-
Notifications
You must be signed in to change notification settings - Fork 0
154 lines (134 loc) · 4 KB
/
Copy pathbackend.yml
File metadata and controls
154 lines (134 loc) · 4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
name: Backend CI/CD
on:
push:
branches:
- main
- master
pull_request:
types:
- opened
- synchronize
- reopened
branches:
- main
- master
workflow_dispatch:
env:
IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/jobapplytracker-backend
CONTAINER_NAME: job-tracker-app
permissions:
contents: read
concurrency:
group: backend-${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
test-and-build:
name: Test and Build
runs-on: ubuntu-latest
timeout-minutes: 40
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Java
uses: actions/setup-java@v4
with:
distribution: corretto
java-version: '21'
cache: maven
- name: Run tests and package JAR
run: mvn -B -ntp clean verify
- name: Print Surefire report summary on failure
if: failure()
run: |
if [ -d target/surefire-reports ]; then
echo "Collected Surefire reports:"
find target/surefire-reports -maxdepth 1 -type f \( -name '*.txt' -o -name '*.xml' \)
echo
for report in target/surefire-reports/*.txt; do
[ -f "$report" ] || continue
echo "===== $report ====="
sed -n '1,200p' "$report"
echo
done
else
echo "No target/surefire-reports directory found."
fi
- name: Upload Surefire reports
if: failure()
uses: actions/upload-artifact@v4
with:
name: surefire-reports
path: |
target/surefire-reports/**
**/*.dump
**/*-jvmRun*.dump
**/*.dumpstream
if-no-files-found: warn
retention-days: 14
- name: Upload packaged JAR
uses: actions/upload-artifact@v4
with:
name: spring-boot-jar
path: target/*.jar
if-no-files-found: error
retention-days: 14
publish-image:
name: Publish Image
needs: test-and-build
if: ${{ github.event_name != 'pull_request' }}
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
timeout-minutes: 30
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract image metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=sha,prefix=sha-
- name: Build and push image
uses: docker/build-push-action@v6
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
deploy-vps:
name: Deploy to VPS
needs: publish-image
if: ${{ github.event_name != 'pull_request' }}
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
- name: Deploy latest image over SSH
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_KEY }}" > ~/.ssh/deploy_key
chmod 600 ~/.ssh/deploy_key
ssh-keyscan -H ${{ secrets.VPS_IP }} >> ~/.ssh/known_hosts 2>/dev/null
for i in 1 2 3; do
echo "Attempt $i..."
ssh -i ~/.ssh/deploy_key \
-o ConnectTimeout=30 \
-o StrictHostKeyChecking=no \
${{ secrets.VPS_USER }}@${{ secrets.VPS_IP }} \
"set -eu && cd /docker/jobpplytracker-api && docker compose pull && docker compose up -d --remove-orphans && docker image prune -f" && break
[ $i -lt 3 ] && sleep 15
done