99 - main
1010
1111env :
12- DOTNET_INSTALL_DIR : " ./.dotnet"
12+ DOTNET_INSTALL_DIR : " ./.dotnet"
13+ DOCKER_BUILDKIT : " 1"
1314
1415jobs :
15- build-and-deploy :
16- name : Build and Deploy to GHCR
16+ build :
17+ name : 🛠️ Restore • Build • Test • Publish
1718 runs-on : self-hosted
1819 permissions :
1920 contents : read
20- packages : write
21- attestations : write
22- id-token : write
2321 steps :
2422 - name : Checkout code
2523 uses : actions/checkout@v4
@@ -42,47 +40,73 @@ jobs:
4240 - name : Test
4341 run : dotnet dotnet test --no-restore --verbosity normal -e ASPNETCORE_ENVIRONMENT=Deployment
4442 - name : Publish Application
45- run : dotnet publish -c Release -o app/publish
46- - uses : actions/upload-artifact@v4
43+ run : dotnet publish -c Release --property:PublishDir=app/publish
44+ - name : Upload artifact
45+ uses : actions/upload-artifact@v4
46+ with :
47+ name : app-build
48+ path : app/publish
49+ docker :
50+ name : 🐳 Build & Push Docker Image
51+ needs : build
52+ runs-on : self-hosted
53+ permissions :
54+ contents : read
55+ packages : write
56+ steps :
57+ - uses : actions/checkout@v4
58+ # Download the artifact from the build job
59+ - name : Download artifact
60+ uses : actions/download-artifact@v4
4761 with :
48- name : dotnet-app
49- path : |
50- app/publish
51- app/output/test-results
52- retention-days : 3
53- - name : Log in to GitHub Container Registry
62+ name : app-build
63+ path : app/publish
64+ # Set up Docker Buildx
65+ - name : Set up Docker Buildx
66+ uses : docker/setup-buildx-action@v3
67+ # Login to GitHub Container Registry
68+ - name : Login to GitHub Container Registry
5469 uses : docker/login-action@v3
5570 with :
5671 registry : ${{ vars.REGISTRY }}
5772 username : ${{ github.actor }}
5873 password : ${{ secrets.PWD_TOKEN }}
59- - name : Build and tag Docker image
60- run : >
61- docker build . -t ${{ vars.REGISTRY }}/${{ github.actor }}/${{
62- vars.IMAGE_NAME }}:${{ github.sha }}
63-
64- docker tag ${{ vars.REGISTRY }}/${{ github.actor }}/${{ vars.IMAGE_NAME }}:${{ github.sha }} ${{ vars.REGISTRY }}/${{ github.actor }}/${{ vars.IMAGE_NAME }}:latest
65- name : Push Docker image to GHCR
66- run : >
67- docker push ${{ vars.REGISTRY }}/${{ github.actor }}/${{ vars.IMAGE_NAME
68- }}:${{ github.sha }}
69-
70- docker push ${{ vars.REGISTRY }}/${{ github.actor }}/${{ vars.IMAGE_NAME }}:latest
71- name : Deploy
74+ # add tag for docker sha and latest
75+ - name : Docker metadata
76+ id : meta
77+ uses : docker/metadata-action@v5
78+ with :
79+ images : ${{ vars.REGISTRY }}/${{ github.actor }}/${{ vars.IMAGE_NAME }}
80+ tags : |
81+ type=sha,format=long
82+ type=raw,value=latest,enable={{is_default_branch}}
83+ name : Build and push
84+ uses : docker/build-push-action@v5
85+ with :
86+ context : .
87+ push : ${{ github.event_name != 'pull_request' }}
88+ tags : ${{ steps.meta.outputs.tags }}
89+ labels : ${{ steps.meta.outputs.labels }}
90+ cache-from : type=gha
91+ cache-to : type=gha,mode=max
92+ deploy :
93+ name : 🚀 Deploy to Production Server
94+ needs : docker
95+ runs-on : self-hosted
96+ permissions :
97+ contents : read
98+ environment : production
99+ steps :
100+ - name : Deploy to Server
72101 uses : appleboy/ssh-action@v1.2.0
73102 with :
74103 host : ${{ vars.SSH_HOST }}
75104 username : ${{ secrets.SSH_USER }}
76105 key : ${{ secrets.SERVER_SSH_KEY }}
77106 port : 22
78- script : >
79- docker login ${{ vars.REGISTRY }} -u ${{ github.actor }} -p ${{
80- secrets.MY_PERSONAL_PAT }}
81-
107+ script : |
108+ docker login ${{ vars.REGISTRY }} -u ${{ github.actor }} --password-stdin ${{ secrets.PWD_TOKEN }}
82109 docker pull ${{ vars.REGISTRY }}/${{ github.actor }}/${{ vars.IMAGE_NAME }}:latest
83-
84110 cd ${{ secrets.APP_PATH }}
85-
86111 docker compose down
87-
88112 docker compose up -d --build
0 commit comments