Release and Deploy #185
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release and Deploy | |
permissions: | |
packages: write | |
contents: write | |
on: | |
workflow_run: | |
workflows: ["Build"] | |
types: | |
- completed | |
workflow_dispatch: | |
# Only update envs here if you need to change them for this workflow | |
env: | |
DOCKER_BUILDKIT: 1 | |
KAMAL_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
KAMAL_REGISTRY_USERNAME: ${{ github.actor }} | |
R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }} | |
R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }} | |
# Standard steps for building and deploying a .NET app via Kamal | |
jobs: | |
build-and-deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Set up environment variables | |
run: | | |
echo "image_repository_name=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV | |
echo "repository_name=$(echo ${{ github.repository }} | cut -d '/' -f 2)" >> $GITHUB_ENV | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ env.KAMAL_REGISTRY_USERNAME }} | |
password: ${{ env.KAMAL_REGISTRY_PASSWORD }} | |
- name: Setup .NET | |
uses: actions/setup-dotnet@v3 | |
with: | |
dotnet-version: '8.0' | |
- name: Install x tool | |
run: dotnet tool install -g x | |
# Temp test | |
- name: Apply Production AppSettings | |
working-directory: ./BlazorDiffusion | |
run: | | |
cat <<EOF >> appsettings.json.patch | |
${{ secrets.APPSETTINGS_PATCH }} | |
EOF | |
x patch appsettings.json.patch | |
- name: Build and push Docker image | |
run: | | |
dotnet publish --os linux --arch x64 -c Release -p:ContainerRepository=${{ env.image_repository_name }} -p:ContainerRegistry=ghcr.io -p:ContainerImageTags=latest -p:ContainerPort=80 | |
- name: Set up SSH key | |
uses: webfactory/[email protected] | |
with: | |
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} | |
- name: Setup Ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: 3.3.0 | |
bundler-cache: true | |
- name: Install Kamal | |
run: gem install kamal -v 2.2.2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
driver-opts: image=moby/buildkit:master | |
- name: Kamal bootstrap | |
run: kamal server bootstrap | |
# This ensures the web.env has been setup ready for deployments | |
- name: Check if first run and execute kamal app boot if necessary | |
run: | | |
FIRST_RUN_FILE=".${{ env.repository_name }}" | |
if ! kamal server exec --no-interactive -q "test -f $FIRST_RUN_FILE"; then | |
kamal server exec --no-interactive -q "touch $FIRST_RUN_FILE" || true | |
kamal deploy -q -P --version latest > /dev/null 2>&1 || true | |
else | |
echo "Not first run, skipping kamal app boot" | |
fi | |
- name: Ensure file permissions | |
run: kamal server exec --no-interactive "mkdir -p /opt/docker/${{ env.repository_name }}/App_Data && chown -R 1654:1654 /opt/docker/${{ env.repository_name }}/App_Data" | |
- name: Migration | |
run: kamal app exec --no-reuse --no-interactive --version=latest "--AppTasks=migrate" | |
- name: Deploy with Kamal | |
run: | | |
kamal lock release -v | |
kamal deploy -P --version latest |