-
Notifications
You must be signed in to change notification settings - Fork 0
66 lines (55 loc) · 1.86 KB
/
deploy-template.yml
File metadata and controls
66 lines (55 loc) · 1.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
name: Deploy template to VPS
# Triggers:
# - Automatically after build-template.yml succeeds on main (image tag: edge)
# - Manually via workflow_dispatch with a custom tag
on:
workflow_dispatch:
inputs:
tag:
description: "Docker image tag to deploy (default: edge)"
required: false
default: "edge"
workflow_run:
workflows: ["Build & push template backend image"]
types: [completed]
branches: [main]
concurrency:
group: deploy-template
cancel-in-progress: false # never cancel an in-flight deploy
jobs:
deploy:
name: SSH deploy — template backend
runs-on: ubuntu-latest
if: >-
github.event_name == 'workflow_dispatch' ||
github.event.workflow_run.conclusion == 'success'
steps:
- name: Determine image tag
id: tag
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
echo "tag=${{ inputs.tag }}" >> "$GITHUB_OUTPUT"
else
echo "tag=edge" >> "$GITHUB_OUTPUT"
fi
- name: Deploy via SSH
uses: appleboy/ssh-action@v1
with:
host: ${{ secrets.VPS_HOST }}
username: deploy
key: ${{ secrets.VPS_SSH_KEY }}
envs: GHCR_TOKEN
script: |
set -euo pipefail
cd /opt/apps/template
echo "Deploying template-backend tag=${{ steps.tag.outputs.tag }}"
if [ -n "${GHCR_TOKEN:-}" ]; then
echo "$GHCR_TOKEN" | docker login ghcr.io -u cfxdevkit --password-stdin
fi
TAG=${{ steps.tag.outputs.tag }} docker compose pull template-backend
TAG=${{ steps.tag.outputs.tag }} docker compose up -d --remove-orphans
docker image prune -f
sleep 5
docker compose ps template-backend
env:
GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}