DB_PASS is quoted to preserve special characters #18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to AWS | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
environment: backend-aws | |
steps: | |
# Checkout the repository | |
- name: Checkout Code | |
uses: actions/checkout@v2 | |
# Set up SSH Key for EC2 Access | |
- name: Set Up SSH | |
env: | |
SSH_KEY: ${{ secrets.EC2_SSH_KEY }} | |
run: | | |
mkdir -p ~/.ssh | |
echo "$SSH_KEY" > ~/.ssh/id_rsa | |
chmod 600 ~/.ssh/id_rsa | |
echo "SSH Key has been set up successfully" | |
# Debug Secrets | |
- name: Debug Secrets | |
run: | | |
echo "APP_URL=${{ secrets.APP_URL }}" | |
echo "EC2_USER=${{ secrets.EC2_USER }}" | |
echo "EC2_HOST=${{ secrets.EC2_HOST }}" | |
echo "AWS_DEFAULT_REGION=${{ secrets.AWS_DEFAULT_REGION }}" | |
# Copy backend files to EC2 | |
- name: Deploy Application to EC2 | |
env: | |
EC2_USER: ${{ secrets.EC2_USER }} | |
EC2_HOST: ${{ secrets.EC2_HOST }} | |
run: | | |
echo "Testing SSH Connection..." | |
ssh -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST "echo 'Connected'" | |
echo "Copying files to EC2..." | |
scp -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa \ | |
-r backend/ \ | |
$EC2_USER@$EC2_HOST:~/job-application-tracker/backend/ | |
# Create .env file on EC2 | |
- name: Configure Environment Variables | |
env: | |
EC2_USER: ${{ secrets.EC2_USER }} | |
EC2_HOST: ${{ secrets.EC2_HOST }} | |
APP_URL: ${{ secrets.APP_URL }} | |
PORT: ${{ secrets.PORT }} | |
ALLOWED_ORIGINS: ${{ secrets.ALLOWED_ORIGINS }} | |
DB_USER: ${{ secrets.DB_USER }} | |
DB_PASS: ${{ secrets.DB_PASS }} | |
GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }} | |
KEY_STORE_PASS: ${{ secrets.KEY_STORE_PASS }} | |
KEY_STORE_ALIAS: ${{ secrets.KEY_STORE_ALIAS }} | |
MAIL_HOST: ${{ secrets.MAIL_HOST }} | |
MAIL_PORT: ${{ secrets.MAIL_PORT }} | |
MAIL_USER: ${{ secrets.MAIL_USER }} | |
MAIL_PASS: ${{ secrets.MAIL_PASS }} | |
TURNSTILE_SECRET: ${{ secrets.TURNSTILE_SECRET }} | |
run: | | |
echo "Configuring environment variables on EC2..." | |
ssh -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST "mkdir -p ~/job-application-tracker/backend/ && \ | |
echo 'APP_URL=${APP_URL}' > ~/job-application-tracker/backend/.env && \ | |
echo 'PORT=${PORT}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'ALLOWED_ORIGINS=${ALLOWED_ORIGINS}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'DB_USER=${DB_USER}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'DB_PASS="${DB_PASS}"' >> ~/job-application-tracker/backend/.env && \ | |
echo 'GEMINI_API_KEY=${GEMINI_API_KEY}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'KEY_STORE_PASS=${KEY_STORE_PASS}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'KEY_STORE_ALIAS=${KEY_STORE_ALIAS}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'MAIL_HOST=${MAIL_HOST}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'MAIL_PORT=${MAIL_PORT}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'MAIL_USER=${MAIL_USER}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'MAIL_PASS=${MAIL_PASS}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'TURNSTILE_SECRET=${TURNSTILE_SECRET}' >> ~/job-application-tracker/backend/.env" | |
# Start Application on EC2 | |
- name: Start Application | |
env: | |
EC2_USER: ${{ secrets.EC2_USER }} | |
EC2_HOST: ${{ secrets.EC2_HOST }} | |
run: | | |
ssh -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST << 'EOF' | |
cd ~/job-application-tracker/backend | |
docker-compose down || true | |
docker-compose up --build -d | |
EOF | |