Merge pull request #2 from PROxZIMA/feature/gitlab-integration #16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Contribution Manager App - VPS | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [ master, main ] | |
| paths: | |
| - 'src/**' | |
| - 'public/**' | |
| - 'package.json' | |
| - 'package-lock.json' | |
| - 'next.config.ts' | |
| - 'tailwind.config.ts' | |
| - 'tsconfig.json' | |
| - 'deploy/Dockerfile.c-m-app' | |
| - '.github/workflows/Contribution.Manager.VPS.yaml' | |
| env: | |
| SERVICE_NAME: frontend | |
| IMAGE: ghcr.io/${{ github.repository_owner }}/contribution-manager-app | |
| DOCKERFILE: deploy/Dockerfile.c-m-app | |
| NODE_VERSION: '22.x' | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU (multiarch) | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GHCR_PAT }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.IMAGE }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=sha,prefix={{branch}}- | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ${{ env.DOCKERFILE }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: linux/amd64,linux/arm64 | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| NODE_ENV=production | |
| NEXT_PUBLIC_FIREBASE_API_KEY=${{ secrets.NEXT_PUBLIC_FIREBASE_API_KEY }} | |
| NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=${{ secrets.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN }} | |
| NEXT_PUBLIC_FIREBASE_PROJECT_ID=${{ secrets.NEXT_PUBLIC_FIREBASE_PROJECT_ID }} | |
| NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=${{ secrets.NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET }} | |
| NEXT_PUBLIC_FIREBASE_FIRESTORE_DATABASE=${{ secrets.NEXT_PUBLIC_FIREBASE_FIRESTORE_DATABASE }} | |
| NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=${{ secrets.NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID }} | |
| NEXT_PUBLIC_FIREBASE_APP_ID=${{ secrets.NEXT_PUBLIC_FIREBASE_APP_ID }} | |
| NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID=${{ secrets.NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID }} | |
| NEXT_PUBLIC_CONTRIBUTION_API_URL=${{ secrets.NEXT_PUBLIC_CONTRIBUTION_API_URL }} | |
| secrets: | | |
| google_credentials=${{ secrets.GOOGLE_APPLICATION_CREDENTIALS_JSON }} | |
| deploy: | |
| needs: build-and-push | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy to VPS | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.VPS_HOST }} | |
| username: ${{ secrets.VPS_USER }} | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| script: | | |
| set -e | |
| echo "Deploying Manager App..." | |
| # Login to GHCR | |
| echo "${{ secrets.GHCR_PAT }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| # Navigate to app directory | |
| cd /srv/app || exit 1 | |
| # Create Google credentials file if it doesn't exist | |
| if [ ! -f "/srv/app/.secrets/google-credentials.json" ]; then | |
| mkdir -p /srv/app/.secrets | |
| echo "${{ secrets.GOOGLE_APPLICATION_CREDENTIALS_JSON }}" | base64 --decode > /srv/app/.secrets/google-credentials.json | |
| chmod 600 /srv/app/.secrets/google-credentials.json | |
| fi | |
| # Pull latest images | |
| docker compose pull ${{ env.SERVICE_NAME }} | |
| # Restart the service | |
| docker compose up -d ${{ env.SERVICE_NAME }} | |
| # Clean up old images | |
| docker image prune -f | |
| echo "Manager App deployed successfully!" |