-
Notifications
You must be signed in to change notification settings - Fork 0
105 lines (95 loc) · 4.3 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
name: Deploy to AWS
on:
workflow_run:
workflows: ["CI Pipeline"]
types:
- completed # Trigger deploy when CI has completed
push:
branches:
- main
paths:
- 'backend/**' # Trigger only on changes in the backend directory
jobs:
deploy:
runs-on: ubuntu-latest
environment: backend-aws
if: ${{ github.event.workflow_run.conclusion == 'success' }} # Only run if CI succeeds
steps:
# Checkout the repository
- name: Checkout Code
uses: actions/checkout@v2
# Check if there are changes in the backend directory
- name: Check for Changes in Backend
id: check_changes
run: |
git diff --exit-code --quiet backend/ || echo "Changes detected in backend directory" > changes.log
# Skip deploy if no changes in backend
- name: Skip deploy if no changes in backend
if: ${{ steps.check_changes.outputs.changes == 'no' }}
run: echo "No changes detected in the backend directory, skipping deploy."
# Set up SSH Key for EC2 Access
- name: Set Up SSH
env:
SSH_KEY: ${{ secrets.EC2_SSH_KEY }}
run: |
mkdir -p ~/.ssh
echo "$SSH_KEY" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
echo "SSH Key has been set up successfully"
# Copy backend files to EC2
- name: Deploy Application to EC2
env:
EC2_USER: ${{ secrets.EC2_USER }}
EC2_HOST: ${{ secrets.EC2_HOST }}
run: |
echo "Testing SSH Connection..."
ssh -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST "echo 'Connected'"
echo "Copying files to EC2..."
scp -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa \
-r backend/ \
$EC2_USER@$EC2_HOST:~/job-application-tracker/backend/
# Create .env file on EC2
- name: Configure Environment Variables
env:
EC2_USER: ${{ secrets.EC2_USER }}
EC2_HOST: ${{ secrets.EC2_HOST }}
APP_URL: ${{ secrets.APP_URL }}
PORT: ${{ secrets.PORT }}
ALLOWED_ORIGINS: ${{ secrets.ALLOWED_ORIGINS }}
DB_USER: ${{ secrets.DB_USER }}
DB_PASS: ${{ secrets.DB_PASS }}
GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
KEY_STORE_PASS: ${{ secrets.KEY_STORE_PASS }}
KEY_STORE_ALIAS: ${{ secrets.KEY_STORE_ALIAS }}
MAIL_HOST: ${{ secrets.MAIL_HOST }}
MAIL_PORT: ${{ secrets.MAIL_PORT }}
MAIL_USER: ${{ secrets.MAIL_USER }}
MAIL_PASS: ${{ secrets.MAIL_PASS }}
TURNSTILE_SECRET: ${{ secrets.TURNSTILE_SECRET }}
run: |
echo "Configuring environment variables on EC2..."
ssh -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST "mkdir -p ~/job-application-tracker/backend/ && \
echo 'APP_URL=${APP_URL}' > ~/job-application-tracker/backend/.env && \
echo 'PORT=${PORT}' >> ~/job-application-tracker/backend/.env && \
echo 'ALLOWED_ORIGINS=${ALLOWED_ORIGINS}' >> ~/job-application-tracker/backend/.env && \
echo 'DB_USER=${DB_USER}' >> ~/job-application-tracker/backend/.env && \
echo 'DB_PASS="${DB_PASS}"' >> ~/job-application-tracker/backend/.env && \
echo 'GEMINI_API_KEY=${GEMINI_API_KEY}' >> ~/job-application-tracker/backend/.env && \
echo 'KEY_STORE_PASS=${KEY_STORE_PASS}' >> ~/job-application-tracker/backend/.env && \
echo 'KEY_STORE_ALIAS=${KEY_STORE_ALIAS}' >> ~/job-application-tracker/backend/.env && \
echo 'MAIL_HOST=${MAIL_HOST}' >> ~/job-application-tracker/backend/.env && \
echo 'MAIL_PORT=${MAIL_PORT}' >> ~/job-application-tracker/backend/.env && \
echo 'MAIL_USER=${MAIL_USER}' >> ~/job-application-tracker/backend/.env && \
echo 'MAIL_PASS=${MAIL_PASS}' >> ~/job-application-tracker/backend/.env && \
echo 'TURNSTILE_SECRET=${TURNSTILE_SECRET}' >> ~/job-application-tracker/backend/.env"
# Start Application on EC2
- name: Start Application
env:
EC2_USER: ${{ secrets.EC2_USER }}
EC2_HOST: ${{ secrets.EC2_HOST }}
run: |
ssh -o StrictHostKeyChecking=no $EC2_USER@$EC2_HOST << 'EOF'
cd ~/job-application-tracker/backend
docker-compose down || true
docker-compose up --build -d
EOF