-
Notifications
You must be signed in to change notification settings - Fork 7
153 lines (120 loc) · 5.02 KB
/
push-master.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
name: Pipeline
on:
push:
branches:
- master
env:
REGISTRY_HOST: ghcr.io
IMAGE_TAG: master-${{ github.run_number }}
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Cache vendors
uses: actions/cache@v2
with:
path: vendor
key: composer-${{ hashFiles('composer.lock') }}
- name: Cache node modules
uses: actions/cache@v2
with:
path: node_modules
key: yarn-${{ hashFiles('yarn.lock') }}
- name: Set registry env
run: echo "REGISTRY=${{ env.REGISTRY_HOST }}/${GITHUB_REPOSITORY,,}" >> $GITHUB_ENV
- name: Docker login
uses: azure/docker-login@v1
with:
login-server: ${{ env.REGISTRY_HOST }}
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Permissions
run: sudo chown -R 1000:1000 .
- name: Init
run: make init
- name: Push dev cache
run: make push-dev-cache
- name: Valid
run: make app-composer-validate
- name: Lint
run: make app-lint
- name: Analyze
run: make app-analyze
- name: Test
run: make app-test-unit-integration
- name: Backup MySQL
run: make app-backup-mysql
- name: Backup uploads
run: make app-backup-upload
- name: Down
run: make down
- name: Build
run: make build
- name: Push build cache
run: make push-build-cache
- name: Testing Build
run: make testing-build
- name: Testing Push build cache
run: make testing-push-build-cache
- name: Testing Init
run: make testing-init
- name: Testing E2E
run: make testing-e2e
- name: Archive test output
uses: actions/upload-artifact@v1
with:
name: test-output
path: tests/_output
if: ${{ failure() }}
- name: Testing Down
run: make try-testing-down-clear
- name: Push
run: make push
deploy:
runs-on: ubuntu-latest
needs: build
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- name: Install SSH key
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.DEPLOY_SSH_KEY }}
known_hosts: ${{ secrets.DEPLOY_HOST }}
- name: Secrets
run: |
echo "${{ secrets.COOKIE_SECRET }}" > /tmp/cookie_secret
echo "${{ secrets.DB_PASSWORD }}" > /tmp/db_password
echo "${{ secrets.DB_ROOT_PASSWORD }}" > /tmp/db_root_password
echo "${{ secrets.REDIS_PASSWORD }}" > /tmp/redis_password
echo "${{ secrets.MAILER_PASSWORD }}" > /tmp/mailer_password
echo "${{ secrets.SENTRY_DSN }}" > /tmp/sentry_dsn
echo "${{ secrets.BACKUP_AWS_SECRET_ACCESS_KEY }}" > /tmp/backup_aws_secret_access_key
- name: Set registry env
run: echo "REGISTRY=${{ env.REGISTRY_HOST }}/${GITHUB_REPOSITORY,,}" >> $GITHUB_ENV
- name: Deploy
run: make deploy
env:
BUILD_NUMBER: ${{ github.run_number }}
HOST: ${{ secrets.DEPLOY_HOST }}
PORT: ${{ secrets.DEPLOY_PORT }}
COOKIE_SECRET_FILE: /tmp/cookie_secret
DB_ROOT_PASSWORD_FILE: /tmp/db_root_password
DB_PASSWORD_FILE: /tmp/db_password
REDIS_PASSWORD_FILE: /tmp/redis_password
MAILER_HOST: ${{ secrets.MAILER_HOST }}
MAILER_PORT: ${{ secrets.MAILER_PORT }}
MAILER_USERNAME: ${{ secrets.MAILER_USERNAME }}
MAILER_PASSWORD_FILE: /tmp/mailer_password
MAILER_FROM_EMAIL: ${{ secrets.MAILER_FROM_EMAIL }}
SENTRY_DSN_FILE: /tmp/sentry_dsn
BACKUP_AWS_ACCESS_KEY_ID: ${{ secrets.BACKUP_AWS_ACCESS_KEY_ID }}
BACKUP_AWS_SECRET_ACCESS_KEY_FILE: /tmp/backup_aws_secret_access_key
BACKUP_AWS_DEFAULT_REGION: ${{ secrets.BACKUP_AWS_DEFAULT_REGION }}
BACKUP_S3_ENDPOINT: ${{ secrets.BACKUP_S3_ENDPOINT }}
BACKUP_S3_BUCKET: ${{ secrets.BACKUP_S3_BUCKET }}