diff --git a/.github/infrastructure.yml b/.github/infrastructure.yml new file mode 100644 index 0000000..a0db55c --- /dev/null +++ b/.github/infrastructure.yml @@ -0,0 +1,22 @@ +name: Infrastructure + +on: + workflow_call: + +jobs: + deploy-infra: + name: Deploy infra + runs-on: ubuntu-latest + defaults: + run: + working-directory: infra/ + + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Create tfvars + run: echo '${{secrets.TFVARS}}' >> secrets.auto.tfvars + - name: Terraform Apply + uses: sturlabragason/terraform_state_artifact@v1 + with: + encryptionkey: ${{ secrets.TF_STATE_SECRET }} diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml new file mode 100644 index 0000000..0e22a82 --- /dev/null +++ b/.github/workflows/container.yml @@ -0,0 +1,21 @@ +name: Build Container Image +on: + workflow_call: + workflow_dispatch: + +jobs: + build-image: + permissions: write-all + name: build docker image + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{github.actor}} + password: ${{secrets.GITHUB_TOKEN}} + - name: build image + run: docker build # docker build command goes here + - name: push image + run: docker push ghcr.io/apollo-xiv/dev-asm:latest diff --git a/.github/workflows/infrastructure.yml b/.github/workflows/infrastructure.yml new file mode 100644 index 0000000..a0db55c --- /dev/null +++ b/.github/workflows/infrastructure.yml @@ -0,0 +1,22 @@ +name: Infrastructure + +on: + workflow_call: + +jobs: + deploy-infra: + name: Deploy infra + runs-on: ubuntu-latest + defaults: + run: + working-directory: infra/ + + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Create tfvars + run: echo '${{secrets.TFVARS}}' >> secrets.auto.tfvars + - name: Terraform Apply + uses: sturlabragason/terraform_state_artifact@v1 + with: + encryptionkey: ${{ secrets.TF_STATE_SECRET }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 25d4332..a59b21c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -9,41 +9,20 @@ on: permissions: write-all jobs: - check-infrastructure-config: + infra: # terraform name: Check Infrastructure Configuration uses: ./.github/workflows/infrastructure.yml secrets: inherit + + build-image: + name: Build docker image + uses: ./.github/workflows/container.yml + secrets: inherit + run-playbooks: - runs-on: ubuntu - steps: - - name: Checkout - uses: actions/checkout@v2 - - name: add ssh key - run: echo ${{secrets.SSH_PRIVATE_KEY}} > infra/node_key - - name: update service - # You may pin to the exact commit or the version. - # uses: dawidd6/action-ansible-playbook@c97d71562fcba83cc1ea0602d5a77013427f7571 - uses: dawidd6/action-ansible-playbook@v2.8.0 - with: - # Ansible playbook filepath - playbook: ./service.yml - # Ansible Galaxy requirements filepath - #requirements: optional - # Root directory of Ansible project (defaults to current) - directory: ./infra/playbooks - # Ansible configuration file content (ansible.cfg) - #configuration: # optional - # Custom content to write into hosts - #inventory: # optional - # The password used for decrypting vaulted files - #vault_password: # optional - # Contents of SSH known_hosts file - #known_hosts: # optional - # Extra options that should be passed to ansible-playbook command - #options: # optional - # Set to "true" if root is required for running your playbook - sudo: true # optional - # Set to "true" if the Ansible output should not include colors (defaults to "false") - #no_color: # optional - + name: Run Ansible Playbooks + uses: ./.github/workflows/playbooks.yml + needs: [build-image, infra] + secrets: inherit + diff --git a/.github/workflows/playbooks.yml b/.github/workflows/playbooks.yml new file mode 100644 index 0000000..66b763e --- /dev/null +++ b/.github/workflows/playbooks.yml @@ -0,0 +1,25 @@ +name: Run Anisble Playbooks +on: + workflow_call: + workflow_dispatch: + +jobs: + run-playbooks: + name: run playbooks + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Setup Ansible + run: | + sudo apt install -y pipx + pipx install --include-deps ansible + + - uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{github.actor}} + password: ${{secrets.GITHUB_TOKEN}} + - name: build image + run: docker build # docker build command goes here + - name: push image + run: docker push ghcr.io/apollo-xiv/dev-asm:latest diff --git a/Dockerfile b/Dockerfile index 593ef19..79f67a7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,19 @@ -FROM rust:latest AS build +FROM rust:latest AS builder +RUN cargo install cargo-leptos && rustup target add wasm32-unknown-unknown && mkdir -p /app WORKDIR /app COPY . . -RUN cargo build +RUN cargo leptos build -r -vv FROM alpine:latest -COPY --from=build /app/target /app WORKDIR /app -ENV LEPTOS_SITE_ADDRESS "0.0.0.0:3000" +COPY --from=builder /app/target /app +COPY --from=builder /app/target/site /app/site + +ENV LEPTOS_OUTPUT_NAME="dev-asm" +ENV LEPTOS_SITE_ROOT="site" +ENV LEPTOS_SITE_PKG_DIR="pkg" +ENV LEPTOS_SITE_ADDRESS="0.0.0.0:3000" + EXPOSE 3000 -CMD ["./server/release/leptos_start"] +CMD [""] diff --git a/pipelines.md b/pipelines.md new file mode 100644 index 0000000..d3ffac3 --- /dev/null +++ b/pipelines.md @@ -0,0 +1,11 @@ +# Pipelines + +## Required Github Secrets +- TF_STATE_SECRET +- TFVARS + +## Required App Secrets +- DB_URL +- GITHUB_CLIENT_ID +- GITHUB_CLIENT_SECRET +- AUTH_SECRET