changed default rendering position in workshop #98
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy to Server | |
| on: | |
| push: | |
| branches: | |
| - master | |
| paths-ignore: | |
| - "README.md" | |
| jobs: | |
| build-env: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.12" | |
| - name: Construct .env | |
| run: python production_build/construct_env.py | |
| env: | |
| NEXT_PUBLIC_API_URL: ${{ secrets.NEXT_PUBLIC_API_URL }} | |
| NEXT_PUBLIC_GLOBAL_API_URL: ${{ secrets.NEXT_PUBLIC_GLOBAL_API_URL }} | |
| NEXT_PUBLIC_COLORABLE_ID: ${{ secrets.NEXT_PUBLIC_COLORABLE_ID }} | |
| NEXT_PUBLIC_LOGIN_URL: ${{ secrets.NEXT_PUBLIC_LOGIN_URL }} | |
| TOKEN: ${{ secrets.TOKEN }} | |
| - name: Set up OpenSSL | |
| run: sudo apt-get install -y openssl | |
| - name: Encrypt .env file | |
| run: | | |
| openssl aes-256-cbc -salt -in production_build/.env -out .env.enc -k ${{ secrets.ENCRYPTION_KEY }} | |
| - name: Upload .env file | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: encrypted-env | |
| path: .env.enc | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: build-env | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Cache Node.js modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.npm | |
| .next/cache | |
| key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node- | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| - name: Download .env file | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: encrypted-env | |
| path: . | |
| - name: Decrypt .env file | |
| run: | | |
| openssl aes-256-cbc -d -in .env.enc -out .env -k ${{ secrets.ENCRYPTION_KEY }} | |
| - name: Install dependencies | |
| run: npm install | |
| - name: Run build | |
| run: npm run build | |
| - name: Archive production artifacts | |
| run: tar -czf build.tar.gz .next public package.json package-lock.json .env.enc | |
| - name: Upload production artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build-artifacts | |
| path: build.tar.gz | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Download production artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: build-artifacts | |
| path: . | |
| - name: Install SSH and SCP | |
| run: sudo apt-get update && sudo apt-get install -y openssh-client sshpass | |
| - name: Copy build artifacts via SCP | |
| env: | |
| SSHPASS: ${{ secrets.ROOT_SSH_PASSWORD }} | |
| run: | | |
| sshpass -e scp -o StrictHostKeyChecking=no build.tar.gz root@${{ secrets.SERVER_IP }}:/home/ppl_site | |
| - name: Extract build artifacts on server | |
| env: | |
| SSHPASS: ${{ secrets.ROOT_SSH_PASSWORD }} | |
| run: | | |
| sshpass -e ssh -o StrictHostKeyChecking=no root@${{ secrets.SERVER_IP }} << 'EOF' | |
| cd /home/ppl_site | |
| tar -xzf build.tar.gz | |
| openssl aes-256-cbc -d -in .env.enc -out .env -k ${{ secrets.ENCRYPTION_KEY }} | |
| rm build.tar.gz | |
| npm install --production | |
| systemctl restart ppl_site | |
| EOF | |
| - name: Clean up local build artifacts | |
| run: rm build.tar.gz |