diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 5e0c01d..a5ac71d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -182,14 +182,98 @@ jobs: run: | pytest ./tests - - dev_deploy: - needs: [test, lint, test_build] + + + build_dev_image: + needs: [ test, lint, test_build ] runs-on: ubuntu-latest - name: "Deploy dev" + name: "Build dev image" + if: ${{ success() && github.actor != 'dependabot[bot]' }} + outputs: + image_tag: ${{ steps.get_tag.outputs.DOCKER_TAG }} steps: - - name: Hello + - name: Checkout + uses: actions/checkout@v2.4.0 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ github.token }} + + - name: Get tag for docker image + id: get_tag run: | - echo "Hello World!" - - + DOCKER_TAG=ghcr.io/${{ github.repository }}:main + DOCKER_TAG=${DOCKER_TAG,,} + echo ::set-output name=DOCKER_TAG::"${DOCKER_TAG}" + + - name: Build the Docker image + run: | + docker build . --tag ${{ steps.get_tag.outputs.DOCKER_TAG }} + + - name: Push the Docker image to GitHub Container Registry + run: | + docker push ${{ steps.get_tag.outputs.DOCKER_TAG }} + + + deploy_dev: + needs: [ build_dev_image ] + runs-on: ubuntu-latest + name: "Deploy dev image" + if: ${{ success() && github.actor != 'dependabot[bot]' }} + steps: + - name: Update deployment status - start + uses: bobheadxi/deployments@v0.6.1 + id: deployment + with: + step: start + token: ${{ github.token }} + env: Development + no_override: false + desc: "Development deployment for main branch" + ref: ${{ github.head_ref }} + transient: true + + - name: Install VPN + run: | + sudo /sbin/modprobe tun + sudo apt install openconnect + + - name: Connect VPN + run: | + echo "${{ secrets.VPN_PASS }}" | sudo openconnect ${{ secrets.VPN_URL }} --background --user=${{ secrets.VPN_USER }} --passwd-on-stdin + + - name: Deploy docker container on private server + uses: appleboy/ssh-action@v0.1.4 + with: + host: ${{ secrets.SSH_URL }} + username: ${{ secrets.SSH_USER }} + password: ${{ secrets.SSH_PASS }} + script: | + docker pull ${{ needs.build_dev_image.outputs.image_tag }} + docker ps --filter publish=9000 + docker rm -f $(docker ps --filter publish=9000 -aq) + docker run -d -p 9000:8080 --name "dev" ${{ needs.build_dev_image.outputs.image_tag }} + + - name: Disconnect VPN + if: ${{ always() }} + run: | + sudo pkill openconnect + + - name: Get env url + id: get_env_url + run: | + ENV_URL="http://${{ secrets.SSH_URL }}:9000" + echo ::set-output name=ENV_URL::"${ENV_URL}" + + - name: Update deployment status - finish + uses: bobheadxi/deployments@v0.6.1 + if: always() + with: + step: finish + token: ${{ github.token }} + status: ${{ job.status }} + deployment_id: ${{ steps.deployment.outputs.deployment_id }} + env_url: ${{ steps.get_env_url.outputs.env_url }} diff --git a/.github/workflows/pull-request-done.yml b/.github/workflows/pull-request-done.yml index 108f5b4..64d9522 100644 --- a/.github/workflows/pull-request-done.yml +++ b/.github/workflows/pull-request-done.yml @@ -39,16 +39,48 @@ jobs: preview_delete: runs-on: ubuntu-latest name: "Delete preview" + if: ${{ github.actor != 'dependabot[bot]' }} steps: - - name: Hello + - name: Update deployment status - deactivate + uses: bobheadxi/deployments@v0.6.1 + id: deactivate + with: + step: deactivate-env + token: ${{ github.token }} + env: PR-${{ github.event.number }}-Preview + desc: "Preview deployment for PR #${{ github.event.number }} was pruned." + + - name: Install VPN run: | - echo "Hello World!" + sudo /sbin/modprobe tun + sudo apt install openconnect + + - name: Connect VPN + run: | + echo "${{ secrets.VPN_PASS }}" | sudo openconnect ${{ secrets.VPN_URL }} --background --user=${{ secrets.VPN_USER }} --passwd-on-stdin + + - name: Stop docker container on private server + uses: appleboy/ssh-action@v0.1.4 + with: + host: ${{ secrets.SSH_URL }} + username: ${{ secrets.SSH_USER }} + password: ${{ secrets.SSH_PASS }} + script: | + docker ps --filter publish=$((9000 + ${{ github.event.number }})) + docker rm -f $(docker ps --filter publish=$((9000 + ${{ github.event.number }})) -aq) + + - name: Disconnect VPN + if: ${{ always() }} + run: | + sudo pkill openconnect create_release: runs-on: "ubuntu-latest" if: github.event.pull_request.merged == true && startsWith( github.head_ref, 'release/') name: "Create Release" + outputs: + version: ${{ steps.get_version.outputs.VERSION }} steps: - name: Checkout uses: actions/checkout@v2.4.0 @@ -110,11 +142,96 @@ jobs: commit_message: "Generated documentation @ ${{ github.sha }}" - prod_deploy: + build_prod_image: needs: [ create_release ] runs-on: ubuntu-latest - name: "Deploy production" + name: "Build prod image" + if: ${{ success() && github.actor != 'dependabot[bot]' }} + outputs: + image_tag: ${{ steps.get_tag.outputs.DOCKER_TAG }} + steps: + - name: Checkout + uses: actions/checkout@v2.4.0 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ github.token }} + + - name: Get tag for docker image + id: get_tag + run: | + DOCKER_TAG=ghcr.io/${{ github.repository }}:${{ needs.create_release.outputs.version }} + DOCKER_TAG=${DOCKER_TAG,,} + echo ::set-output name=DOCKER_TAG::"${DOCKER_TAG}" + + - name: Build the Docker image + run: | + docker build . --tag ${{ steps.get_tag.outputs.DOCKER_TAG }} + + - name: Push the Docker image to GitHub Container Registry + run: | + docker push ${{ steps.get_tag.outputs.DOCKER_TAG }} + + + deploy_prod: + needs: [ build_prod_image ] + runs-on: ubuntu-latest + name: "Deploy production image" + if: ${{ success() && github.actor != 'dependabot[bot]' }} steps: - - name: Hello + - name: Update deployment status - start + uses: bobheadxi/deployments@v0.6.1 + id: deployment + with: + step: start + token: ${{ github.token }} + env: Production + no_override: false + desc: "Production deployment" + ref: ${{ github.head_ref }} + transient: true + + - name: Install VPN + run: | + sudo /sbin/modprobe tun + sudo apt install openconnect + + - name: Connect VPN run: | - echo "Hello World!" \ No newline at end of file + echo "${{ secrets.VPN_PASS }}" | sudo openconnect ${{ secrets.VPN_URL }} --background --user=${{ secrets.VPN_USER }} --passwd-on-stdin + + - name: Deploy docker container on private server + uses: appleboy/ssh-action@v0.1.4 + with: + host: ${{ secrets.SSH_URL }} + username: ${{ secrets.SSH_USER }} + password: ${{ secrets.SSH_PASS }} + script: | + docker pull ${{ needs.build_prod_image.outputs.image_tag }} + docker ps --filter publish=8080 + docker rm -f $(docker ps --filter publish=8080 -aq) + docker run -d -p 8080:8080 --name "production" ${{ needs.build_prod_image.outputs.image_tag }} + + - name: Disconnect VPN + if: ${{ always() }} + run: | + sudo pkill openconnect + + - name: Get env url + id: get_env_url + run: | + ENV_URL="http://${{ secrets.SSH_URL }}:8080" + echo ::set-output name=ENV_URL::"${ENV_URL}" + + - name: Update deployment status - finish + uses: bobheadxi/deployments@v0.6.1 + if: always() + with: + step: finish + token: ${{ github.token }} + status: ${{ job.status }} + deployment_id: ${{ steps.deployment.outputs.deployment_id }} + env_url: ${{ steps.get_env_url.outputs.env_url }} \ No newline at end of file diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 45ab304..cde2488 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -146,15 +146,98 @@ jobs: report_individual_runs: true comment_mode: "create new" - - preview_deploy: - needs: [test, lint] + + build_pr_image: + needs: [ test, lint ] runs-on: ubuntu-latest - name: "Deploy preview" + name: "Build preview image" if: ${{ success() && github.actor != 'dependabot[bot]' }} + outputs: + image_tag: ${{ steps.get_tag.outputs.DOCKER_TAG }} steps: - - name: Hello + - name: Checkout + uses: actions/checkout@v2.4.0 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ github.token }} + + - name: Get tag for docker image + id: get_tag run: | - echo "Hello World!" - - + DOCKER_TAG=ghcr.io/${{ github.repository }}:pr-${{ github.event.number }} + DOCKER_TAG=${DOCKER_TAG,,} + echo ::set-output name=DOCKER_TAG::"${DOCKER_TAG}" + + - name: Build the Docker image + run: | + docker build . --tag ${{ steps.get_tag.outputs.DOCKER_TAG }} + + - name: Push the Docker image to GitHub Container Registry + run: | + docker push ${{ steps.get_tag.outputs.DOCKER_TAG }} + + + deploy_pr: + needs: [ build_pr_image ] + runs-on: ubuntu-latest + name: "Deploy preview image" + if: ${{ success() && github.actor != 'dependabot[bot]' }} + steps: + - name: Update deployment status - start + uses: bobheadxi/deployments@v0.6.1 + id: deployment + with: + step: start + token: ${{ github.token }} + env: PR-${{ github.event.number }}-Preview + no_override: false + desc: "Preview deployment for PR #${{ github.event.number }}" + ref: ${{ github.head_ref }} + transient: true + + - name: Install VPN + run: | + sudo /sbin/modprobe tun + sudo apt install openconnect + + - name: Connect VPN + run: | + echo "${{ secrets.VPN_PASS }}" | sudo openconnect ${{ secrets.VPN_URL }} --background --user=${{ secrets.VPN_USER }} --passwd-on-stdin + + - name: Deploy docker container on private server + uses: appleboy/ssh-action@v0.1.4 + with: + host: ${{ secrets.SSH_URL }} + username: ${{ secrets.SSH_USER }} + password: ${{ secrets.SSH_PASS }} + script: | + docker pull ${{ needs.build_pr_image.outputs.image_tag }} + docker ps --filter publish=$((9000 + ${{ github.event.number }})) + docker rm -f $(docker ps --filter publish=$((9000 + ${{ github.event.number }})) -aq) + docker run -d -p $((9000 + ${{ github.event.number }})):8080 --name "pr-preview-$((9000 + ${{ github + .event.number }}))" ${{ needs.build_pr_image.outputs.image_tag }} + + - name: Disconnect VPN + if: ${{ always() }} + run: | + sudo pkill openconnect + + - name: Get env url + id: get_env_url + run: | + ENV_URL="http://${{ secrets.SSH_URL }}:$((9000 + ${{ github.event.number }} ))" + echo ::set-output name=ENV_URL::"${ENV_URL}" + + - name: Update deployment status - finish + uses: bobheadxi/deployments@v0.6.1 + if: always() + with: + step: finish + token: ${{ github.token }} + status: ${{ job.status }} + deployment_id: ${{ steps.deployment.outputs.deployment_id }} + env_url: ${{ steps.get_env_url.outputs.env_url }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..b9d3065 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM python:3.9 + +WORKDIR /code + +COPY ./requirements.txt /code/requirements.txt + +RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt + +COPY ./ensysmod /code/ensysmod + +EXPOSE 8080 + +CMD ["uvicorn", "ensysmod.app:app", "--proxy-headers", "--host", "0.0.0.0", "--port", "8080"] \ No newline at end of file