diff --git a/.github/workflows/dockerbuild.yml b/.github/workflows/dockerbuild.yml new file mode 100644 index 0000000..e13f238 --- /dev/null +++ b/.github/workflows/dockerbuild.yml @@ -0,0 +1,77 @@ +name: Publish Docker image + +on: + push: + branches: + - main + +jobs: + build-and-push: + runs-on: ubuntu-24.04 + outputs: + image_sha: ${{ steps.determine-tag.outputs.image_sha }} # Output the SHA for deploy + steps: + - name: Checkout + uses: actions/checkout@v4.1.7 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3.2.0 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3.6.1 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3.3.0 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5.5.1 + with: + images: ghcr.io/${{ github.repository }} + tags: | + type=sha # Fallback to SHA + type=raw,value=latest + + - name: Build and push Docker image + id: buildandpush + uses: docker/build-push-action@v6.7.0 + with: + context: . + platforms: linux/amd64 + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: Capture SHA from Docker metadata + id: determine-tag + run: | + echo "Capturing image SHA..." + TAGS=$(echo "${{ steps.meta.outputs.tags }}" | tr ',' '\n') + IMAGE_SHA=$(echo "$TAGS" | grep '^.*:sha-' | awk -F':' '{print $NF}' | head -n 1) + echo "Image SHA: $IMAGE_SHA" + echo "image_sha=$IMAGE_SHA" >> $GITHUB_OUTPUT + + deploy: + runs-on: ubuntu-24.04 + needs: build-and-push + environment: badger-servers + env: + DOCKER_TAG: ${{ needs.build-and-push.outputs.image_sha }} # Pass the SHA to deploy + steps: + - name: Deploy to server + uses: garygrossgarten/github-action-ssh@0.8.0 + with: + command: | + cd badgehub-infra/badgehub + export BACKEND_IMAGE_TAG=${{ env.DOCKER_TAG }} + echo "BACKEND_IMAGE_TAG is: $BACKEND_IMAGE_TAG" + docker-compose -f docker-compose.yml up --no-deps -d badgehub-backend + host: ${{ secrets.HOST }} + port: ${{ secrets.PORT }} + username: ${{ secrets.USERNAME }} + passphrase: ${{ secrets.PASSPHRASE }} + privateKey: ${{ secrets.PRIVATE_KEY }}