cms/.github/workflows/deploy.yml at main · undershows/cms · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
name: Deploy CMS Undershows

on:
  push:
    branches:
      - main
  workflow_dispatch:

jobs:
  deploy:
    runs-on: ubuntu-latest
    environment: production

    steps:
      - name: Checkout 🛎️
        uses: actions/checkout@v4

      - name: Install SSH Client
        run: sudo apt-get update && sudo apt-get install -y openssh-client

      - name: Setup SSH Key 🔐
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.SSH_KEY }}" > ~/.ssh/deploy_key
          chmod 600 ~/.ssh/deploy_key
          cat >> ~/.ssh/config << EOF
          Host server
            HostName ${{ secrets.SSH_HOST }}
            User ${{ secrets.SSH_USER }}
            IdentityFile ~/.ssh/deploy_key
            StrictHostKeyChecking no
          EOF

      - name: Deploy to Server 🚀
        run: |
          ssh server << 'EOF'
            set -euo pipefail

            cd /var/www/cms/
            git fetch --all
            git reset --hard origin/main

            docker build -t undershows-cms .

            docker stop undershows-cms || true
            docker rm undershows-cms || true

            docker run -d --name undershows-cms --restart unless-stopped --env-file .env -p 127.0.0.1:1337:1337 -v $(pwd)/public/uploads:/app/public/uploads --read-only --tmpfs /tmp --tmpfs /app/.cache --tmpfs /app/.tmp --cap-drop ALL --security-opt no-new-privileges:true undershows-cms

            sleep 2
            docker ps --filter "name=undershows-cms" --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
            docker logs --tail=80 undershows-cms

          EOF