mirror of
https://github.com/r-freeman/portfolio.git
synced 2025-06-27 18:30:20 +00:00
Simplify build and publish workflow
All checks were successful
Build And Publish / BuildAndPublish (push) Successful in 2m17s
All checks were successful
Build And Publish / BuildAndPublish (push) Successful in 2m17s
This commit is contained in:
parent
4abb9cb689
commit
018d10643f
@ -1,8 +1,6 @@
|
|||||||
name: Build And Publish
|
name: Build And Publish
|
||||||
run-name: ${{ gitea.actor }} runs ci pipeline
|
run-name: ${{ gitea.actor }} runs ci pipeline
|
||||||
on:
|
on:
|
||||||
# schedule:
|
|
||||||
# - cron: '59 23 * * *'
|
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- 'main'
|
- 'main'
|
||||||
@ -14,36 +12,40 @@ jobs:
|
|||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: https://github.com/actions/checkout@v4
|
uses: https://github.com/actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Generate env
|
||||||
|
run: ./generate_env.sh
|
||||||
|
env:
|
||||||
|
NEXT_PUBLIC_SITE_URL: ${{ secrets.NEXT_PUBLIC_SITE_URL }}
|
||||||
|
GITHUB_ACCESS_TOKEN: ${{ secrets._GITHUB_ACCESS_TOKEN }}
|
||||||
|
GITHUB_USER_ID: ${{ secrets._GITHUB_USER_ID }}
|
||||||
|
GITHUB_USERNAME: ${{ secrets._GITHUB_USERNAME }}
|
||||||
|
GITHUB_CLIENT_ID: ${{ secrets._GITHUB_CLIENT_ID }}
|
||||||
|
GITHUB_SECRET: ${{ secrets._GITHUB_SECRET }}
|
||||||
|
NEXT_PUBLIC_SUPABASE_URL: ${{ secrets.NEXT_PUBLIC_SUPABASE_URL }}
|
||||||
|
NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY }}
|
||||||
|
SUPABASE_SERVICE_ROLE_KEY: ${{ secrets.SUPABASE_SERVICE_ROLE_KEY }}
|
||||||
|
AUTH_SECRET: ${{ secrets.AUTH_SECRET }}
|
||||||
|
AUTH_TRUST_HOST: ${{ secrets.AUTH_TRUST_HOST }}
|
||||||
|
AUTH_REDIRECT_PROXY_URL: ${{ secrets.AUTH_REDIRECT_PROXY_URL }}
|
||||||
|
NTFY_URL: ${{ secrets.NTFY_URL }}
|
||||||
|
NTFY_TOKEN: ${{ secrets.NTFY_TOKEN }}
|
||||||
|
LISTMONK_URL: ${{ secrets.LISTMONK_URL }}
|
||||||
|
LISTMONK_LIST_ID: ${{ secrets.LISTMONK_LIST_ID }}
|
||||||
|
LISTMONK_USERNAME: ${{ secrets.LISTMONK_USERNAME }}
|
||||||
|
LISTMONK_TOKEN: ${{ secrets.LISTMONK_TOKEN }}
|
||||||
|
|
||||||
- name: Use Node.js
|
- name: Use Node.js
|
||||||
uses: https://github.com/actions/setup-node@v3
|
uses: https://github.com/actions/setup-node@v3
|
||||||
with:
|
with:
|
||||||
node-version: '18.17.0'
|
node-version: '18.17.0'
|
||||||
|
|
||||||
- name: Decrypt secrets
|
- name: Build Docker image
|
||||||
run: ./decrypt_secrets.sh
|
|
||||||
env:
|
|
||||||
SECRET_PASSPHRASE: ${{ secrets.SECRET_PASSPHRASE }}
|
|
||||||
|
|
||||||
- name: Login to Docker Hub
|
|
||||||
uses: docker/login-action@v3
|
|
||||||
with:
|
|
||||||
username: ${{secrets.DOCKER_HUB_USERNAME}}
|
|
||||||
password: ${{secrets.DOCKER_HUB_PASSWORD}}
|
|
||||||
|
|
||||||
- name: Set up Docker Buildx
|
|
||||||
uses: https://github.com/docker/setup-buildx-action@v3
|
|
||||||
with:
|
|
||||||
config-inline: |
|
|
||||||
[registry."docker.io"]
|
|
||||||
mirrors = ["mirror.gcr.io"]
|
|
||||||
|
|
||||||
- name: Build and push Docker image
|
|
||||||
uses: https://github.com/docker/build-push-action@v6
|
uses: https://github.com/docker/build-push-action@v6
|
||||||
with:
|
with:
|
||||||
context: .
|
context: .
|
||||||
file: ./Dockerfile
|
file: ./Dockerfile
|
||||||
push: true
|
push: false
|
||||||
tags: ${{secrets.DOCKER_HUB_USERNAME}}/${{vars.REPO_NAME}}:latest
|
tags: ${{vars.REPO_NAME}}:latest
|
||||||
|
|
||||||
- name: Stop and remove old Docker container
|
- name: Stop and remove old Docker container
|
||||||
continue-on-error: true
|
continue-on-error: true
|
||||||
@ -53,9 +55,8 @@ jobs:
|
|||||||
|
|
||||||
- name: Pull new image and start Docker container
|
- name: Pull new image and start Docker container
|
||||||
run: |
|
run: |
|
||||||
sudo docker pull ${{secrets.DOCKER_HUB_USERNAME}}/${{vars.REPO_NAME}}:latest
|
|
||||||
sudo docker run -d --restart unless-stopped \
|
sudo docker run -d --restart unless-stopped \
|
||||||
--env-file ./.env \
|
--env-file ./.env \
|
||||||
--name ${{vars.REPO_NAME}} \
|
--name ${{vars.REPO_NAME}} \
|
||||||
-p ${{vars.SERVER_IP}}:3000:3000 \
|
-p ${{vars.SERVER_IP}}:3000:3000 \
|
||||||
${{secrets.DOCKER_HUB_USERNAME}}/${{vars.REPO_NAME}}:latest
|
${{vars.REPO_NAME}}:latest
|
||||||
@ -1,5 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
|
|
||||||
# --batch to prevent interactive command
|
|
||||||
# --yes to assume "yes" for questions
|
|
||||||
gpg --quiet --batch --yes --decrypt --passphrase="$SECRET_PASSPHRASE" --output ./.env ./.env.gpg
|
|
||||||
22
generate_env.sh
Executable file
22
generate_env.sh
Executable file
@ -0,0 +1,22 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
cat > .env <<EOF
|
||||||
|
NEXT_PUBLIC_SITE_URL=${NEXT_PUBLIC_SITE_URL}
|
||||||
|
GITHUB_ACCESS_TOKEN=${GITHUB_ACCESS_TOKEN}
|
||||||
|
GITHUB_USER_ID=${GITHUB_USER_ID}
|
||||||
|
GITHUB_USERNAME=${GITHUB_USERNAME}
|
||||||
|
GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID}
|
||||||
|
GITHUB_SECRET=${GITHUB_SECRET}
|
||||||
|
NEXT_PUBLIC_SUPABASE_URL=${NEXT_PUBLIC_SUPABASE_URL}
|
||||||
|
NEXT_PUBLIC_SUPABASE_ANON_KEY=${NEXT_PUBLIC_SUPABASE_ANON_KEY}
|
||||||
|
SUPABASE_SERVICE_ROLE_KEY=${SUPABASE_SERVICE_ROLE_KEY}
|
||||||
|
AUTH_SECRET="${AUTH_SECRET}"
|
||||||
|
AUTH_TRUST_HOST=${AUTH_TRUST_HOST}
|
||||||
|
AUTH_REDIRECT_PROXY_URL=${AUTH_REDIRECT_PROXY_URL}
|
||||||
|
NTFY_URL=${NTFY_URL}
|
||||||
|
NTFY_TOKEN=${NTFY_TOKEN}
|
||||||
|
LISTMONK_URL=${LISTMONK_URL}
|
||||||
|
LISTMONK_LIST_ID=${LISTMONK_LIST_ID}
|
||||||
|
LISTMONK_USERNAME=${LISTMONK_USERNAME}
|
||||||
|
LISTMONK_TOKEN=${LISTMONK_TOKEN}
|
||||||
|
EOF
|
||||||
Loading…
x
Reference in New Issue
Block a user