NOWUM · V3lop5 · Dec 5, 2021 · Dec 5, 2021 · Dec 5, 2021
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -182,14 +182,98 @@ jobs:
         run: |
           pytest ./tests
 
-
-  dev_deploy:
-    needs: [test, lint, test_build] 
+
+
+  build_dev_image:
+    needs: [ test, lint, test_build ]
     runs-on: ubuntu-latest
-    name: "Deploy dev"
+    name: "Build dev image"
+    if: ${{ success() && github.actor != 'dependabot[bot]' }}
+    outputs:
+      image_tag: ${{ steps.get_tag.outputs.DOCKER_TAG }}
     steps:
-      - name: Hello
+      - name: Checkout
+        uses: actions/checkout@v2.4.0
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ github.token }}
+
+      - name: Get tag for docker image
+        id: get_tag
         run: |
-          echo "Hello World!"
-
-
+          DOCKER_TAG=ghcr.io/${{ github.repository }}:main
+          DOCKER_TAG=${DOCKER_TAG,,}
+          echo ::set-output name=DOCKER_TAG::"${DOCKER_TAG}"
+
+      - name: Build the Docker image
+        run: |
+          docker build . --tag ${{ steps.get_tag.outputs.DOCKER_TAG }}
+
+      - name: Push the Docker image to GitHub Container Registry
+        run: |
+          docker push ${{ steps.get_tag.outputs.DOCKER_TAG }}
+
+
+  deploy_dev:
+    needs: [ build_dev_image ]
+    runs-on: ubuntu-latest
+    name: "Deploy dev image"
+    if: ${{ success() && github.actor != 'dependabot[bot]' }}
+    steps:
+      - name: Update deployment status - start
+        uses: bobheadxi/deployments@v0.6.1
+        id: deployment
+        with:
+          step: start
+          token: ${{ github.token }}
+          env: Development
+          no_override: false
+          desc: "Development deployment for main branch"
+          ref: ${{ github.head_ref }}
+          transient: true
+
+      - name: Install VPN
+        run: |
+          sudo /sbin/modprobe tun
+          sudo apt install openconnect
+
+      - name: Connect VPN
+        run: |
+          echo "${{ secrets.VPN_PASS }}" | sudo openconnect ${{ secrets.VPN_URL }} --background --user=${{ secrets.VPN_USER }} --passwd-on-stdin
+
+      - name: Deploy docker container on private server
+        uses: appleboy/ssh-action@v0.1.4
+        with:
+          host: ${{ secrets.SSH_URL }}
+          username: ${{ secrets.SSH_USER }}
+          password: ${{ secrets.SSH_PASS }}
+          script: |
+            docker pull ${{ needs.build_dev_image.outputs.image_tag }}
+            docker ps --filter publish=9000
+            docker rm -f $(docker ps --filter publish=9000 -aq)
+            docker run -d -p 9000:8080 --name "dev" ${{ needs.build_dev_image.outputs.image_tag }}
+
+      - name: Disconnect VPN
+        if: ${{ always() }}
+        run: |
+          sudo pkill openconnect
+
+      - name: Get env url
+        id: get_env_url
+        run: |
+          ENV_URL="http://${{ secrets.SSH_URL }}:9000"
+          echo ::set-output name=ENV_URL::"${ENV_URL}"
+
+      - name: Update deployment status - finish
+        uses: bobheadxi/deployments@v0.6.1
+        if: always()
+        with:
+          step: finish
+          token: ${{ github.token }}
+          status: ${{ job.status }}
+          deployment_id: ${{ steps.deployment.outputs.deployment_id }}
+          env_url: ${{ steps.get_env_url.outputs.env_url }}        
diff --git a/.github/workflows/pull-request-done.yml b/.github/workflows/pull-request-done.yml
@@ -39,16 +39,48 @@ jobs:
   preview_delete:
     runs-on: ubuntu-latest
     name: "Delete preview"
+    if: ${{ github.actor != 'dependabot[bot]' }}
     steps:
-      - name: Hello
+      - name: Update deployment status - deactivate
+        uses: bobheadxi/deployments@v0.6.1
+        id: deactivate
+        with:
+          step: deactivate-env
+          token: ${{ github.token }}
+          env: PR-${{ github.event.number }}-Preview
+          desc: "Preview deployment for PR #${{ github.event.number }} was pruned."
+
+      - name: Install VPN
         run: |
-          echo "Hello World!"
+          sudo /sbin/modprobe tun
+          sudo apt install openconnect
+
+      - name: Connect VPN
+        run: |
+          echo "${{ secrets.VPN_PASS }}" | sudo openconnect ${{ secrets.VPN_URL }} --background --user=${{ secrets.VPN_USER }} --passwd-on-stdin
+
+      - name: Stop docker container on private server
+        uses: appleboy/ssh-action@v0.1.4
+        with:
+          host: ${{ secrets.SSH_URL }}
+          username: ${{ secrets.SSH_USER }}
+          password: ${{ secrets.SSH_PASS }}
+          script: |
+            docker ps --filter publish=$((9000 + ${{ github.event.number }}))
+            docker rm -f $(docker ps --filter publish=$((9000 + ${{ github.event.number }})) -aq)
+
+      - name: Disconnect VPN
+        if: ${{ always() }}
+        run: |
+          sudo pkill openconnect
 
 
   create_release:
     runs-on: "ubuntu-latest"
     if: github.event.pull_request.merged == true && startsWith( github.head_ref, 'release/')
     name: "Create Release"
+    outputs:
+      version: ${{ steps.get_version.outputs.VERSION }}
     steps:
       - name: Checkout
         uses: actions/checkout@v2.4.0
@@ -110,11 +142,96 @@ jobs:
           commit_message: "Generated documentation @ ${{ github.sha }}"
 
 
-  prod_deploy:
+  build_prod_image:
     needs: [ create_release ]
     runs-on: ubuntu-latest
-    name: "Deploy production"
+    name: "Build prod image"
+    if: ${{ success() && github.actor != 'dependabot[bot]' }}
+    outputs:
+      image_tag: ${{ steps.get_tag.outputs.DOCKER_TAG }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2.4.0
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ github.token }}
+
+      - name: Get tag for docker image
+        id: get_tag
+        run: |
+          DOCKER_TAG=ghcr.io/${{ github.repository }}:${{ needs.create_release.outputs.version }}
+          DOCKER_TAG=${DOCKER_TAG,,}
+          echo ::set-output name=DOCKER_TAG::"${DOCKER_TAG}"
+
+      - name: Build the Docker image
+        run: |
+          docker build . --tag ${{ steps.get_tag.outputs.DOCKER_TAG }}
+
+      - name: Push the Docker image to GitHub Container Registry
+        run: |
+          docker push ${{ steps.get_tag.outputs.DOCKER_TAG }}
+
+
+  deploy_prod:
+    needs: [ build_prod_image ]
+    runs-on: ubuntu-latest
+    name: "Deploy production image"
+    if: ${{ success() && github.actor != 'dependabot[bot]' }}
     steps:
-      - name: Hello
+      - name: Update deployment status - start
+        uses: bobheadxi/deployments@v0.6.1
+        id: deployment
+        with:
+          step: start
+          token: ${{ github.token }}
+          env: Production
+          no_override: false
+          desc: "Production deployment"
+          ref: ${{ github.head_ref }}
+          transient: true
+
+      - name: Install VPN
+        run: |
+          sudo /sbin/modprobe tun
+          sudo apt install openconnect
+
+      - name: Connect VPN
         run: |
-          echo "Hello World!"
+          echo "${{ secrets.VPN_PASS }}" | sudo openconnect ${{ secrets.VPN_URL }} --background --user=${{ secrets.VPN_USER }} --passwd-on-stdin
+
+      - name: Deploy docker container on private server
+        uses: appleboy/ssh-action@v0.1.4
+        with:
+          host: ${{ secrets.SSH_URL }}
+          username: ${{ secrets.SSH_USER }}
+          password: ${{ secrets.SSH_PASS }}
+          script: |
+            docker pull ${{ needs.build_prod_image.outputs.image_tag }}
+            docker ps --filter publish=8080
+            docker rm -f $(docker ps --filter publish=8080 -aq)
+            docker run -d -p 8080:8080 --name "production" ${{ needs.build_prod_image.outputs.image_tag }}
+
+      - name: Disconnect VPN
+        if: ${{ always() }}
+        run: |
+          sudo pkill openconnect
+
+      - name: Get env url
+        id: get_env_url
+        run: |
+          ENV_URL="http://${{ secrets.SSH_URL }}:8080"
+          echo ::set-output name=ENV_URL::"${ENV_URL}"
+
+      - name: Update deployment status - finish
+        uses: bobheadxi/deployments@v0.6.1
+        if: always()
+        with:
+          step: finish
+          token: ${{ github.token }}
+          status: ${{ job.status }}
+          deployment_id: ${{ steps.deployment.outputs.deployment_id }}
+          env_url: ${{ steps.get_env_url.outputs.env_url }}
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
@@ -146,15 +146,98 @@ jobs:
           report_individual_runs: true  
           comment_mode: "create new"
 
-        
-  preview_deploy:
-    needs: [test, lint] 
+
+  build_pr_image:
+    needs: [ test, lint ]
     runs-on: ubuntu-latest
-    name: "Deploy preview"
+    name: "Build preview image"
     if: ${{ success() && github.actor != 'dependabot[bot]' }}
+    outputs:
+      image_tag: ${{ steps.get_tag.outputs.DOCKER_TAG }}
     steps:
-      - name: Hello
+      - name: Checkout
+        uses: actions/checkout@v2.4.0
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ github.token }}
+
+      - name: Get tag for docker image
+        id: get_tag
         run: |
-          echo "Hello World!"
-
-
+          DOCKER_TAG=ghcr.io/${{ github.repository }}:pr-${{ github.event.number }}
+          DOCKER_TAG=${DOCKER_TAG,,}
+          echo ::set-output name=DOCKER_TAG::"${DOCKER_TAG}"
+
+      - name: Build the Docker image
+        run: |
+          docker build . --tag ${{ steps.get_tag.outputs.DOCKER_TAG }}
+
+      - name: Push the Docker image to GitHub Container Registry
+        run: |
+          docker push ${{ steps.get_tag.outputs.DOCKER_TAG }}
+
+
+  deploy_pr:
+    needs: [ build_pr_image ]
+    runs-on: ubuntu-latest
+    name: "Deploy preview image"
+    if: ${{ success() && github.actor != 'dependabot[bot]' }}
+    steps:
+      - name: Update deployment status - start
+        uses: bobheadxi/deployments@v0.6.1
+        id: deployment
+        with:
+          step: start
+          token: ${{ github.token }}
+          env: PR-${{ github.event.number }}-Preview
+          no_override: false
+          desc: "Preview deployment for PR #${{ github.event.number }}"
+          ref: ${{ github.head_ref }}
+          transient: true
+
+      - name: Install VPN
+        run: |
+          sudo /sbin/modprobe tun
+          sudo apt install openconnect
+
+      - name: Connect VPN
+        run: |
+          echo "${{ secrets.VPN_PASS }}" | sudo openconnect ${{ secrets.VPN_URL }} --background --user=${{ secrets.VPN_USER }} --passwd-on-stdin
+
+      - name: Deploy docker container on private server
+        uses: appleboy/ssh-action@v0.1.4
+        with:
+          host: ${{ secrets.SSH_URL }}
+          username: ${{ secrets.SSH_USER }}
+          password: ${{ secrets.SSH_PASS }}
+          script: |
+            docker pull ${{ needs.build_pr_image.outputs.image_tag }}
+            docker ps --filter publish=$((9000 + ${{ github.event.number }}))
+            docker rm -f $(docker ps --filter publish=$((9000 + ${{ github.event.number }})) -aq)
+            docker run -d -p $((9000 + ${{ github.event.number }})):8080 --name "pr-preview-$((9000 + ${{ github
+            .event.number }}))" ${{ needs.build_pr_image.outputs.image_tag }}
+
+      - name: Disconnect VPN
+        if: ${{ always() }}
+        run: |
+          sudo pkill openconnect
+
+      - name: Get env url
+        id: get_env_url
+        run: |
+          ENV_URL="http://${{ secrets.SSH_URL }}:$((9000 + ${{ github.event.number }} ))"
+          echo ::set-output name=ENV_URL::"${ENV_URL}"
+
+      - name: Update deployment status - finish
+        uses: bobheadxi/deployments@v0.6.1
+        if: always()
+        with:
+          step: finish
+          token: ${{ github.token }}
+          status: ${{ job.status }}
+          deployment_id: ${{ steps.deployment.outputs.deployment_id }}
+          env_url: ${{ steps.get_env_url.outputs.env_url }}
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,13 @@
+FROM python:3.9
+
+WORKDIR /code
+
+COPY ./requirements.txt /code/requirements.txt
+
+RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt
+
+COPY ./ensysmod /code/ensysmod
+
+EXPOSE 8080
+
+CMD ["uvicorn", "ensysmod.app:app", "--proxy-headers", "--host", "0.0.0.0", "--port", "8080"]