Merge branch 'main' into refactor/ckeditor-migration #160
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Frontend CI and CD | |
on: | |
push: | |
paths: | |
- .github/** | |
- frontend/** | |
pull_request: | |
paths: | |
- .github/** | |
- frontend/** | |
defaults: | |
run: | |
working-directory: ./frontend | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: frontend | |
EC2_SSH_ADDRESS: ${{ secrets.EC2_SSH_ADDRESS }} | |
EC2_SSH_ENDPOINT: ${{ secrets.EC2_SSH_USER }}@${{ secrets.EC2_SSH_ADDRESS }} | |
INTERNAL_BACKEND_BASE_URL: ${{ secrets.INTERNAL_BACKEND_BASE_URL }} | |
NEXT_PUBLIC_FILES_PROTOCOL: https | |
NEXT_PUBLIC_FILES_HOST: ${{ secrets.NEXT_PUBLIC_FILES_HOST }} | |
jobs: | |
ci: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Build image | |
uses: ./.github/actions/docker-build | |
with: | |
context: ./frontend | |
dockerfile: ./frontend/Dockerfile | |
image-name: ${{ env.IMAGE_NAME }} | |
target: production | |
push: false | |
container-registry: ${{ env.REGISTRY }} | |
build-and-push-images: | |
runs-on: ubuntu-latest | |
if: ${{ format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }} | |
permissions: | |
packages: write | |
contents: read | |
needs: | |
- ci | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Build and push image | |
uses: ./.github/actions/docker-build | |
with: | |
context: ./frontend | |
dockerfile: ./frontend/Dockerfile | |
image-name: ${{ env.IMAGE_NAME }} | |
target: production | |
push: true | |
container-registry: ${{ env.REGISTRY }} | |
container-registry-username: ${{ github.actor }} | |
container-registry-password: ${{ secrets.GITHUB_TOKEN }} | |
deploy: | |
runs-on: ubuntu-latest | |
if: ${{ format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }} | |
needs: | |
- build-and-push-images | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Deploy services | |
run: | | |
# Setup ssh key | |
echo '${{ secrets.EC2_SSH_PRIVATE_KEY }}' > ~/ec2-key.pem | |
chmod 400 ~/ec2-key.pem | |
mkdir -p ~/.ssh | |
ssh-keyscan -H $EC2_SSH_ADDRESS >> ~/.ssh/known_hosts | |
# Ensure remote directory exists | |
ssh -q -i ~/ec2-key.pem -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null $EC2_SSH_ENDPOINT > /dev/null 2>&1 << 'EOF' | |
sudo mkdir -p /tmp/deployment_frontend | |
sudo chown ${{ secrets.EC2_SSH_USER }}:${{ secrets.EC2_SSH_USER }} /tmp/deployment_frontend | |
EOF | |
# Copy files | |
scp -q -i ~/ec2-key.pem -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -r ./compose.frontend.yaml $EC2_SSH_ENDPOINT:/tmp/deployment_frontend/ > /dev/null 2>&1 | |
# Connect and deploy services | |
ssh -q -i ~/ec2-key.pem -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null $EC2_SSH_ENDPOINT > /dev/null 2>&1 << 'EOF' | |
export FRONTEND_IMAGE='${{ secrets.FRONTEND_IMAGE }}' | |
export INTERNAL_BACKEND_BASE_URL='${{ env.INTERNAL_BACKEND_BASE_URL }}' | |
export NEXT_PUBLIC_FILES_PROTOCOL='${{ env.NEXT_PUBLIC_FILES_PROTOCOL }}' | |
export NEXT_PUBLIC_FILES_HOST='${{ env.NEXT_PUBLIC_FILES_HOST }}' | |
# Run Docker Compose | |
cd /tmp/deployment_frontend/ | |
docker compose -f compose.frontend.yaml --project-name frontend up --pull always --detach | |
sudo rm -rf /tmp/deployment_frontend | |
EOF |