}\n' >> .env.local
printf 'DEPLOY_WEBTEST_BRANCH="master"\n' >> .env.local
printf 'DEP_USER="Catroweb Github Action"\n' >> .env.local
printf 'SLACK_WEBHOOK=${{ secrets.SLACK_WEBHOOK }}\n' >> .env.local
- name: Build Container
run: |
cd docker
docker-compose -f docker-compose.test.yml build
docker-compose -f docker-compose.test.yml up -d
- name: Install SSH in container
run: |
docker exec app.catroweb.test apt-get --yes --force-yes install ssh
- name: Install SSH key in container
run: |
docker exec app.catroweb.test mkdir /root/.ssh
docker exec app.catroweb.test chmod 700 /root/.ssh
mkdir ssh_tmp
echo "${{ secrets.DEP_WEBTEST_SSH_KEY }}" > ssh_tmp/id_rsa
docker cp ssh_tmp/id_rsa app.catroweb.test:/root/.ssh/id_rsa
docker exec app.catroweb.test chmod 600 /root/.ssh/id_rsa
docker cp app.catroweb.test:/etc/ssh/ssh_config ssh_tmp
echo " StrictHostKeyChecking no" >> ssh_tmp/ssh_config
docker cp ssh_tmp/ssh_config app.catroweb.test:/etc/ssh/ssh_config
rm -rf ssh_tmp
- name: Deploy
run:
docker exec app.catroweb.test bin/dep deploy share