Skip to content

Merge pull request #83 from dump-hr/privacy-policy #45

Merge pull request #83 from dump-hr/privacy-policy

Merge pull request #83 from dump-hr/privacy-policy #45

Workflow file for this run

name: Deploy
on:
push:
branches:
- main
workflow_dispatch:
jobs:
docker_image_build:
name: Build Docker image
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v4
with:
context: ./backend
push: true
tags: ghcr.io/${{ github.repository }}-api:latest,
ghcr.io/${{ github.repository }}-api:${{ github.sha }}
cache-from: type=gha
cache-to: type=gha,mode=max
ansible_playbook:
name: Run Ansible playbook
runs-on: ubuntu-latest
needs:
- docker_image_build
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Python
uses: actions/setup-python@v4
with:
python-version: "3.10"
cache: "pip"
cache-dependency-path: "./infrastructure/ansible/requirements.txt"
- name: Install Ansible
run: |
pip install -r ./infrastructure/ansible/requirements.txt
- name: Install Ansible dependencies
run: |
ansible-galaxy install -r ./infrastructure/ansible/requirements.yml
- name: Setup sops
uses: mdgreenwald/[email protected]
- name: Login to AWS
run: |
aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} --profile safetynet
aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} --profile safetynet
- name: Run Ansible playbook
run: |
eval $(ssh-agent)
./infrastructure/scripts/ansible-playbook.sh production api
vite_static_build:
name: Vite static build and deploy
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: 18.x
cache: "yarn"
cache-dependency-path: ./frontend/yarn.lock
- name: Login to AWS
run: |
aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} --profile safetynet
aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} --profile safetynet
- name: Set API endpoint in .env file
run: |
echo "VITE_APP_API_ENDPOINT=https://safetynet-api-production.dump.hr" >> frontend/.env
- name: Run build and deploy script
run: |
./infrastructure/scripts/static-build-deploy.sh ./frontend safetynet-web-production
env:
AWS_PROFILE: safetynet
AWS_REGION: us-east-1