-
Notifications
You must be signed in to change notification settings - Fork 2
173 lines (147 loc) Β· 7.86 KB
/
deploy.yml
File metadata and controls
173 lines (147 loc) Β· 7.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
name: Deploy CourseHub to EC2
on:
push:
branches:
- master
jobs:
deploy:
name: Deploy on Push to Master
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Add SSH Private Key
run: |
echo "${{ secrets.EC2_KEY }}" > private_key.pem
chmod 600 private_key.pem
- name: SSH - Pull Latest Code
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << 'EOF'
set -e
echo "π¦ Pulling latest code..."
cd ~/CourseHub
git reset --hard HEAD
git clean -fd
git pull origin master
EOF
- name: SSH - Update Config Files
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << EOF
set -e
echo "π Updating env and token files..."
cd ~/CourseHub/server
echo "${{ secrets.ENV_FILE }}" > .env
echo "${{ secrets.ONEDRIVE_REFRESH_TOKEN }}" > onedrive-refresh-token.token
echo "${{ secrets.ONEDRIVE_ACCESS_TOKEN }}" > onedrive-access-token.token
echo "${{ secrets.ONEDRIVE_DEVICE_CODE }}" > onedrive-device-code.token
echo "${{ secrets.LINKS_JS_FILE }}" > links.js
cd ~/CourseHub/client/src/api
echo "${{ secrets.SERVER_JS_FILE }}" > server.js
cd ~/CourseHub/admin/src/apis
echo "${{ secrets.ADMIN_SERVER_JS_FILE }}" > server.js
EOF
- name: SSH - Build Frontend
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << 'EOF'
set -e
echo "𧱠Installing and building frontend..."
cd ~/CourseHub/client
npm install
npm run build
EOF
- name: SSH - Backup and Deploy Frontend
if: success()
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << 'EOF'
set -e
sudo mkdir -p /usr/share/nginx/html
echo "ποΈ Backing up old frontend..."
timestamp=$(date +%Y%m%d-%H%M%S)
sudo mkdir -p /usr/share/nginx/html-backup
if [ -d "/usr/share/nginx/html" ] && [ "$(ls -A /usr/share/nginx/html)" ]; then
sudo cp -r /usr/share/nginx/html /usr/share/nginx/html-backup/html-$timestamp
fi
echo "π Deploying new frontend..."
sudo rm -rf /usr/share/nginx/html/*
sudo cp -r ~/CourseHub/client/dist/* /usr/share/nginx/html/
echo "π§Ή Cleaning up older backups..."
cd /usr/share/nginx/html-backup
ls -1tr | head -n -1 | xargs -r -d '\n' sudo rm -rf --
EOF
- name: Rollback on Failure
if: failure()
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << 'EOF'
echo "β οΈ Build failed. Restoring backup..."
latest_backup=$(ls -1tr /usr/share/nginx/html-backup 2>/dev/null | tail -n 1 || true )
if [ -n "$latest_backup" ] && [ -d "/usr/share/nginx/html-backup/$latest_backup" ] && [ "$(ls -A /usr/share/nginx/html-backup/$latest_backup 2>/dev/null)" ]; then
echo "β
Found backup: $latest_backup. Restoring..."
sudo mkdir -p /usr/share/nginx/html
sudo rm -rf /usr/share/nginx/html/*
sudo cp -r /usr/share/nginx/html-backup/$latest_backup/* /usr/share/nginx/html/
fi
EOF
- name: SSH - Build Admin_Frontend
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << 'EOF'
set -e
echo "𧱠Installing and building admin_frontend..."
cd ~/CourseHub/admin
npm install
npm run build
EOF
- name: SSH - Backup and Deploy Admin_Frontend
if: success()
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << 'EOF'
set -e
sudo mkdir -p /usr/share/nginx/html/admin
echo "ποΈ Backing up old admin_frontend..."
timestamp=$(date +%Y%m%d-%H%M%S)
sudo mkdir -p /usr/share/nginx/html/admin-backup
if [ -d "/usr/share/nginx/html/admin" ] && [ "$(ls -A /usr/share/nginx/html/admin)" ]; then
sudo cp -r /usr/share/nginx/html/admin /usr/share/nginx/html/admin-backup/html-$timestamp
fi
echo "π Deploying new admin_frontend..."
sudo rm -rf /usr/share/nginx/html/admin/*
sudo cp -r ~/CourseHub/admin/dist/* /usr/share/nginx/html/admin/
echo "π§Ή Cleaning up older admin_backups..."
cd /usr/share/nginx/html/admin-backup
ls -1tr | head -n -1 | xargs -r -d '\n' sudo rm -rf --
EOF
- name: Rollback on Failure
if: failure()
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << 'EOF'
echo "β οΈ Admin_Build failed. Restoring admin_backup..."
latest_backup=$(ls -1tr /usr/share/nginx/html/admin-backup 2>/dev/null | tail -n 1 || true )
if [ -n "$latest_backup" ] && [ -d "/usr/share/nginx/html/admin-backup/$latest_backup" ] && [ "$(ls -A /usr/share/nginx/html/admin-backup/$latest_backup 2>/dev/null)" ]; then
echo "β
Found backup: $latest_backup. Restoring..."
sudo mkdir -p /usr/share/nginx/html/admin
sudo rm -rf /usr/share/nginx/html/admin/*
sudo cp -r /usr/share/nginx/html/admin-backup/$latest_backup/* /usr/share/nginx/html/admin/
fi
EOF
- name: SSH - Restart Backend with PM2
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << 'EOF'
set -e
echo "π Restarting server..."
cd ~/CourseHub/server
npm install
pm2 delete server || true
pm2 start index.js --name server
pm2 save
EOF
- name: SSH - Test and Reload Nginx
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} << 'EOF'
set -e
echo "π§ͺ Testing nginx configuration..."
sudo nginx -t
echo "β»οΈ Reloading nginx..."
sudo systemctl reload nginx
EOF
- name: Cleanup SSH Key
if: always()
run: rm -f private_key.pem