-
Notifications
You must be signed in to change notification settings - Fork 0
105 lines (92 loc) · 3.61 KB
/
deploy.yml
File metadata and controls
105 lines (92 loc) · 3.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
name: Deploy to Production
on:
push:
branches: [main]
workflow_dispatch:
concurrency:
group: deploy
cancel-in-progress: false # let the running deploy finish, queue the next
jobs:
build-and-deploy:
runs-on: self-hosted
timeout-minutes: 15
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Write .env
env:
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
BETTER_AUTH_SECRET: ${{ secrets.BETTER_AUTH_SECRET }}
BETTER_AUTH_URL: ${{ secrets.BETTER_AUTH_URL }}
OAUTH_GITHUB_CLIENT_ID: ${{ secrets.OAUTH_GITHUB_CLIENT_ID }}
OAUTH_GITHUB_CLIENT_SECRET: ${{ secrets.OAUTH_GITHUB_CLIENT_SECRET }}
OAUTH_GOOGLE_CLIENT_ID: ${{ secrets.OAUTH_GOOGLE_CLIENT_ID }}
OAUTH_GOOGLE_CLIENT_SECRET: ${{ secrets.OAUTH_GOOGLE_CLIENT_SECRET }}
APP_URL: ${{ secrets.NEXT_PUBLIC_APP_URL }}
run: |
cat > .env <<EOF
DB_PASSWORD=${DB_PASSWORD}
DATABASE_URL=postgresql://respool:${DB_PASSWORD}@respool-db:5432/respool
BETTER_AUTH_SECRET=${BETTER_AUTH_SECRET}
BETTER_AUTH_URL=${BETTER_AUTH_URL}
GITHUB_CLIENT_ID=${OAUTH_GITHUB_CLIENT_ID}
GITHUB_CLIENT_SECRET=${OAUTH_GITHUB_CLIENT_SECRET}
GOOGLE_CLIENT_ID=${OAUTH_GOOGLE_CLIENT_ID}
GOOGLE_CLIENT_SECRET=${OAUTH_GOOGLE_CLIENT_SECRET}
NEXT_PUBLIC_APP_URL=${APP_URL}
EOF
# Strip leading whitespace from heredoc
sed -i 's/^[[:space:]]*//' .env
- name: Tag previous image for rollback
run: |
if docker image inspect respool-app:latest > /dev/null 2>&1; then
docker tag respool-app:latest respool-app:rollback
echo "Tagged previous image as rollback"
else
echo "No previous image to tag"
fi
- name: Build new image
run: docker-compose build --no-cache
- name: Deploy
id: deploy
run: docker-compose up -d
- name: Run migrations
run: docker-compose exec -T -u root app sh -c "node node_modules/prisma/build/index.js migrate deploy"
- name: Seed filament colors (idempotent)
run: docker-compose exec -T app sh -c "node prisma/seed.cjs"
- name: Health check
id: healthcheck
run: |
echo "Waiting for app to start..."
for i in $(seq 1 30); do
# Try from host first, then from inside container
if curl -sf http://127.0.0.1:3847/api/health > /dev/null 2>&1; then
echo "App is healthy (host check)!"
exit 0
fi
if docker-compose exec -T app curl -sf http://localhost:3847/api/health > /dev/null 2>&1; then
echo "App is healthy (container check)!"
exit 0
fi
sleep 2
done
echo "Health check failed after 60s"
echo "--- Container logs ---"
docker-compose logs app --tail 50
echo "--- Port check ---"
docker-compose exec -T app sh -c "curl -v http://localhost:3847/api/health 2>&1" || true
exit 1
- name: Rollback on failure
if: failure() && steps.deploy.outcome == 'success'
run: |
echo "Deploy failed — rolling back..."
if docker image inspect respool-app:rollback > /dev/null 2>&1; then
docker tag respool-app:rollback respool-app:latest
docker-compose up -d
echo "Rolled back to previous image"
else
echo "No rollback image available"
fi
- name: Cleanup
if: always()
run: docker image prune -f