ci: remove healthcheck block for DB and Redis from deployment script #18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: [master] | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: orctatech-engineering-team/orcta-backend | |
| jobs: | |
| build-and-push: | |
| name: Build & push Docker image | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| outputs: | |
| image_tag: ${{ steps.meta.outputs.version }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract image metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=sha,prefix=,format=short | |
| type=raw,value=latest | |
| - name: Build and push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: apps/backend/Dockerfile | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| SERVICE_VERSION=${{ github.sha }} | |
| deploy: | |
| name: Deploy to VPS | |
| runs-on: ubuntu-latest | |
| needs: build-and-push | |
| environment: production | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Deploy via SSH | |
| uses: appleboy/ssh-action@v1.0.3 | |
| with: | |
| host: ${{ secrets.VPS_HOST }} | |
| username: ${{ secrets.VPS_USER }} | |
| key: ${{ secrets.VPS_SSH_KEY }} | |
| script: | | |
| # Fail fast: | |
| # -e → exit on error | |
| # -u → error on undefined variables | |
| # -o pipefail → fail if any command in a pipeline fails | |
| set -euo pipefail | |
| # Static deployment configuration | |
| REPO_NAME="orcta-stack" | |
| APP_DIR="/srv/apps/$REPO_NAME" | |
| # Branch that triggered the workflow (master in your case) | |
| BRANCH="${{ github.ref_name }}" | |
| # Ensure application directory exists (idempotent) | |
| mkdir -p "$APP_DIR" | |
| cd "$APP_DIR" | |
| # Sync repository state | |
| # Clone only once; subsequent deploys pull latest changes | |
| if [ ! -d ".git" ]; then | |
| echo "Cloning repository..." | |
| git clone git@github.com:Orctatech-Engineering-Team/$REPO_NAME.git . | |
| else | |
| echo "Pulling latest changes..." | |
| git fetch origin | |
| git checkout "$BRANCH" | |
| git pull origin "$BRANCH" | |
| fi | |
| # Hard stop if production environment file is missing | |
| # Prevents accidental boot with empty credentials/secrets | |
| if [ ! -f ".env.production" ]; then | |
| echo "Error: .env.production file not found." | |
| exit 1 | |
| fi | |
| # Authenticate with GitHub Container Registry (GHCR) | |
| # Token is piped via stdin to avoid shell history leakage | |
| echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin | |
| # Pull latest backend image built by CI | |
| docker pull ghcr.io/orctatech-engineering-team/orcta-backend:latest | |
| # Start infrastructure dependencies first | |
| # --env-file ensures Compose-time variable interpolation works | |
| IMAGE_TAG=latest docker compose --env-file .env.production -f docker-compose.prod.yml up -d db redis | |
| # Show container states (useful for debugging in CI logs) | |
| docker compose --env-file .env.production -f docker-compose.prod.yml ps | |
| # Run database migrations using the NEW backend image | |
| # --rm prevents orphaned containers | |
| IMAGE_TAG=latest docker compose --env-file .env.production -f docker-compose.prod.yml run --rm backend node src/db/migrate.js | |
| # Update backend container | |
| # Only backend is recreated → DB/Redis remain untouched | |
| IMAGE_TAG=latest docker compose --env-file .env.production -f docker-compose.prod.yml up -d backend | |
| # Remove dangling/unused images to control disk usage | |
| docker image prune -f |