Skip to content

Deploy to AWS

Deploy to AWS #26

Workflow file for this run

name: Deploy to AWS
on:
workflow_run:
workflows: ["CI Pipeline"]
types:
- completed # Trigger deploy when CI has completed
#push:
# branches:
#- main
# paths:
# - 'backend/**' # Trigger only on changes in the backend directory
jobs:
deploy:
runs-on: ubuntu-latest
environment: backend-aws
if: ${{ github.event.workflow_run.conclusion == 'success' }} # Only run if CI succeeds
steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v2
# Check if there are changes in the backend directory
- name: Check for Changes in Backend
id: check_changes
run: |
git diff --exit-code --quiet backend/
echo "changes=$(if [ $? -eq 0 ]; then echo 'no'; else echo 'yes'; fi)" >> $GITHUB_ENV
# Skip deploy if no changes in backend
- name: Skip deploy if no changes in backend
if: ${{ env.changes == 'no' }}
run: echo "No changes detected in the backend directory, skipping deploy."
# Set up SSH Key for EC2 Access
- name: Set Up SSH
if: ${{ env.changes == 'yes' }}
env:
SSH_KEY: ${{ secrets.EC2_SSH_KEY }}
run: |
mkdir -p ~/.ssh
echo "$SSH_KEY" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
echo "SSH Key has been set up successfully"
# Copy backend files to EC2
- name: Deploy Application to EC2
if: ${{ env.changes == 'yes' }}
env:
EC2_USER: ${{ secrets.EC2_USER }}
EC2_HOST: ${{ secrets.EC2_HOST }}
run: |
echo "Testing SSH Connection..."
ssh -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST "echo 'Connected'"
echo "Copying files to EC2..."
scp -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa \
-r backend/ \
$EC2_USER@$EC2_HOST:~/job-application-tracker/backend/
# Create .env file on EC2
- name: Configure Environment Variables
if: ${{ env.changes == 'yes' }}
env:
EC2_USER: ${{ secrets.EC2_USER }}
EC2_HOST: ${{ secrets.EC2_HOST }}
APP_URL: ${{ secrets.APP_URL }}
PORT: ${{ secrets.PORT }}
ALLOWED_ORIGINS: ${{ secrets.ALLOWED_ORIGINS }}
DB_USER: ${{ secrets.DB_USER }}
DB_PASS: ${{ secrets.DB_PASS }}
GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
KEY_STORE_PASS: ${{ secrets.KEY_STORE_PASS }}
KEY_STORE_ALIAS: ${{ secrets.KEY_STORE_ALIAS }}
MAIL_HOST: ${{ secrets.MAIL_HOST }}
MAIL_PORT: ${{ secrets.MAIL_PORT }}
MAIL_USER: ${{ secrets.MAIL_USER }}
MAIL_PASS: ${{ secrets.MAIL_PASS }}
TURNSTILE_SECRET: ${{ secrets.TURNSTILE_SECRET }}
run: |
echo "Configuring environment variables on EC2..."
ssh -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST "mkdir -p ~/job-application-tracker/backend/ && \
echo 'APP_URL=${APP_URL}' > ~/job-application-tracker/backend/.env && \
echo 'PORT=${PORT}' >> ~/job-application-tracker/backend/.env && \
echo 'ALLOWED_ORIGINS=${ALLOWED_ORIGINS}' >> ~/job-application-tracker/backend/.env && \
echo 'DB_USER=${DB_USER}' >> ~/job-application-tracker/backend/.env && \
echo 'DB_PASS="${DB_PASS}"' >> ~/job-application-tracker/backend/.env && \
echo 'GEMINI_API_KEY=${GEMINI_API_KEY}' >> ~/job-application-tracker/backend/.env && \
echo 'KEY_STORE_PASS=${KEY_STORE_PASS}' >> ~/job-application-tracker/backend/.env && \
echo 'KEY_STORE_ALIAS=${KEY_STORE_ALIAS}' >> ~/job-application-tracker/backend/.env && \
echo 'MAIL_HOST=${MAIL_HOST}' >> ~/job-application-tracker/backend/.env && \
echo 'MAIL_PORT=${MAIL_PORT}' >> ~/job-application-tracker/backend/.env && \
echo 'MAIL_USER=${MAIL_USER}' >> ~/job-application-tracker/backend/.env && \
echo 'MAIL_PASS=${MAIL_PASS}' >> ~/job-application-tracker/backend/.env && \
echo 'TURNSTILE_SECRET=${TURNSTILE_SECRET}' >> ~/job-application-tracker/backend/.env"
# Start Application on EC2
- name: Start Application
if: ${{ env.changes == 'yes' }}
env:
EC2_USER: ${{ secrets.EC2_USER }}
EC2_HOST: ${{ secrets.EC2_HOST }}
run: |
ssh -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST << 'EOF'
cd ~/job-application-tracker/backend
docker-compose down || true
docker-compose up --build -d
EOF