generated from vincent/template-projet
53 lines
1.8 KiB
YAML
53 lines
1.8 KiB
YAML
name: Deploy
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- dev
|
|
- main
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set environment
|
|
id: env
|
|
run: |
|
|
if [ "${{ github.ref_name }}" = "main" ]; then
|
|
echo "COMPOSE_FILE=docker/docker-compose.prod.yml" >> $GITHUB_OUTPUT
|
|
echo "PROJECT_PATH=/volume1/docker/auditshield-prod" >> $GITHUB_OUTPUT
|
|
else
|
|
echo "COMPOSE_FILE=docker/docker-compose.yml" >> $GITHUB_OUTPUT
|
|
echo "PROJECT_PATH=/volume1/docker/auditshield-dev" >> $GITHUB_OUTPUT
|
|
fi
|
|
|
|
- name: Setup SSH key
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
echo "${{ secrets.NAS_SSH_KEY }}" > ~/.ssh/nas_key
|
|
chmod 600 ~/.ssh/nas_key
|
|
ssh-keyscan -p 22 ${{ secrets.NAS_HOST }} >> ~/.ssh/known_hosts
|
|
|
|
- name: Copy files to NAS
|
|
run: |
|
|
ssh -i ~/.ssh/nas_key root@${{ secrets.NAS_HOST }} "mkdir -p ${{ steps.env.outputs.PROJECT_PATH }}"
|
|
rsync -avz --exclude='.git' --exclude='node_modules' --exclude='.env' \
|
|
-e "ssh -i ~/.ssh/nas_key" \
|
|
./ root@${{ secrets.NAS_HOST }}:${{ steps.env.outputs.PROJECT_PATH }}/
|
|
|
|
- name: Copy env file
|
|
run: |
|
|
ssh -i ~/.ssh/nas_key root@${{ secrets.NAS_HOST }} \
|
|
"cd ${{ steps.env.outputs.PROJECT_PATH }} && cp .env.example .env 2>/dev/null || true"
|
|
|
|
- name: Deploy
|
|
run: |
|
|
ssh -i ~/.ssh/nas_key root@${{ secrets.NAS_HOST }} << 'ENDSSH'
|
|
cd ${{ steps.env.outputs.PROJECT_PATH }}
|
|
/usr/local/bin/docker compose -f ${{ steps.env.outputs.COMPOSE_FILE }} up -d --build --remove-orphans
|
|
/usr/local/bin/docker image prune -f
|
|
ENDSSH
|