Skip to content

Backend CD Pipeline

Backend CD Pipeline #8

Workflow file for this run

name: Backend CD Pipeline
on:
push:
branches:
- deployment
paths:
- 'backend/**'
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
# environment:
# name: backend
# url: ${{ vars.URL }}
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Get terraform-apply.yml Run ID
id: get-run-id
run: |
RUN_ID=$(curl -s \
-H "Authorization: Bearer ${{ secrets.TOKEN }}" \
-H "Accept: application/vnd.github+json" \
"https://api.github.com/repos/${{ github.repository }}/actions/workflows/terraform-apply.yml/runs?branch=infra_main&per_page=1" \
| jq -r '.workflow_runs[0].id')
echo "run_id=$RUN_ID" >> $GITHUB_OUTPUT
echo "$RUN_ID"
- name: Download Public_IP File
uses: actions/download-artifact@v4
with:
name: Public_IP
github-token: ${{ secrets.TOKEN }}
run-id: ${{ steps.get-run-id.outputs.run_id }}
- name: Read public IP
id: read_ip
run: |
PUBLIC_IP=$(terraform output -raw instance_public_ip | tr -d '\n' | tr -d '\r')
echo "PUBLIC_IP=$PUBLIC_IP" >> $GITHUB_ENV
- name: Decrypt Backend Env File
env:
PASSPHRASE: ${{ secrets.ENCRYPTION_PASSPHRASE }}
ENCRYPTED_BACKEND_ENV: ${{ secrets.BACKEND_ENV_FILE }}
run: |
echo "$ENCRYPTED_BACKEND_ENV" | base64 -d | openssl enc -aes-256-cbc -d -pbkdf2 -k "$PASSPHRASE" -out backend.env
- name: Prepare PostgreSQL Password
env:
POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
run: |
echo "$POSTGRES_PASSWORD" > POSTGRES_PASSWORD.txt
- name: Copy files to Server
uses: appleboy/[email protected]
with:
host: ${{ env.PUBLIC_IP }}
username: ${{ vars.EC2_USER }}
key: ${{ secrets.PRIVATE_KEY }}
source: "backend.env, POSTGRES_PASSWORD.txt, compose.yml"
target: "~/"
- name: Use SSH Action
uses: appleboy/[email protected]
with:
host: ${{ env.PUBLIC_IP }}
username: ${{ vars.EC2_USER }}
key: ${{ secrets.PRIVATE_KEY }}
script: |
mv backend.env backend/.env
docker compose up -d --no-deps --force-recreate backend db adminer