refactor(dev): pass restart compose to unless-stop #125
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD | |
| env: | |
| MIRROR_URL: [email protected]:EpitechPromo2026/B-DEV-500-NCE-5-1-area-alexandre-kevin.de-freitas-martins.git | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| add_to_portfolio: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'Mirror to portfolio repo' | |
| uses: 'neeptossss/[email protected]' | |
| with: | |
| repo: 'neeptossss/portfolio' | |
| ssh-key: ${{ secrets.GIT_SSH_PRIVATE_KEY }} | |
| build_api: | |
| name: Build and push Backend images | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push gateway image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: "./backend/gateway" | |
| push: true | |
| tags: | | |
| ghcr.io/tux-inc/tuxify-api-gateway:latest | |
| ghcr.io/tux-inc/tuxify-api-gateway:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push mailer image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: "./backend/mailer" | |
| push: true | |
| tags: | | |
| ghcr.io/tux-inc/tuxify-api-mailer:latest | |
| ghcr.io/tux-inc/tuxify-api-mailer:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push auth image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: "./backend/auth" | |
| push: true | |
| tags: | | |
| ghcr.io/tux-inc/tuxify-api-auth:latest | |
| ghcr.io/tux-inc/tuxify-api-auth:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push flows image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: "./backend/flows" | |
| push: true | |
| tags: | | |
| ghcr.io/tux-inc/tuxify-api-flows:latest | |
| ghcr.io/tux-inc/tuxify-api-flows:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push providers image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: "./backend/providers" | |
| push: true | |
| tags: | | |
| ghcr.io/tux-inc/tuxify-api-providers:latest | |
| ghcr.io/tux-inc/tuxify-api-providers:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push google image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: "./backend/external-providers/google" | |
| push: true | |
| tags: | | |
| ghcr.io/tux-inc/tuxify-api-google:latest | |
| ghcr.io/tux-inc/tuxify-api-google:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push github image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: "./backend/external-providers/github" | |
| push: true | |
| tags: | | |
| ghcr.io/tux-inc/tuxify-api-github:latest | |
| ghcr.io/tux-inc/tuxify-api-github:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build and push microsoft image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: "./backend/external-providers/microsoft" | |
| push: true | |
| tags: | | |
| ghcr.io/tux-inc/tuxify-api-microsoft:latest | |
| ghcr.io/tux-inc/tuxify-api-microsoft:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build_frontend: | |
| name: Build and push frontend image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push Frontend image | |
| id: docker_build | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: "./frontend" | |
| push: true | |
| tags: | | |
| ghcr.io/tux-inc/tuxify:latest | |
| ghcr.io/tux-inc/tuxify:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build_android: | |
| name: Build APK | |
| runs-on: ubuntu-latest | |
| env: | |
| NUXT_IS_CAPACITOR: true | |
| defaults: | |
| run: | |
| working-directory: ./frontend | |
| steps: | |
| - name: Checkout source | |
| uses: actions/checkout@v4 | |
| - name: Setup java | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: "zulu" | |
| java-version: "17" | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 19.x | |
| - name: Install dependencies | |
| run: npm i | |
| - name: Create Build Folder | |
| run: npm run generate | |
| - name: Add android folder if not present | |
| run: if [ ! -d "./android" ]; then npx cap add android; fi | |
| - name: Capacitor copy | |
| run: npx cap copy | |
| - name: Generate icons and splash screen to android folder | |
| run: if [ -d "./assets" ]; then npm install @capacitor/assets --save-dev && npx capacitor-assets generate --android; fi | |
| - name: Build app bundle | |
| run: cd android && ./gradlew bundle && ./gradlew assembleDebug | |
| - name: Extract Android signing key from env | |
| run: | | |
| echo "${{ secrets.RELEASE_KEYSTORE }}" > android/release.jks.base64 | |
| base64 -d android/release.jks.base64 > android/release.decrypted.jks | |
| - name: Sign dev build | |
| run: jarsigner -keystore android/release.decrypted.jks -storepass "${{ secrets.RELEASE_KEYSTORE_PASSWORD }}" -signedjar ./android/app/build/outputs/bundle/release/app-release-signed.aab ./android/app/build/outputs/bundle/release/app-release.aab release | |
| - name: Check folder content of android output | |
| run: ls ./android/app/build/outputs/bundle/release | |
| - name: Set Tag | |
| id: current-datetime | |
| run: echo "CURRENT_DATETIME=$(date +'%Y-%m-%d-%H_%M_%S%z')" >> "$GITHUB_OUTPUT" | |
| - name: Create Release | |
| run: | | |
| gh release create v${{ steps.current-datetime.outputs.CURRENT_DATETIME }} --title "v${{ steps.current-datetime.outputs.CURRENT_DATETIME }}" --notes "v${{ steps.current-datetime.outputs.CURRENT_DATETIME }}" --target main ./android/app/build/outputs/bundle/release/app-release-signed.aab ./android/app/build/outputs/apk/debug/app-debug.apk | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| deploy_frontend_to_kubernetes: | |
| name: Deploy Frontend to Kubernetes | |
| needs: [build_frontend] | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: production | |
| steps: | |
| - name: Set the Kubernetes context | |
| uses: azure/k8s-set-context@v2 | |
| with: | |
| method: service-account | |
| k8s-url: https://kube.honixsystems.com | |
| k8s-secret: ${{ secrets.KUBERNETES_SECRET }} | |
| - name: Checkout source code | |
| uses: actions/checkout@v4 | |
| - name: Deploy to the Kubernetes cluster | |
| uses: azure/k8s-deploy@v1 | |
| with: | |
| namespace: production | |
| manifests: | | |
| kubernetes/frontend/deployment.yaml | |
| kubernetes/frontend/service.yaml | |
| kubernetes/frontend/ingress.yaml | |
| images: | | |
| ghcr.io/tux-inc/tuxify:${{ github.sha }} | |
| deploy_backend_to_kubernetes: | |
| name: Deploy Backend to Kubernetes | |
| needs: [build_api] | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: production | |
| steps: | |
| - name: Set the Kubernetes context | |
| uses: azure/k8s-set-context@v2 | |
| with: | |
| method: service-account | |
| k8s-url: https://kube.honixsystems.com | |
| k8s-secret: ${{ secrets.KUBERNETES_SECRET }} | |
| - name: Checkout source code | |
| uses: actions/checkout@v4 | |
| - name: Create global configmap | |
| uses: azure/k8s-deploy@v1 | |
| with: | |
| namespace: production | |
| manifests: | | |
| kubernetes/global-configmap.yaml | |
| - name: Create mailer secrets | |
| uses: Azure/k8s-create-secret@v1 | |
| with: | |
| namespace: production | |
| secret-type: "generic" | |
| secret-name: "tuxify-api-mailer-secret" | |
| arguments: | |
| --from-literal=NESTSV_MAILER_SMTP_HOST=${{ secrets.NESTSV_MAILER_SMTP_HOST }} | |
| --from-literal=NESTSV_MAILER_SMTP_PORT=${{ secrets.NESTSV_MAILER_SMTP_PORT }} | |
| --from-literal=NESTSV_MAILER_SMTP_USER=${{ secrets.NESTSV_MAILER_SMTP_USER }} | |
| --from-literal=NESTSV_MAILER_SMTP_PASSWORD=${{ secrets.NESTSV_MAILER_SMTP_PASSWORD }} | |
| - name: Create auth secrets | |
| uses: Azure/k8s-create-secret@v1 | |
| with: | |
| namespace: production | |
| secret-type: "generic" | |
| secret-name: "tuxify-api-auth-secret" | |
| arguments: --from-literal=COOKIE_SECRET=${{ secrets.COOKIE_SECRET }} | |
| --from-literal=FACEBOOK_CLIENT_ID=${{ secrets.FACEBOOK_CLIENT_ID }} | |
| --from-literal=FACEBOOK_CLIENT_SECRET=${{ secrets.FACEBOOK_CLIENT_SECRET }} | |
| --from-literal=GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} | |
| --from-literal=GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }} | |
| --from-literal=GH_CLIENT_ID=${{ secrets.GH_CLIENT_ID }} | |
| --from-literal=GH_CLIENT_SECRET=${{ secrets.GH_CLIENT_SECRET }} | |
| --from-literal=MICROSOFT_CLIENT_ID=${{ secrets.MICROSOFT_CLIENT_ID }} | |
| --from-literal=MICROSOFT_CLIENT_SECRET=${{ secrets.MICROSOFT_CLIENT_SECRET }} | |
| --from-literal=DISCORD_CLIENT_ID=${{ secrets.DISCORD_CLIENT_ID }} | |
| --from-literal=DISCORD_CLIENT_SECRET=${{ secrets.DISCORD_CLIENT_SECRET }} | |
| --from-literal=JWT_SECRET=${{ secrets.JWT_SECRET }} | |
| --from-literal=JWT_REFRESH_SECRET=${{ secrets.JWT_REFRESH_SECRET }} | |
| --from-literal=JWT_RESET_PASSWORD_SECRET=${{ secrets.JWT_RESET_PASSWORD_SECRET }} | |
| --from-literal=JWT_CONFIRMATION_SECRET=${{ secrets.JWT_CONFIRMATION_SECRET }} | |
| --from-literal=POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} | |
| - name: Create flows secrets | |
| uses: Azure/k8s-create-secret@v1 | |
| with: | |
| namespace: production | |
| secret-type: "generic" | |
| secret-name: "tuxify-api-flows-secret" | |
| arguments: --from-literal=NESTSV_FLOWS_MONGO_PASSWORD=${{ secrets.NESTSV_FLOWS_MONGO_PASSWORD }} | |
| - name: Create providers secrets | |
| uses: Azure/k8s-create-secret@v1 | |
| with: | |
| namespace: production | |
| secret-type: "generic" | |
| secret-name: "tuxify-api-providers-secret" | |
| arguments: --from-literal=NESTSV_PROVIDERS_POSTGRES_PASSWORD=${{ secrets.NESTSV_PROVIDERS_POSTGRES_PASSWORD }} | |
| - name: Checkout source code | |
| uses: actions/checkout@v4 | |
| - name: Deploy DB to the Kubernetes cluster | |
| uses: azure/k8s-deploy@v1 | |
| with: | |
| namespace: production | |
| manifests: | | |
| kubernetes/databases/db.deployment.yaml | |
| kubernetes/databases/db.service.yaml | |
| kubernetes/databases/db.volume.yaml | |
| - name: Checkout source code | |
| uses: actions/checkout@v4 | |
| - name: Deploy message broker to the Kubernetes cluster | |
| uses: azure/k8s-deploy@v1 | |
| with: | |
| namespace: production | |
| manifests: | | |
| kubernetes/message-broker/nats.deployment.yaml | |
| kubernetes/message-broker/nats.service.yaml | |
| - name: Checkout source code | |
| uses: actions/checkout@v4 | |
| - name: Deploy API to the Kubernetes cluster | |
| uses: azure/k8s-deploy@v1 | |
| with: | |
| namespace: production | |
| manifests: | | |
| kubernetes/backend/deployment.yaml | |
| kubernetes/backend/service.yaml | |
| kubernetes/backend/ingress.yaml | |
| images: | | |
| ghcr.io/tux-inc/tuxify-api-gateway:${{ github.sha }} | |
| ghcr.io/tux-inc/tuxify-api-mailer:${{ github.sha }} | |
| ghcr.io/tux-inc/tuxify-api-auth:${{ github.sha }} | |
| ghcr.io/tux-inc/tuxify-api-flows:${{ github.sha }} | |
| ghcr.io/tux-inc/tuxify-api-providers:${{ github.sha }} | |
| ghcr.io/tux-inc/tuxify-api-google:${{ github.sha }} | |
| ghcr.io/tux-inc/tuxify-api-github:${{ github.sha }} | |
| ghcr.io/tux-inc/tuxify-api-microsoft:${{ github.sha }} | |
| mirror: | |
| name: Mirror repository | |
| needs: | |
| [ | |
| deploy_frontend_to_kubernetes, | |
| deploy_backend_to_kubernetes, | |
| build_android, | |
| ] | |
| permissions: | |
| contents: read | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Remove .github folder | |
| run: rm -rf .github | |
| - name: Mirror repository | |
| uses: pixta-dev/repository-mirroring-action@v1 | |
| with: | |
| target_repo_url: ${{ env.MIRROR_URL }} | |
| ssh_private_key: ${{ secrets.GIT_SSH_PRIVATE_KEY }} |