blob: 09ecff3e79bb2f1a8bfaeb5f1e00757481aa6d80 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
name: Deploy to production
on:
push:
branches:
- main
jobs:
build-frontend:
runs-on: ubuntu-latest
name: Build frontend artifact
environment: Production
steps:
- uses: actions/checkout@v5
with:
submodules: true
lfs: false
- uses: actions/setup-node@v5
with:
node-version: lts/*
cache: "npm"
cache-dependency-path: src/frontend/package-lock.json
- name: Install frontend dependencies
working-directory: src/frontend
run: npm ci
- name: Build frontend
working-directory: src/frontend
run: npm run build
- name: Prepare artifact directory
run: |
rm -rf dist
mkdir -p dist/frontend
cp -R src/frontend/build/client/. dist/frontend/
- name: Archive Production Artifact
uses: actions/upload-artifact@v4
with:
name: production
path: dist
retention-days: 7
build-backend:
runs-on: ubuntu-latest
name: Build backend artifact
environment: Production
permissions:
contents: read
steps:
- uses: actions/checkout@v5
with:
submodules: true
lfs: false
- uses: actions/setup-dotnet@v5
with:
dotnet-version: '9.0.x'
- name: Build backend
run: dotnet publish -c Release -r linux-arm64 --self-contained false src/Costasdev.Busurbano.Backend/Costasdev.Busurbano.Backend.csproj -o dist/backend
- name: Archive Backend Artifact
uses: actions/upload-artifact@v4
with:
name: backend
path: dist/backend
retention-days: 7
deploy:
runs-on: ubuntu-latest
needs: [build-frontend, build-backend]
name: Deploy to production server
environment: Production
steps:
- name: Download Frontend Artifact
uses: actions/download-artifact@v5
with:
name: production
path: dist
- name: Download Backend Artifact
uses: actions/download-artifact@v5
with:
name: backend
path: dist/backend
- name: Connect to tailnet
uses: tailscale/github-action@v3
with:
oauth-client-id: ${{ secrets.TAILSCALE_CLIENT_ID }}
oauth-secret: ${{ secrets.TAILSCALE_CLIENT_SECRET }}
tags: tag:ci
- name: Wait for reachability
run: |
until tailscale ping ${{ secrets.TARGET_HOST }}; do
echo "Waiting for Tailscale to connect..."
sleep 2
done
- name: Add SSH Key
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
ssh-keyscan -H ${{ secrets.TARGET_HOST }} >> ~/.ssh/known_hosts
- name: Deploy frontend
run: |
scp -r dist/frontend/* ${{ secrets.TARGET_USER }}@${{ secrets.TARGET_HOST }}:${{ secrets.TARGET_PATH }}/
- name: Stop service
run: ssh ${{ secrets.TARGET_USER }}@${{ secrets.TARGET_HOST }} "echo ${{ secrets.TARGET_PASSWORD }} | sudo -S /usr/bin/systemctl stop busurbano"
- name: Upload backend
run: scp -r dist/backend/* app@${{ secrets.TARGET_HOST }}:/opt/busurbano/
- name: Allow execution
run: ssh ${{ secrets.TARGET_USER }}@${{ secrets.TARGET_HOST }} "echo ${{ secrets.TARGET_PASSWORD }} | sudo -S chmod +x /opt/busurbano/Costasdev.Busurbano.Backend"
- name: Start service
run: ssh ${{ secrets.TARGET_USER }}@${{ secrets.TARGET_HOST }} "echo ${{ secrets.TARGET_PASSWORD }} | sudo -S /usr/bin/systemctl start busurbano"
|
