Skip to content

Merge pull request #29 from interflux-electronics/feature/event-website #311

Merge pull request #29 from interflux-electronics/feature/event-website

Merge pull request #29 from interflux-electronics/feature/event-website #311

Workflow file for this run

---
name: Continuous Deployment
on:
push:
branches:
- "production"
jobs:
test:
name: Test
runs-on: ubuntu-latest
services:
postgres:
image: postgres:11
ports: ["5432:5432"]
env:
POSTGRES_USER: bot
POSTGRES_DB: interflux_test
POSTGRES_PASSWORD: password
env:
RAILS_ENV: test
PG_HOST: localhost
PG_USER: bot
PG_DATABASE: interflux_test
PG_PASSWORD: password
JWT_SECRET: ${{ secrets.TEST_JWT_SECRET }}
IP_GEO_API_KEY: ${{ secrets.TEST_IP_GEO_API_KEY }}
steps:
- uses: actions/checkout@v2
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- run: bin/rails db:create
- run: bin/rails db:schema:load
- run: bin/rails test --verbose
deploy:
name: Deploy
runs-on: ubuntu-latest
needs: test
env:
SSH: ${{ secrets.FRANKFURT_SSH }}
URL: [email protected]
ROOT: /var/www/rails.api.interflux.com
steps:
# Clone the repo to the worker server
- uses: actions/checkout@v2
# Create directory for SSH
- run: mkdir ~/.ssh
# Add the private key of the restricted bot user on the remote server
- run: 'echo "$SSH" > ~/.ssh/$URL'
# Configure SSH to always use the custom key, so we don't have to do ssh -i
- run: 'echo "IdentityFile ~/.ssh/$URL" > ~/.ssh/config'
# Add the remote server to trusted hosts
- run: ssh-keyscan -H frankfurt.server.interflux.com > ~/.ssh/known_hosts
# Set all SSH file permissions
- run: chmod 0755 ~/.ssh/; chmod 600 ~/.ssh/$URL; chmod 644 ~/.ssh/known_hosts
# Create time stamp
- run: echo "TIMESTAMP=$(date -u +"%Y-%m-%d-%H%M%S")-UTC" >> $GITHUB_ENV
# Back up the database
- run: ssh $URL "cd $ROOT; bin/rails db:data:dump_dir dir=backups/production-$TIMESTAMP"
# Pull the latest production code
- run: ssh $URL "cd $ROOT; git checkout production; git pull"
# Install Ruby
- run: ssh $URL "cd $ROOT; rbenv install --skip-existing"
# Install Bundler
- run: ssh $URL "cd $ROOT; gem install bundler -v \"$(grep -A 1 "BUNDLED WITH" Gemfile.lock | tail -n 1)\""
# Install gems
- run: ssh $URL "cd $ROOT; bundle install"
# Migrate database
- run: ssh $URL "cd $ROOT; bin/rails db:migrate"
# Restart Puma
- run: ssh $URL "cd $ROOT; bin/pumactl -F config/puma/production.rb -T '12345' stop; bin/pumactl -F config/puma/production.rb -T '12345' start"
# Hit the sanity endpoint of the Interflux backend and interpret the data sent back
- run: 'echo "JSON=$(curl --silent https://rails.api.interflux.com/sanity-check -H ''Content-Type: application/vnd.api+json'')" >> $GITHUB_ENV'
- run: echo "STATUS=${{ fromJson(env.JSON).status }}" >> $GITHUB_ENV
- run: echo "REMOTE_REVISION=${{ fromJson(env.JSON).build.git.revision }}" >> $GITHUB_ENV
- run: echo "LOCAL_REVISION=$(echo $GITHUB_SHA | cut -c 1-7)" >> $GITHUB_ENV
# Fail the work flow, something is wrong.
- name: "Sanity check: FAIL"
if: env.REMOTE_REVISION != env.LOCAL_REVISION || env.STATUS != 200
run: exit -1
# All green, deploy was successful!
- name: "Sanity check: PASS"
if: env.REMOTE_REVISION == env.LOCAL_REVISION && env.STATUS == 200
run: exit 0