fix sizing and order #116

Workflow file for this run

.github/workflows/docker.yaml at 72fa01c

	name: Docker Image CI

	## DO NOT COPY THIS. IT HAS LIMITED FUNCTIONALITY!

	# To run this locally use act (https://github.com/nektos/act)

	# To use act:
	# Create a .secrets file and set all the needed variables
	# act -j <job>
	# act <event_name>
	# act -e .github/act/<event>.json // For additinal event params
	# act -P self-hosted=ghcr.io/catthehacker/ubuntu:act-latest // To make it wokr with self hosted

	on:
	push:
	branches: [main]
	# TODO: Make pr pipelines
	#pull_request:
	# types: [opened, closed, reopened, synchronize]
	# TODO: Make release pipelines
	#release:
	# types: [released, prereleased]

	env:
	REGISTRY: registry.esek.se
	DEFAULT_BRANCH: main
	ONLY_PROD: true

	jobs:
	# This can only contain env vars and not secrets since actions is a fussy about it
	env-vars:
	runs-on: self-hosted
	container: ghcr.io/catthehacker/ubuntu:act-latest
	steps:
	- name: set variables
	id: vars
	run: \|
	slugify () {
	iconv -t ascii//TRANSLIT \
	\| tr -d "'" \
	\| sed -E 's/[^a-zA-Z0-9]+/-/g' \
	\| sed -E 's/^-+\|-+$//g' \
	\| tr "[:upper:]" "[:lower:]"
	}

	echo ${{ github.event }}

	export BRANCH=
	if [ -z $GITHUB_HEAD_REF ]; then
	BRANCH=$(basename $GITHUB_REF)
	else
	BRANCH=$GITHUB_HEAD_REF
	fi
	echo "Running on $BRANCH"

	export TAG=ephermal

	if [ "$BRANCH" = "${{ env.DEFAULT_BRANCH }}" ]; then
	TAG=latest
	fi

	if ${{ github.ref_type == 'tag' }}; then
	TAG=$BRANCH
	BRANCH=${{ env.DEFAULT_BRANCH }}
	fi

	TAG=$(echo "$TAG" \| slugify)
	export IMAGE_NAME="${{ env.REGISTRY }}/${{ github.repository }}:$TAG"

	echo "::echo::on"
	echo "::set-output name=image_name::$IMAGE_NAME"
	echo "::set-output name=tag::$TAG"
	echo "::set-output name=basename::$(basename ${{ github.repository }} \| slugify)"
	echo "::set-output name=branch::$( echo $BRANCH \| slugify)"
	echo "::echo::off"
	- name: select environment
	id: env
	run: \|
	export ENV=testing
	export DEPLOY_ENV=testing
	export PROJ_BASE=${{ steps.vars.outputs.basename }}
	export TAG=${{ steps.vars.outputs.tag }}
	export BRANCH=${{ steps.vars.outputs.branch }}
	export PROJECT_NAME=$PROJ_BASE-testing

	if ${{ (github.event_name == 'release' && github.event.action == 'released') \|\| env.ONLY_PROD == 'true' }}; then
	ENV=production
	DEPLOY_ENV=$ENV
	PROJECT_NAME=$PROJ_BASE-production
	fi
	if ${{ github.event_name == 'release' && github.event.action == 'prereleased' }}; then
	ENV=staging
	DEPLOY_ENV=$ENV
	PROJECT_NAME=$PROJ_BASE-staging
	fi
	if ${{ github.event_name == 'pull_request' }}; then
	ENV=review
	DEPLOY_ENV=$BRANCH-review
	PROJECT_NAME=$PROJ_BASE-$BRANCH
	fi

	echo "::echo::on"
	echo "::set-output name=env::$ENV"
	echo "::set-output name=project_name::$PROJECT_NAME"
	echo "::set-output name=deploy_env::$DEPLOY_ENV"
	echo "::echo::off"
	outputs:
	image_name: ${{ steps.vars.outputs.image_name }}
	tag: ${{ steps.vars.outputs.tag }}
	basename: ${{ steps.vars.outputs.basename }}
	branch: ${{ steps.vars.outputs.branch }}
	env: ${{ steps.env.outputs.env }}
	project_name: ${{ steps.env.outputs.project_name }}
	deploy_env: ${{ steps.env.outputs.deploy_env }}
	build:
	runs-on: self-hosted
	needs: env-vars
	if: ${{ !(github.event_name == 'pull_request' && github.event.action == 'closed') }}
	container:
	image: ghcr.io/catthehacker/ubuntu:act-latest
	steps:
	- name: import secrets
	id: s
	uses: hashicorp/[email protected]
	with:
	url: ${{ secrets.VAULT_URL }}
	token: ${{ secrets.VAULT_TOKEN }}
	method: token
	secrets: \|
	kv/data/common registry_username;
	kv/data/common registry_password;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} STRAPI_URL;
	- name: setup buildx
	uses: docker/setup-buildx-action@v2
	with:
	install: true
	- name: checkout repo
	uses: actions/checkout@v3
	- name: login to registry
	uses: docker/login-action@v2
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ steps.s.outputs.registry_username }}
	password: ${{ steps.s.outputs.registry_password }}
	- name: build and push image
	uses: docker/build-push-action@v3
	with:
	context: ./web
	push: true
	tags: ${{ needs.env-vars.outputs.image_name }}-web
	build-args: \|
	NEXT_PUBLIC_STRAPI_URL=${{ steps.s.outputs.STRAPI_URL }}
	- name: build and push image
	uses: docker/build-push-action@v3
	with:
	context: ./strapi
	push: true
	tags: ${{ needs.env-vars.outputs.image_name }}-strapi

	# This should need build and use the image to test
	test:
	runs-on: self-hosted
	# To run this locally using act set act to false in event.json
	# Note act does not support services...
	if: ${{ false && github.event_name == 'pull_request' && github.event.action != 'closed' }}
	services:
	postgres:
	image: postgres:alpine
	env:
	POSTGRES_USER: postgres
	POSTGRES_PASSWORD: password
	POSTGRES_DB: ekorre_foot
	container: node:16-alpine
	steps:
	- name: add bash (needed for actions)
	run: apk add --no-cache bash
	- name: checkout repo
	uses: actions/checkout@v3
	- name: setup env
	run: \|
	mv .env.example .env
	sed -i 's/localhost/postgres/' .env
	- name: install deps
	run: npm ci
	- name: lint
	continue-on-error: true
	run: npm run lint -- --output-file eslint_report.json --format json
	- name: publish lint
	if: ${{ !env.ACT }}
	uses: ataylorme/eslint-annotate-action@v2
	with:
	repo-token: "${{ secrets.GITHUB_TOKEN }}"
	only-pr-files: false
	- name: reset db
	run: npm run prisma:ci
	- name: run test
	continue-on-error: true
	run: npm run test:prebuild -- --ci --testLocationInResults --json --coverage --outputFile="report.json"
	- name: find pr
	continue-on-error: true
	if: ${{ !env.ACT }}
	uses: jwalton/gh-find-current-pr@v1
	id: findPr
	- name: publish coverage
	continue-on-error: true
	if: ${{ !env.ACT }}
	uses: ArtiomTr/[email protected]
	with:
	skip-step: all
	coverage-file: report.json
	base-coverage-file: report.json
	prnumber: ${{ steps.findPr.outputs.number }}
	annotations: failed-tests
	- name: check changelog
	uses: Zomzog/[email protected]
	if: ${{ !env.ACT }}
	continue-on-error: true
	with:
	fileName: CHANGELOG.MD
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: check package.json
	if: ${{ !env.ACT }}
	uses: Zomzog/[email protected]
	continue-on-error: true
	with:
	fileName: package.json
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	deploy:
	# To run this locally using act set act to false in event.json
	if: ${{ !github.event.act \|\| !(github.event_name == 'pull_request' && github.event.action == 'closed') }}
	runs-on: self-hosted
	needs:
	- env-vars
	- build
	steps:
	- name: import secrets
	id: s
	uses: hashicorp/[email protected]
	with:
	url: ${{ secrets.VAULT_URL }}
	token: ${{ secrets.VAULT_TOKEN }}
	method: token
	exportEnv: true
	secrets: \|
	kv/data/common registry_username;
	kv/data/common registry_password;
	kv/data/common docker_ca;
	kv/data/common docker_cert;
	kv/data/common docker_key;
	kv/data/common docker_host;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} DEPLOY_URL;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} DB_USERNAME;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} DB_PASSWORD;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} DB_NAME;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} DB_HOST;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} STRAPI_APP_KEYS;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} STRAPI_HOST;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} STRAPI_PORT;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} API_TOKEN_SALT;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} JWT_SECRET;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} SMTP_HOST;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} SMTP_PORT;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} SMTP_USERNAME;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} SMTP_PASSWORD;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} WIKI_URL;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} WIKI_USERNAME;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} WIKI_PASSWORD;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} STRAPI_URL;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} STRAPI_API_TOKEN;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} GOOGLE_API_KEY;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} EBREV_URL;
	kv/data/${{ needs.env-vars.outputs.basename }}/${{ needs.env-vars.outputs.env }} EBREV_API_KEY;
	- name: set variables
	run: \|
	echo "IMAGE_NAME=${{ needs.env-vars.outputs.image_name }}" >> $GITHUB_ENV
	echo "TAG=${{ needs.env-vars.outputs.tag }}" >> $GITHUB_ENV
	echo "DEPLOY_ENV=${{ needs.env-vars.outputs.deploy_env }}" >> $GITHUB_ENV
	echo "ENV=${{ needs.env-vars.outputs.env }}" >> $GITHUB_ENV
	echo "PROJECT_NAME=${{ needs.env-vars.outputs.project_name }}" >> $GITHUB_ENV
	echo "COMPOSE_PROJECT_NAME=${{ needs.env-vars.outputs.project_name }}" >> $GITHUB_ENV

	if [ ${{ needs.env-vars.outputs.env }} = 'review' ]; then
	echo "DEPLOY_URL=${{ needs.env-vars.outputs.branch }}-${{ needs.env-vars.outputs.basename }}.review.esek.se" >> $GITHUB_ENV
	fi
	- name: checkout repo
	uses: actions/checkout@v3
	- name: start deployment
	uses: bobheadxi/deployments@v1
	id: deployment
	if: ${{ !env.ACT && github.event_name != 'pull_request' && needs.env-vars.outputs.env != 'review' }}
	with:
	step: start
	token: ${{ secrets.GITHUB_TOKEN }}
	override: true
	env: ${{ env.DEPLOY_ENV }}
	- name: login to host
	uses: blennster/setup-docker-remote-tls@v4
	with:
	tls_key: ${{ steps.s.outputs.docker_key }}
	tls_ca: ${{ steps.s.outputs.docker_ca }}
	tls_cert: ${{ steps.s.outputs.docker_cert }}
	tcp_host: ${{ steps.s.outputs.docker_host }}:2376
	- name: check connection
	run: \|
	docker info
	docker compose version
	- name: login to registry
	uses: docker/login-action@v2
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ steps.s.outputs.registry_username }}
	password: ${{ steps.s.outputs.registry_password }}
	- name: pull images
	run: \|
	echo $IMAGE_NAME
	docker pull "$IMAGE_NAME-web"
	docker pull "$IMAGE_NAME-strapi"
	- name: Stop old container
	run: \|
	docker compose -f docker-compose.production.yml -p $PROJECT_NAME down
	- name: deploy to host
	shell: bash
	run: \|
	if [[ "$ENV" = "production" \|\| "$ENV" = "staging" ]]; then
	docker compose -f docker-compose.production.yml -p $PROJECT_NAME up -d --force-recreate
	fi
	if [[ "$ENV" = "review" \|\| "$ENV" = "testing" ]]; then
	exit 0;
	docker compose -f docker-compose.ci.yml -f docker-compose.prod.yml -p $PROJECT_NAME up -d --force-recreate ${{ needs.env-vars.outputs.basename }}
	fi
	- name: prune system
	run: docker system prune -f 2> /dev/null \|\| true
	- name: update deployment status
	uses: bobheadxi/deployments@v1
	if: ${{ always() && !env.ACT && github.event_name != 'pull_request' && needs.env-vars.outputs.env != 'review' }}
	with:
	step: finish
	token: ${{ secrets.GITHUB_TOKEN }}
	status: ${{ job.status }}
	env: ${{ steps.deployment.outputs.env }}
	env_url: https://${{ env.DEPLOY_URL }}
	deployment_id: ${{ steps.deployment.outputs.deployment_id }}
	- if: ${{ github.event.pull_request && github.event.action == 'opened' && !env.ACT }}
	name: comment deployment url to pr
	uses: mshick/add-pr-comment@v1
	with:
	message: I have deployed this PR to [${{ env.DEPLOY_URL }}](https://${{ env.DEPLOY_URL }}) 🚀
	repo-token: ${{ secrets.GITHUB_TOKEN }}

	teardown:
	runs-on: self-hosted
	if: ${{ github.event_name == 'pull_request' && github.event.action == 'closed' }}
	needs: env-vars
	steps:
	- name: import secrets
	id: s
	uses: hashicorp/[email protected]
	with:
	url: ${{ secrets.VAULT_URL }}
	token: ${{ secrets.VAULT_TOKEN }}
	method: token
	exportEnv: true
	secrets: \|
	kv/data/common docker_ca;
	kv/data/common docker_cert;
	kv/data/common docker_key;
	kv/data/common docker_host;
	- name: login to host
	uses: blennster/setup-docker-remote-tls@v4
	with:
	tls_key: ${{ steps.s.outputs.docker_key }}
	tls_ca: ${{ steps.s.outputs.docker_ca }}
	tls_cert: ${{ steps.s.outputs.docker_cert }}
	tcp_host: ${{ steps.s.outputs.docker_host }}:2376
	- name: check connection
	run: \|
	docker info
	docker compose version
	- name: checkout repo
	uses: actions/checkout@v3
	- name: stop container
	run: \|
	docker compose -f docker-compose.ci.yml -p ${{ needs.env-vars.outputs.project_name }} down 2> /dev/null \|\| true
	- if: ${{ !env.ACT }}
	name: comment deployment url to pr
	uses: mshick/add-pr-comment@v1
	with:
	message: I have removed this deploy now 😇
	repo-token: ${{ secrets.GITHUB_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix sizing and order #116

Workflow file

fix sizing and order #116

Jobs

Run details

Workflow file for this run