Dockerize and set up deploy workflow (#4)

* Dockerize

* Set up deploy workflow (WIP)

* Move env to root

* Log values (temporary)

* Exit script after fetching config (test)

* Add deploy step (work-in-progress)

* Fix attempt

* Create project folder if it doesn't exist

* Authenticate to the registry

* Re-enable bot but force dry run

* Simplify syntax

* Rollback

* Deploy on push to master branch

* Ignore more folders

* Rollback forcing of dry run

* Store config file name in env variable

* Set a container name

.dockerignore

@@ -0,0 +1,20 @@
+# Include any files or directories that you don't want to be copied to your
+# container here (e.g., local build artifacts, temporary files, etc.).
+#
+# For more help, visit the .dockerignore file reference guide at
+# https://docs.docker.com/go/build-context-dockerignore/
+
+**/.dockerignore
+**/.env
+**/.git
+**/.github
+**/.gitignore
+.idea
+5m5v-config.yaml*
+compose.yaml
+Dockerfile
+LICENSE
+node_modules
+README.md
+test
+yarn-error.log

.github/workflows/deploy.yaml

@@ -0,0 +1,66 @@
+name: Deploy
+
+on:
+  push:
+    branches:
+      - master
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+  SERVICE_NAME: 5m5v-bot
+  DEPLOY_HOST: 206.189.96.198
+  DEPLOY_USER: deploy
+  CONFIG_FILE: 5m5v-config.yaml
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Deploy bot to Docker droplet
+        run: >
+          eval `ssh-agent -s` &&
+          ssh-add - <<< "${{ secrets.DEPLOY_PRIVATE_KEY }}" &&
+          ssh -o StrictHostKeyChecking=no ${DEPLOY_USER}@${DEPLOY_HOST} -C
+          "
+          mkdir -p \${HOME}/${SERVICE_NAME} &&
+          echo \"${{ secrets.BOT_CONFIG }}\" > \${HOME}/${SERVICE_NAME}/${CONFIG_FILE} &&
+          echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin &&
+          docker pull ${{ steps.meta.outputs.tags }} &&
+          docker rm -f ${SERVICE_NAME} &&
+          docker run -d \
+            -v \${HOME}/${SERVICE_NAME}/${CONFIG_FILE}:/usr/src/app/${CONFIG_FILE} \
+            --restart always \
+            --name ${SERVICE_NAME} \
+            ${{ steps.meta.outputs.tags }}
+          "

Dockerfile

@@ -0,0 +1,20 @@
+# syntax=docker/dockerfile:1
+
+ARG NODE_VERSION=20.11.1
+
+FROM node:${NODE_VERSION}-alpine
+
+ENV NODE_ENV production
+
+WORKDIR /usr/src/app
+
+RUN --mount=type=bind,source=package.json,target=package.json \
+    --mount=type=bind,source=yarn.lock,target=yarn.lock \
+    --mount=type=cache,target=/root/.yarn \
+    yarn install --production --frozen-lockfile
+
+USER node
+
+COPY . .
+
+CMD node .

compose.yaml

@@ -0,0 +1,7 @@
+services:
+  bot:
+    build:
+      context: .
+    volumes:
+        - '.:/usr/src/app'
+    container_name: bot