-
Notifications
You must be signed in to change notification settings - Fork 0
126 lines (109 loc) · 4.38 KB
/
deploy.yml
File metadata and controls
126 lines (109 loc) · 4.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: CI/CD Pipeline
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
env:
SERVER_PORT: 8126
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
cache: maven
- name: Generate application-prod.properties from template
run: |
mkdir -p src/main/resources
cp src/main/resources/application-prod-template.properties src/main/resources/application-prod.properties
sed -i "s|@SERVER_PORT@|${{ env.SERVER_PORT }}|g" src/main/resources/application-prod.properties
sed -i "s|@DB_URL@|${{ secrets.DB_URL }}|g" src/main/resources/application-prod.properties
sed -i "s|@DB_USERNAME@|${{ secrets.DB_USERNAME }}|g" src/main/resources/application-prod.properties
sed -i "s|@DB_PASSWORD@|${{ secrets.DB_PASSWORD }}|g" src/main/resources/application-prod.properties
sed -i "s|http://minio.example.com:9000|${{ secrets.STORAGE_ENDPOINT }}|g" src/main/resources/application-prod.properties
sed -i "s|storage.s3.access-key=replace-me|storage.s3.access-key=${{ secrets.STORAGE_ACCESS_KEY }}|g" src/main/resources/application-prod.properties
sed -i "s|storage.s3.secret-key=replace-me|storage.s3.secret-key=${{ secrets.STORAGE_SECRET_KEY }}|g" src/main/resources/application-prod.properties
sed -i "s|storage.s3.bucket=bandmanager-imports|storage.s3.bucket=${{ secrets.STORAGE_BUCKET }}|g" src/main/resources/application-prod.properties
sed -i "s|band-manager.jwt.secret=@JWT_SECRET@|band-manager.jwt.secret=${{ secrets.JWT_SECRET }}|g" src/main/resources/application-prod.properties
- name: Build with Maven
run: mvn -B clean package -P prod -DskipTests
- name: Upload JAR artifact
uses: actions/upload-artifact@v4
with:
name: application-jar
path: target/BandManager-0.1.jar
retention-days: 1
deploy:
runs-on: ubuntu-latest
needs: build
if: github.ref == 'refs/heads/master'
steps:
- name: Download JAR artifact
uses: actions/download-artifact@v4
with:
name: application-jar
path: ./artifact
- name: Setup SSH key
run: |
mkdir -p ~/.ssh
printf "%s\n" "${{ secrets.DEPLOY_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan 83.166.246.71 >> ~/.ssh/known_hosts
- name: Create directory structure on server
run: |
ssh root@83.166.246.71 /bin/bash << 'EOF'
mkdir -p ~/BandManager
EOF
- name: Stop existing application
run: |
ssh root@83.166.246.71 /bin/bash << 'EOF'
PID=$(pgrep -f BandManager.jar || true)
if [ -n "$PID" ]; then
kill -9 $PID
echo "Stopped BandManager.jar (PID $PID)"
else
echo "No BandManager.jar process found"
fi
EOF
- name: Upload JAR to server
run: scp ./artifact/BandManager-0.1.jar root@83.166.246.71:~/BandManager/BandManager.jar
- name: Start application
run: |
ssh root@83.166.246.71 /bin/bash << 'EOF'
cd ~/BandManager
_JAVA_OPTIONS=""
nohup java -Xmx512m -Xms256m -jar BandManager.jar --spring.profiles.active=prod > band-manager.log 2>&1 &
EOF
health-check:
runs-on: ubuntu-latest
needs: deploy
if: github.ref == 'refs/heads/master'
steps:
- name: Setup SSH key
run: |
mkdir -p ~/.ssh
printf "%s\n" "${{ secrets.DEPLOY_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan 83.166.246.71 >> ~/.ssh/known_hosts
- name: Check application process
run: |
ssh root@83.166.246.71 /bin/bash << 'EOF'
ps aux | grep BandManager.jar | grep -v grep
EOF
- name: Check application logs
run: |
ssh root@83.166.246.71 /bin/bash << 'EOF'
tail -20 ~/BandManager/band-manager.log
EOF
- name: Check health endpoint
run: |
sleep 30
ssh root@83.166.246.71 /bin/bash << 'EOF'
curl -s -o /dev/null -w 'Health Check: %{http_code}\n' localhost:${{ env.SERVER_PORT }}/health
EOF