Deploy to AWS #27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to AWS | |
on: | |
workflow_run: | |
workflows: ["CI Pipeline"] | |
types: | |
- completed # Trigger deploy when CI has completed | |
#push: | |
# branches: | |
#- main | |
# paths: | |
# - 'backend/**' # Trigger only on changes in the backend directory | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
environment: backend-aws | |
if: ${{ github.event.workflow_run.conclusion == 'success' }} # Only run if CI succeeds | |
steps: | |
# Checkout the repository | |
- name: Checkout Code | |
uses: actions/checkout@v2 | |
# Check if there are changes in the backend directory | |
- name: Check for Changes in Backend | |
id: check_changes | |
run: | | |
git diff --exit-code --quiet backend/ | |
echo "changes=$(if [ $? -eq 0 ]; then echo 'no'; else echo 'yes'; fi)" >> $GITHUB_ENV | |
# Skip deploy if no changes in backend | |
- name: Skip deploy if no changes in backend | |
if: ${{ env.changes == 'no' }} | |
run: echo "No changes detected in the backend directory, skipping deploy." | |
# Set up SSH Key for EC2 Access | |
- name: Set Up SSH | |
if: ${{ env.changes == 'yes' }} | |
env: | |
SSH_KEY: ${{ secrets.EC2_SSH_KEY }} | |
run: | | |
mkdir -p ~/.ssh | |
echo "$SSH_KEY" > ~/.ssh/id_rsa | |
chmod 600 ~/.ssh/id_rsa | |
echo "SSH Key has been set up successfully" | |
# Copy backend files to EC2 | |
- name: Deploy Application to EC2 | |
if: ${{ env.changes == 'yes' }} | |
env: | |
EC2_USER: ${{ secrets.EC2_USER }} | |
EC2_HOST: ${{ secrets.EC2_HOST }} | |
run: | | |
echo "Testing SSH Connection..." | |
ssh -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST "echo 'Connected'" | |
echo "Copying files to EC2..." | |
scp -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa \ | |
-r backend/ \ | |
$EC2_USER@$EC2_HOST:~/job-application-tracker/backend/ | |
# Create .env file on EC2 | |
- name: Configure Environment Variables | |
if: ${{ env.changes == 'yes' }} | |
env: | |
EC2_USER: ${{ secrets.EC2_USER }} | |
EC2_HOST: ${{ secrets.EC2_HOST }} | |
APP_URL: ${{ secrets.APP_URL }} | |
PORT: ${{ secrets.PORT }} | |
ALLOWED_ORIGINS: ${{ secrets.ALLOWED_ORIGINS }} | |
DB_USER: ${{ secrets.DB_USER }} | |
DB_PASS: ${{ secrets.DB_PASS }} | |
GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }} | |
KEY_STORE_PASS: ${{ secrets.KEY_STORE_PASS }} | |
KEY_STORE_ALIAS: ${{ secrets.KEY_STORE_ALIAS }} | |
MAIL_HOST: ${{ secrets.MAIL_HOST }} | |
MAIL_PORT: ${{ secrets.MAIL_PORT }} | |
MAIL_USER: ${{ secrets.MAIL_USER }} | |
MAIL_PASS: ${{ secrets.MAIL_PASS }} | |
TURNSTILE_SECRET: ${{ secrets.TURNSTILE_SECRET }} | |
run: | | |
echo "Configuring environment variables on EC2..." | |
ssh -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST "mkdir -p ~/job-application-tracker/backend/ && \ | |
echo 'APP_URL=${APP_URL}' > ~/job-application-tracker/backend/.env && \ | |
echo 'PORT=${PORT}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'ALLOWED_ORIGINS=${ALLOWED_ORIGINS}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'DB_USER=${DB_USER}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'DB_PASS="${DB_PASS}"' >> ~/job-application-tracker/backend/.env && \ | |
echo 'GEMINI_API_KEY=${GEMINI_API_KEY}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'KEY_STORE_PASS=${KEY_STORE_PASS}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'KEY_STORE_ALIAS=${KEY_STORE_ALIAS}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'MAIL_HOST=${MAIL_HOST}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'MAIL_PORT=${MAIL_PORT}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'MAIL_USER=${MAIL_USER}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'MAIL_PASS=${MAIL_PASS}' >> ~/job-application-tracker/backend/.env && \ | |
echo 'TURNSTILE_SECRET=${TURNSTILE_SECRET}' >> ~/job-application-tracker/backend/.env" | |
# Start Application on EC2 | |
- name: Start Application | |
if: ${{ env.changes == 'yes' }} | |
env: | |
EC2_USER: ${{ secrets.EC2_USER }} | |
EC2_HOST: ${{ secrets.EC2_HOST }} | |
run: | | |
ssh -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST << 'EOF' | |
cd ~/job-application-tracker/backend | |
docker-compose down || true | |
docker-compose up --build -d | |
EOF | |