-
Notifications
You must be signed in to change notification settings - Fork 0
128 lines (115 loc) · 4.08 KB
/
Copy pathdeploy.yml
File metadata and controls
128 lines (115 loc) · 4.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
name: Build & Deploy
on:
push:
branches: [main]
# This pipeline builds + ships the BACKEND /api image to the VPS
# only. The frontend deploys independently via Vercel, so a
# frontend-only or docs-only commit never needs this pipeline —
# skip the GHCR rebuild + VPS container recreate for them. A mixed
# commit that also touches backend/src still deploys (paths-ignore
# only skips when ALL changed files match).
paths-ignore:
- '**/*.md'
- 'docs/**'
- 'LICENSE'
- 'frontend/**'
env:
IMAGE: ghcr.io/leanderantony/ai_job_application_agent/api
VPS_APP_DIR: /home/ubuntu/AI_Job_Application_Agent
jobs:
build-and-push:
name: Build Docker image to GHCR
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Log in to GHCR
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4
- name: Build and push
uses: docker/build-push-action@v7
with:
context: .
push: true
tags: ${{ env.IMAGE }}:latest,${{ env.IMAGE }}:${{ github.sha }}
cache-from: type=registry,ref=${{ env.IMAGE }}:cache
cache-to: type=registry,ref=${{ env.IMAGE }}:cache,mode=max
deploy:
name: Deploy to VPS
runs-on: ubuntu-latest
needs: build-and-push
permissions:
contents: read
packages: read
env:
GITHUB_ACTOR: ${{ github.actor }}
GITHUB_TOKEN: ${{ github.token }}
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Prepare VPS directory
uses: appleboy/ssh-action@v1
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.VPS_USER }}
key: ${{ secrets.VPS_SSH_KEY }}
port: ${{ secrets.VPS_PORT }}
script: |
mkdir -p "${{ env.VPS_APP_DIR }}/backend/vps"
- name: Copy deployment files
uses: appleboy/scp-action@v0.1.7
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.VPS_USER }}
key: ${{ secrets.VPS_SSH_KEY }}
port: ${{ secrets.VPS_PORT }}
source: backend/vps/docker-compose.yml,backend/vps/docker-compose.override.yml
target: ${{ env.VPS_APP_DIR }}/backend/vps
strip_components: 2
- name: Deploy via SSH
uses: appleboy/ssh-action@v1
env:
IMAGE: ${{ env.IMAGE }}
GITHUB_ACTOR: ${{ env.GITHUB_ACTOR }}
GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }}
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.VPS_USER }}
key: ${{ secrets.VPS_SSH_KEY }}
port: ${{ secrets.VPS_PORT }}
envs: IMAGE,GITHUB_TOKEN,GITHUB_ACTOR
script: |
echo "$GITHUB_TOKEN" | docker login ghcr.io -u "$GITHUB_ACTOR" --password-stdin
docker pull "$IMAGE:latest"
cd "${{ env.VPS_APP_DIR }}/backend/vps"
docker compose -p ai_job_application_agent up -d --no-deps --no-build --force-recreate api
docker logout ghcr.io
- name: Health check
uses: appleboy/ssh-action@v1
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.VPS_USER }}
key: ${{ secrets.VPS_SSH_KEY }}
port: ${{ secrets.VPS_PORT }}
script: |
echo "Waiting for AI Job Application Agent API to be healthy..."
for i in $(seq 1 12); do
STATUS=$(docker inspect --format='{{.State.Health.Status}}' ai-job-application-agent-api 2>/dev/null)
echo "Attempt $i: $STATUS"
if [ "$STATUS" = "healthy" ]; then
echo "Container is healthy"
exit 0
fi
sleep 5
done
echo "Container did not become healthy in time"
docker logs ai-job-application-agent-api --tail 30
exit 1