Skip to content

Add initial FHIR endpoint for CodeSystem by OID (#56) #26

Add initial FHIR endpoint for CodeSystem by OID (#56)

Add initial FHIR endpoint for CodeSystem by OID (#56) #26

Workflow file for this run

name: Deployment
on:
workflow_dispatch:
push:
branches:
- main
permissions:
id-token: write
jobs:
deploy:
name: Deploy phinvads-go
runs-on: ubuntu-latest
environment: main
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: "1.23.0"
- name: Azure CLI Login
uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Allow GitHub Runner IP
run: |
set -eu
agentIP=$(curl -s https://api.ipify.org/)
az network nsg rule create \
--resource-group phinvads-go \
--nsg-name phinvads-go-nsg \
--name AllowSSHFromGitHubActions \
--priority 200 \
--direction Inbound \
--access Allow \
--protocol Tcp \
--destination-port-ranges 22 \
--source-address-prefixes $agentIP \
--destination-address-prefixes '*' \
--description "Allow SSH from GitHub Actions"
sleep 3
- name: Write SSH key to file
env:
AZURE_VM_SSH_KEY: ${{ secrets.AZURE_VM_SSH_KEY }}
run: |
install -m 600 -D /dev/null ~/.ssh/phinvads-go
echo "${{ secrets.AZURE_VM_SSH_KEY }}" > ~/.ssh/phinvads-go
echo "IdentityFile /home/runner/.ssh/phinvads-go" >> ~/.ssh/config
- name: Build phinvads-go
run: |
go install github.com/a-h/templ/cmd/templ@latest
templ generate
go build -o phinvads-go ./cmd/phinvads-go
- name: Deploy phinvads-go to VM
env:
AZURE_VM_IP: ${{ secrets.AZURE_VM_IP }}
run: |
ssh -o StrictHostKeyChecking=accept-new azureuser@${AZURE_VM_IP} "sudo systemctl stop phinvads-go"
scp ./phinvads-go azureuser@${AZURE_VM_IP}:/home/azureuser/phinvads-go
scp ./remote/production/phinvads-go.service azureuser@${AZURE_VM_IP}:/home/azureuser/phinvads-go.service
ssh azureuser@${AZURE_VM_IP} "sudo mv phinvads-go.service /etc/systemd/system/phinvads-go.service && sudo systemctl enable phinvads-go && sudo systemctl restart phinvads-go"
- name: Disallow GitHub Runner IP
if: always()
run: |
set -eu
agentIP=$(curl -s https://api.ipify.org/)
az network nsg rule delete \
--resource-group phinvads-go \
--nsg-name phinvads-go-nsg \
--name AllowSSHFromGitHubActions