Add GitHub Actions workflows for building, testing, and deploying a Docker image to a VPS.

brocchirodrigo · brocchirodrigo · commit 1aeec2446ed0 · 2025-02-17T19:04:50.000-03:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -0,0 +1,38 @@
+name: Deploy to VPS
+
+on:
+  workflow_run:
+    workflows: ["Docker Image CI"]
+    types:
+      - completed
+
+jobs:
+  deploy:
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v2
+
+      - name: Deploy to VPS
+        uses: appleboy/ssh-action@v0.1.3
+        with:
+          host: ${{ secrets.SSH_IP_HOST }}
+          username: ${{ secrets.SSH_USERNAME }}
+          key: ${{ secrets.SSH_PRIVATE_KEY }}
+          port: 22
+          script: |
+            echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
+            docker stop user || true
+            docker rm user || true
+            docker rmi ${{ secrets.DOCKERHUB_REPOSITORY }}:latest || true
+            docker pull ${{ secrets.DOCKERHUB_REPOSITORY }}:latest
+            docker run -d --network host --name user \
+              -e SPRING_PROFILES_ACTIVE=prod \
+              -e eureka.environment=prod \
+              -e AUTH_BASE_URL=${{ secrets.AUTH_BASE_URL }} \
+              -e AUTH_RESQUEUE_CLIENT_SECRET=${{ secrets.AUTH_RESQUEUE_CLIENT_SECRET }} \
+              -e KC_BASE_ISSUER_URL=${{ secrets.KC_BASE_ISSUER_URL }} \
+              -e EUREKA_URL=${{ secrets.EUREKA_URL }} \
+              ${{ secrets.DOCKERHUB_REPOSITORY }}:latest
diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
@@ -0,0 +1,36 @@
+name: Docker Image CI
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Verify tag is from main branch
+        run: |
+          git fetch origin main
+          if [ "$(git rev-list -n 1 origin/main)" != "$(git rev-list -n 1 $GITHUB_SHA)" ]; then
+            echo "Tag was not created from the main branch. Exiting."
+            exit 1
+          fi
+
+      - name: Log in to Docker Hub
+        run: echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
+
+      - name: Build the Docker image
+        run: docker build -t ${{ secrets.DOCKERHUB_REPOSITORY }}:latest .
+
+      - name: Push the Docker image
+        run: |
+          docker tag ${{ secrets.DOCKERHUB_REPOSITORY }}:latest ${{ secrets.DOCKERHUB_REPOSITORY }}:${{ github.ref_name }}
+          docker push ${{ secrets.DOCKERHUB_REPOSITORY }}:latest
+          docker push ${{ secrets.DOCKERHUB_REPOSITORY }}:${{ github.ref_name }}
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,21 @@
+FROM maven:3-amazoncorretto-21 AS build
+
+WORKDIR /app
+
+COPY pom.xml .
+
+RUN mvn dependency:resolve
+
+COPY src ./src
+
+RUN mvn clean package -DskipTests
+
+FROM amazoncorretto:21 AS runner
+
+WORKDIR /app
+
+COPY --from=build /app/target/*.jar app.jar
+
+EXPOSE 9001
+
+CMD ["java", "-jar", "app.jar"]
