forked from syntaxbullet/aurorabot
137 lines
3.9 KiB
YAML
137 lines
3.9 KiB
YAML
# Aurora CI/CD Pipeline
|
|
# Builds, tests, and deploys to production server
|
|
|
|
name: Deploy to Production
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
workflow_dispatch: # Allow manual trigger
|
|
|
|
env:
|
|
REGISTRY: ghcr.io
|
|
IMAGE_NAME: ${{ github.repository }}
|
|
|
|
jobs:
|
|
# ==========================================================================
|
|
# Test Job
|
|
# ==========================================================================
|
|
test:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Bun
|
|
uses: oven-sh/setup-bun@v2
|
|
with:
|
|
bun-version: latest
|
|
|
|
- name: Install Dependencies
|
|
run: bun install --frozen-lockfile
|
|
|
|
- name: Run Tests
|
|
run: bash shared/scripts/test-sequential.sh
|
|
|
|
# ==========================================================================
|
|
# Build Job
|
|
# ==========================================================================
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
needs: test
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
outputs:
|
|
image_tag: ${{ steps.meta.outputs.tags }}
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Log in to Container Registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ${{ env.REGISTRY }}
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Extract metadata
|
|
id: meta
|
|
uses: docker/metadata-action@v5
|
|
with:
|
|
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
|
tags: |
|
|
type=sha,prefix=
|
|
type=raw,value=latest
|
|
|
|
- name: Build and Push Docker Image
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
file: ./Dockerfile.prod
|
|
push: true
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
labels: ${{ steps.meta.outputs.labels }}
|
|
cache-from: type=gha
|
|
cache-to: type=gha,mode=max
|
|
|
|
# ==========================================================================
|
|
# Deploy Job
|
|
# ==========================================================================
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
needs: build
|
|
environment: production
|
|
|
|
steps:
|
|
- name: Deploy to Production Server
|
|
uses: appleboy/ssh-action@v1.0.3
|
|
with:
|
|
host: ${{ secrets.VPS_HOST }}
|
|
username: ${{ secrets.VPS_USER }}
|
|
key: ${{ secrets.SSH_PRIVATE_KEY }}
|
|
script: |
|
|
cd ~/Aurora
|
|
|
|
# Pull latest code
|
|
git pull origin main
|
|
|
|
# Pull latest Docker image
|
|
docker compose -f docker-compose.prod.yml pull 2>/dev/null || true
|
|
|
|
# Build and restart containers
|
|
docker compose -f docker-compose.prod.yml build --no-cache
|
|
docker compose -f docker-compose.prod.yml down
|
|
docker compose -f docker-compose.prod.yml up -d
|
|
|
|
# Wait for health checks
|
|
sleep 15
|
|
|
|
# Verify deployment
|
|
docker ps | grep aurora
|
|
|
|
# Cleanup old images
|
|
docker image prune -f
|
|
|
|
- name: Verify Deployment
|
|
uses: appleboy/ssh-action@v1.0.3
|
|
with:
|
|
host: ${{ secrets.VPS_HOST }}
|
|
username: ${{ secrets.VPS_USER }}
|
|
key: ${{ secrets.SSH_PRIVATE_KEY }}
|
|
script: |
|
|
# Check if app container is healthy
|
|
if docker ps | grep -q "aurora_app.*healthy"; then
|
|
echo "✅ Deployment successful - aurora_app is healthy"
|
|
exit 0
|
|
else
|
|
echo "⚠️ Health check pending, checking container status..."
|
|
docker ps | grep aurora
|
|
docker logs aurora_app --tail 20
|
|
exit 0
|
|
fi
|