Skip to content

Merge pull request #841 from msusicky/develop #183

Merge pull request #841 from msusicky/develop

Merge pull request #841 from msusicky/develop #183

name: deploy-production
on:
push:
branches: [main]
concurrency: production_env
jobs:
deploy:
name: Deploy to production
environment: production
runs-on: ubuntu-22.04
env:
APP_DIR: '${HOME}/prd/app'
TMP_DIR: '${HOME}/prd/tmp'
RELEASES_DIR: '${HOME}/prd/releases'
SSH_HOST: ${{ secrets.SSH_HOST }}
SSH_KEY: ${{ secrets.SSH_KEY }}
SSH_PORT: ${{ secrets.SSH_PORT }}
SSH_USER: ${{ secrets.SSH_USER }}
SSH_USER_WEB: ${{ secrets.SSH_USER_WEB }}
CFA_USER: ${{ secrets.CFA_USER }}
CFA_PASS: ${{ secrets.CFA_PASS }}
UZIS_TOKEN: ${{ secrets.UZIS_TOKEN }}
steps:
- uses: actions/checkout@v4
- name: Prepare config file
uses: falnyr/[email protected]
env:
DB_HOST: ${{ secrets.DB_HOST }}
DB_PORT: ${{ secrets.DB_PORT }}
DB_USER: ${{ secrets.DB_USER }}
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
DB_NAME: ${{ secrets.DB_NAME }}
TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }}
TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }}
TWITTER_ACCESS_TOKEN_KEY: ${{ secrets.TWITTER_ACCESS_TOKEN_KEY }}
TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }}
CFA_USER: ${{ secrets.CFA_USER }}
CFA_PASS: ${{ secrets.CFA_PASS }}
UZIS_TOKEN: ${{ secrets.UZIS_TOKEN }}
with:
filename: config.ci.py
- name: Build release package
run: |
mv config.ci.py config.py
tar -cvf release.tar app data migrations scripts .flaskenv config.py ockovani.py requirements.txt
- name: Setup SSH key
run: |
mkdir -p ~/.ssh/
ssh-keyscan -H ${SSH_HOST} >> ~/.ssh/known_hosts
eval `ssh-agent -s`
echo "${SSH_KEY}" | tr -d '\r' | ssh-add -
echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> $GITHUB_ENV
- name: Upload release package
run: scp -P ${SSH_PORT} release.tar ${SSH_USER_WEB}@${SSH_HOST}:${TMP_DIR}
- name: Prepare relase directory
run: |
RELEASE_DIR=${RELEASES_DIR}/release_`date "+%Y%m%d_%H%M%S"`
echo "RELEASE_DIR=$RELEASE_DIR" >> $GITHUB_ENV
ssh ${SSH_USER_WEB}@${SSH_HOST} -p ${SSH_PORT} "mkdir ${RELEASE_DIR}"
- name: Unpack release and clean tmp
run: ssh ${SSH_USER_WEB}@${SSH_HOST} -p ${SSH_PORT} "tar -xvf ${TMP_DIR}/release.tar -C ${RELEASE_DIR} && rm ${TMP_DIR}/*"
- name: Create venv and install requirements
run: ssh ${SSH_USER_WEB}@${SSH_HOST} -p ${SSH_PORT} "cd ${RELEASE_DIR} && python3 -m venv venv && source venv/bin/activate && pip install -r requirements.txt --no-cache-dir"
- name: Swap releases
run: ssh ${SSH_USER_WEB}@${SSH_HOST} -p ${SSH_PORT} "rm -f ${APP_DIR} && ln -s ${RELEASE_DIR} ${APP_DIR} && find ${RELEASES_DIR} -maxdepth 1 -mindepth 1 -not -path ${RELEASE_DIR} -exec rm -rf {} \;"
- name: Execute migrations
run: ssh ${SSH_USER_WEB}@${SSH_HOST} -p ${SSH_PORT} "cd ${APP_DIR} && source venv/bin/activate && flask db upgrade"
- name: Restart flask
run: ssh ${SSH_USER}@${SSH_HOST} -p ${SSH_PORT} "sudo systemctl stop ockovani-prd && sudo systemctl start ockovani-prd"
- name: Update crontab
run: ssh ${SSH_USER_WEB}@${SSH_HOST} -p ${SSH_PORT} "crontab ${APP_DIR}/scripts/cron"