From 6741b1cc35b02ee0337519b68ea8b2c9d943f381 Mon Sep 17 00:00:00 2001 From: 1brucben <1benjbruce@gmail.com> Date: Tue, 13 May 2025 19:22:50 +0200 Subject: [PATCH] fix deploy file --- .github/workflows/deploy.yml | 86 +++++++++++++++++++++++++++++++----- 1 file changed, 75 insertions(+), 11 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b72f2431c..2b93063fa 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -39,7 +39,7 @@ jobs: # Don't deploy on push if this is a fork if: ${{ github.event_name == 'workflow_dispatch' || github.repository == 'openfrontio/OpenFrontIO' }} # Use different logic based on event type - name: Deploy to ${{ + name: ${{ github.event_name == 'push' && (github.ref_name == 'main' && 'openfront.dev' || format('{0}.openfront.dev', github.ref_name)) @@ -61,7 +61,7 @@ jobs: SUBDOMAIN: ${{ github.event_name == 'push' && github.ref_name || inputs.target_subdomain || 'main' }} steps: - uses: actions/checkout@v4 - - name: Update deployment status + - name: 📝 Update job summary env: FQDN: ${{ env.SUBDOMAIN && format('{0}.{1}', env.SUBDOMAIN, env.DOMAIN) || env.DOMAIN || 'openfront.dev' }} run: | @@ -71,26 +71,44 @@ jobs: Deploying from $GITHUB_REF to $FQDN EOF - - name: Log in to Docker Hub + - uses: actions/create-github-app-token@v2 + id: generate-token + if: ${{ github.repository == 'openfrontio/OpenFrontIO' }} + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} + - name: Export the token + if: ${{ github.repository == 'openfrontio/OpenFrontIO' }} + env: + GH_TOKEN: ${{ steps.generate-token.outputs.token }} + run: | + echo "GH_TOKEN=$GH_TOKEN" >> $GITHUB_ENV + gh api octocat + - name: 📝 Create deployment + uses: chrnorm/deployment-action@v2 + id: deployment + with: + token: ${{ steps.generate-token.outputs.token }} + environment-url: https://${{ env.FQDN }} + environment: ${{ env.FQDN }} + - name: 🔗 Log in to Docker Hub uses: docker/login-action@v3 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Create SSH private key + - name: 🔑 Create SSH private key env: SERVER_HOST_EU: ${{ secrets.SERVER_HOST_EU }} SERVER_HOST_STAGING: ${{ secrets.SERVER_HOST_STAGING }} - SERVER_HOST_US: ${{ secrets.SERVER_HOST_US }} SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} run: | set -euxo pipefail mkdir -p ~/.ssh echo "${SSH_PRIVATE_KEY}" > ~/.ssh/id_rsa test -n "$SERVER_HOST_STAGING" && ssh-keyscan -H "$SERVER_HOST_STAGING" >> ~/.ssh/known_hosts - test -n "$SERVER_HOST_US" && ssh-keyscan -H "$SERVER_HOST_US" >> ~/.ssh/known_hosts test -n "$SERVER_HOST_EU" && ssh-keyscan -H "$SERVER_HOST_EU" >> ~/.ssh/known_hosts chmod 600 ~/.ssh/id_rsa - - name: Deploy + - name: 🚢 Deploy env: ADMIN_TOKEN: ${{ secrets.ADMIN_TOKEN }} CF_ACCOUNT_ID: ${{ secrets.CF_ACCOUNT_ID }} @@ -109,14 +127,52 @@ jobs: R2_SECRET_KEY: ${{ secrets.R2_SECRET_KEY }} SERVER_HOST_EU: ${{ secrets.SERVER_HOST_EU }} SERVER_HOST_STAGING: ${{ secrets.SERVER_HOST_STAGING }} - SERVER_HOST_US: ${{ secrets.SERVER_HOST_US }} SSH_KEY: ~/.ssh/id_rsa VERSION_TAG: latest run: | echo "::group::deploy.sh" ./deploy.sh "$ENV" "$HOST" "$SUBDOMAIN" + echo "Deployment created in ${SECONDS} seconds" >> $GITHUB_STEP_SUMMARY echo "::endgroup::" - - name: Update deployment status ✅ + - name: ⏳ Wait for deployment to start + run: | + echo "::group::Wait for deployment to start" + set -euxo pipefail + while [ "$(curl -s https://${FQDN}/commit.txt)" != "${GITHUB_SHA}" ]; do + if [ "$SECONDS" -ge 300 ]; then + echo "Timeout: deployment did not start within 5 minutes" + exit 1 + fi + sleep 10 + done + echo "Deployment started in ${SECONDS} seconds" >> $GITHUB_STEP_SUMMARY + echo "::endgroup::" + - name: 🚀 Notify PR + if: ${{ success() && github.event_name == 'push' }} + env: + BRANCH: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref || github.ref_name }} + run: | + set -euxo pipefail + if [ -z "${BRANCH}" ]; then + echo "Branch not found" + exit 1 + fi + echo "Checking for open PR from $BRANCH..." + pr_url=$(gh pr list --head "$BRANCH" --state open --json url -q '.[0].url') + if [ -z "$pr_url" ]; then + echo "No open PR found for branch $BRANCH" + exit 0 + fi + gh pr comment "$pr_url" --body "🚀 Deployed ${GITHUB_SHA} to [$FQDN](https://$FQDN)." + - name: ✅ Update deployment status + if: success() + uses: chrnorm/deployment-status@v2 + with: + token: ${{ steps.generate-token.outputs.token }} + environment-url: https://${{ env.FQDN }} + state: success + deployment-id: ${{ steps.deployment.outputs.deployment_id }} + - name: ✅ Update job summary if: success() run: | cat <> $GITHUB_STEP_SUMMARY @@ -124,11 +180,19 @@ jobs: Deployed from $GITHUB_REF to $FQDN EOF - - name: Update deployment status ❌ + - name: ❌ Update deployment status + if: failure() + uses: chrnorm/deployment-status@v2 + with: + token: ${{ steps.generate-token.outputs.token }} + environment-url: https://${{ env.FQDN }} + state: failure + deployment-id: ${{ steps.deployment.outputs.deployment_id }} + - name: ❌ Update job summary if: failure() run: | cat <> $GITHUB_STEP_SUMMARY ### Failure! :fire: Unable to deploy from $GITHUB_REF to $FQDN - EOF + EOF \ No newline at end of file