New actions workflow

1 files changed, 62 insertions, 0 deletions

diff --git a/.github/workflows/production.yml b/.github/workflows/production.yml
new file mode 100644
index 0000000..7753a8d
--- /dev/null
+++ b/.github/workflows/production.yml
@@ -0,0 +1,62 @@
+name: Deploy to production
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: Build and Deploy Job
+    environment: Production
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+          lfs: false
+      - uses: actions/setup-node@v4
+        with:
+          node-version: lts/*
+          cache: 'npm'
+      - name: Install Dependencies
+        run: npm ci
+      - name: Build
+        run: npm run build -mode production
+      - name: Archive Production Artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: production
+          path: dist
+          retention-days: 7
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build
+    name: Deploy to Production
+    environment: Production
+    steps:
+      - name: Download Artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: production
+      - name: Connect to tailnet
+        uses: tailscale/github-action@v3
+        with:
+          oauth-client-id: ${{ secrets.TAILSCALE_CLIENT_ID }}
+          oauth-secret: ${{ secrets.TAILSCALE_CLIENT_SECRET }}
+          tags: tag:ci
+      - name: Wait for reachability
+        run: |
+          until tailscale ping ${{ secrets.TARGET_HOST }}; do
+            echo "Waiting for Tailscale to connect..."
+            sleep 5
+          done
+      - name: Add SSH Key
+        run: |
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
+          chmod 600 ~/.ssh/id_ed25519
+          ssh-keyscan -H ${{ secrets.TARGET_HOST }} >> ~/.ssh/known_hosts
+      - name: Deploy
+        run: |
+          scp -r dist/* ${{ secrets.TARGET_USER }}@${{ secrets.TARGET_HOST }}:${{ secrets.TARGET_PATH }}/