name: build-and-push-harbor on: push: branches: - main - master - dev - "feature/**" workflow_dispatch: env: IMAGE_NAME: st-1-example jobs: docker-build-push: runs-on: ubuntu-latest outputs: image_tag: ${{ steps.vars.outputs.short_sha }} steps: - name: Checkout uses: actions/checkout@v4 - name: Set image tags id: vars run: | echo "short_sha=${GITHUB_SHA::7}" >> "$GITHUB_OUTPUT" echo "date_tag=$(date +%Y%m%d%H%M%S)" >> "$GITHUB_OUTPUT" - name: Login Harbor env: HARBOR_REGISTRY: ${{ secrets.HARBOR_REGISTRY }} HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }} HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }} run: | echo "$HARBOR_PASSWORD" | docker login "$HARBOR_REGISTRY" -u "$HARBOR_USERNAME" --password-stdin - name: Build image env: HARBOR_REGISTRY: ${{ secrets.HARBOR_REGISTRY }} HARBOR_PROJECT: ${{ secrets.HARBOR_PROJECT }} run: | IMAGE="$HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME" docker build -f Dockerfile -t "$IMAGE:${{ steps.vars.outputs.short_sha }}" -t "$IMAGE:${{ steps.vars.outputs.date_tag }}" -t "$IMAGE:latest" . - name: Push image env: HARBOR_REGISTRY: ${{ secrets.HARBOR_REGISTRY }} HARBOR_PROJECT: ${{ secrets.HARBOR_PROJECT }} run: | IMAGE="$HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME" docker push "$IMAGE:${{ steps.vars.outputs.short_sha }}" docker push "$IMAGE:${{ steps.vars.outputs.date_tag }}" docker push "$IMAGE:latest" deploy-server-docker: runs-on: ubuntu-latest needs: docker-build-push if: github.ref_name == 'main' || github.ref_name == 'master' steps: - name: Checkout uses: actions/checkout@v4 - name: Setup SSH key env: DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }} run: | mkdir -p ~/.ssh printf "%s" "$DEPLOY_SSH_KEY" > ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa - name: Add server host key env: DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} DEPLOY_PORT: ${{ secrets.DEPLOY_PORT }} run: | PORT="${DEPLOY_PORT:-22}" ssh-keyscan -p "$PORT" "$DEPLOY_HOST" >> ~/.ssh/known_hosts - name: Upload compose file env: DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} DEPLOY_USER: ${{ secrets.DEPLOY_USER }} DEPLOY_PORT: ${{ secrets.DEPLOY_PORT }} DEPLOY_PATH: ${{ secrets.DEPLOY_PATH }} run: | PORT="${DEPLOY_PORT:-22}" TARGET_PATH="${DEPLOY_PATH:-/opt/st-1-example}" ssh -p "$PORT" "$DEPLOY_USER@$DEPLOY_HOST" "mkdir -p $TARGET_PATH" scp -P "$PORT" deploy/docker/docker-compose.yml "$DEPLOY_USER@$DEPLOY_HOST:$TARGET_PATH/docker-compose.yml" - name: Deploy on server env: DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} DEPLOY_USER: ${{ secrets.DEPLOY_USER }} DEPLOY_PORT: ${{ secrets.DEPLOY_PORT }} DEPLOY_PATH: ${{ secrets.DEPLOY_PATH }} HARBOR_REGISTRY: ${{ secrets.HARBOR_REGISTRY }} HARBOR_PROJECT: ${{ secrets.HARBOR_PROJECT }} HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }} HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }} run: | PORT="${DEPLOY_PORT:-22}" TARGET_PATH="${DEPLOY_PATH:-/opt/st-1-example}" IMAGE_TAG="${{ needs.docker-build-push.outputs.image_tag }}" ssh -p "$PORT" "$DEPLOY_USER@$DEPLOY_HOST" " set -e; cd $TARGET_PATH; echo '$HARBOR_PASSWORD' | docker login '$HARBOR_REGISTRY' -u '$HARBOR_USERNAME' --password-stdin; HARBOR_REGISTRY='$HARBOR_REGISTRY' HARBOR_PROJECT='$HARBOR_PROJECT' IMAGE_NAME='$IMAGE_NAME' IMAGE_TAG='$IMAGE_TAG' docker compose pull; HARBOR_REGISTRY='$HARBOR_REGISTRY' HARBOR_PROJECT='$HARBOR_PROJECT' IMAGE_NAME='$IMAGE_NAME' IMAGE_TAG='$IMAGE_TAG' docker compose up -d; docker image prune -f; "