Add API and add Web specific webhook secrets #19
9 changed files with 329 additions and 14 deletions
95
.github/workflows/api-container.yml
vendored
Normal file
95
.github/workflows/api-container.yml
vendored
Normal file
|
|
@ -0,0 +1,95 @@
|
|||
name: API Deployment Container
|
||||
on:
|
||||
workflow_dispatch: {}
|
||||
pull_request:
|
||||
branches:
|
||||
- main
|
||||
types:
|
||||
- opened
|
||||
- reopened
|
||||
- synchronize
|
||||
- ready_for_review
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- api/**
|
||||
jobs:
|
||||
determine-workflow:
|
||||
runs-on: 'ubuntu-latest'
|
||||
outputs:
|
||||
workflow_type: ${{ steps.workflow.outputs.workflow_type }}
|
||||
workflow_envs: ${{ steps.workflow.outputs.workflow_envs }}
|
||||
release_type: ${{ steps.workflow.outputs.release_type }}
|
||||
current_version: ${{ steps.version.outputs.current_version }}
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v4
|
||||
- name: Determine Workflow
|
||||
id: workflow
|
||||
shell: bash
|
||||
run: |
|
||||
event=${{ github.event_name }}
|
||||
workflow_type='dev';
|
||||
workflow_envs='["dev"]'
|
||||
if [[ $event == 'workflow_dispatch' && '${{ github.ref_name }}' == 'main' ]];
|
||||
then
|
||||
echo "in if statement"
|
||||
workflow_type='release';
|
||||
workflow_envs='["prod"]'
|
||||
fi
|
||||
|
||||
echo "workflow_type=$workflow_type" >> $GITHUB_OUTPUT
|
||||
echo "workflow_envs=$workflow_envs" >> $GITHUB_OUTPUT
|
||||
|
||||
echo "Running $workflow_type pipeline in environments: $workflow_envs" >> $GITHUB_STEP_SUMMARY
|
||||
- name: Extract Version
|
||||
id: version
|
||||
shell: bash
|
||||
run: |
|
||||
version=$(jq -r '.version' api/package.json)
|
||||
echo "current_version=$version" >> "$GITHUB_OUTPUT"
|
||||
nonprod-deploy-api:
|
||||
needs: determine-workflow
|
||||
if: needs.determine-workflow.outputs.workflow_type != 'release'
|
||||
strategy:
|
||||
max-parallel: 1
|
||||
matrix:
|
||||
env: ${{ fromJson(needs.determine-workflow.outputs.workflow_envs) }}
|
||||
uses: ./.github/workflows/api-deploy-nonprod.yml
|
||||
with:
|
||||
environments: ${{ matrix.env }}
|
||||
workflow_type: ${{ needs.determine-workflow.outputs.workflow_type }}
|
||||
branch: ${{ github.head_ref || github.ref_name }}
|
||||
current_version: ${{ needs.determine-workflow.outputs.current_version }}
|
||||
secrets:
|
||||
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
|
||||
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
TEST: ${{ secrets.TEST }}
|
||||
COOLIFY_WEBHOOK_API: ${{ secrets.COOLIFY_WEBHOOK_API }}
|
||||
COOLIFY_TOKEN: ${{ secrets.COOLIFY_TOKEN }}
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
prod-deploy-api:
|
||||
needs: determine-workflow
|
||||
if: needs.determine-workflow.outputs.workflow_type == 'release'
|
||||
strategy:
|
||||
max-parallel: 1
|
||||
matrix:
|
||||
env: ${{ fromJson(needs.determine-workflow.outputs.workflow_envs) }}
|
||||
uses: ./.github/workflows/api-deploy-prod.yml
|
||||
with:
|
||||
environments: ${{ matrix.env }}
|
||||
workflow_type: ${{ needs.determine-workflow.outputs.workflow_type }}
|
||||
branch: ${{ github.head_ref || github.ref_name }}
|
||||
current_version: ${{ needs.determine-workflow.outputs.current_version }}
|
||||
secrets:
|
||||
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
|
||||
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
TEST: ${{ secrets.TEST }}
|
||||
COOLIFY_WEBHOOK_API: ${{ secrets.COOLIFY_WEBHOOK_API }}
|
||||
COOLIFY_TOKEN: ${{ secrets.COOLIFY_TOKEN }}
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
94
.github/workflows/api-deploy-nonprod.yml
vendored
Normal file
94
.github/workflows/api-deploy-nonprod.yml
vendored
Normal file
|
|
@ -0,0 +1,94 @@
|
|||
name: API Deployment Non-Production
|
||||
on:
|
||||
workflow_call:
|
||||
inputs:
|
||||
environments:
|
||||
type: string
|
||||
description: An optional list of environments to deploy to.
|
||||
default: 'dev'
|
||||
workflow_type:
|
||||
type: string
|
||||
description: An optional string for workflow types.
|
||||
default: 'dev'
|
||||
branch:
|
||||
type: string
|
||||
description: An optional string to define which branch to checkout.
|
||||
default: 'main'
|
||||
current_version:
|
||||
type: string
|
||||
description: Current Version of the package.json.
|
||||
default: '0.0.0'
|
||||
secrets:
|
||||
DOCKERHUB_USER: {}
|
||||
DOCKERHUB_TOKEN: {}
|
||||
TEST: {}
|
||||
COOLIFY_WEBHOOK_API: {}
|
||||
COOLIFY_TOKEN: {}
|
||||
jobs:
|
||||
check-inputs:
|
||||
runs-on: 'ubuntu-latest'
|
||||
environment: ${{ inputs.environments }}
|
||||
steps:
|
||||
- name: Check secrets present
|
||||
run: |
|
||||
if [[ -z "${{ secrets.COOLIFY_WEBHOOK_API }}" ]]; then
|
||||
echo "COOLIFY_WEBHOOK_API secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "COOLIFY_WEBHOOK_API secret is set"
|
||||
fi
|
||||
if [[ -z "${{ secrets.COOLIFY_TOKEN }}" ]]; then
|
||||
echo "COOLIFY_TOKEN secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "COOLIFY_TOKEN secret is set"
|
||||
fi
|
||||
if [[ -z "${{ secrets.DOCKERHUB_USER }}" ]]; then
|
||||
echo "DOCKERHUB_USER secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "DOCKERHUB_USER secret is set"
|
||||
fi
|
||||
if [[ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]]; then
|
||||
echo "DOCKERHUB_TOKEN secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "DOCKERHUB_TOKEN secret is set"
|
||||
fi
|
||||
echo "Current Version: ${{inputs.current_version}}"
|
||||
build:
|
||||
needs: check-inputs
|
||||
if: needs.check-inputs.result == 'success' && inputs.workflow_type != 'release'
|
||||
environment: ${{ inputs.environments }}
|
||||
runs-on: 'ubuntu-latest'
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Branch Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
ref: ${{ inputs.branch }}
|
||||
- name: Login to Docker
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: docker.io
|
||||
username: ${{ secrets.DOCKERHUB_USER }}
|
||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
- name: Docker Build Backend
|
||||
run: docker build -f api/Dockerfile -t john4064/shiftsync:latest_api ./api --build-arg ENVIRONMENT=dev
|
||||
- name: Docker Push Backend
|
||||
run: docker push john4064/shiftsync:latest_api
|
||||
deploy:
|
||||
needs: build
|
||||
if: needs.build.result == 'success' && inputs.workflow_type != 'release'
|
||||
environment: ${{ inputs.environments }}
|
||||
runs-on: 'ubuntu-latest'
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Deploy to Coolify
|
||||
run: |
|
||||
curl --request GET '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
|
||||
|
||||
94
.github/workflows/api-deploy-prod.yml
vendored
Normal file
94
.github/workflows/api-deploy-prod.yml
vendored
Normal file
|
|
@ -0,0 +1,94 @@
|
|||
name: API Deployment Production
|
||||
on:
|
||||
workflow_call:
|
||||
inputs:
|
||||
environments:
|
||||
type: string
|
||||
description: An optional list of environments to deploy to.
|
||||
default: 'prod'
|
||||
workflow_type:
|
||||
type: string
|
||||
description: An optional string for workflow types.
|
||||
default: 'prod'
|
||||
branch:
|
||||
type: string
|
||||
description: An optional string to define which branch to checkout.
|
||||
default: 'main'
|
||||
current_version:
|
||||
type: string
|
||||
description: Current Version of the package.json.
|
||||
default: '0.0.0'
|
||||
secrets:
|
||||
DOCKERHUB_USER: {}
|
||||
DOCKERHUB_TOKEN: {}
|
||||
TEST: {}
|
||||
COOLIFY_WEBHOOK_API: {}
|
||||
COOLIFY_TOKEN: {}
|
||||
jobs:
|
||||
check-inputs:
|
||||
runs-on: 'ubuntu-latest'
|
||||
environment: ${{ inputs.environments }}
|
||||
steps:
|
||||
- name: Check secrets present
|
||||
run: |
|
||||
if [[ -z "${{ secrets.COOLIFY_WEBHOOK_API }}" ]]; then
|
||||
echo "COOLIFY_WEBHOOK_API secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "COOLIFY_WEBHOOK_API secret is set"
|
||||
fi
|
||||
if [[ -z "${{ secrets.COOLIFY_TOKEN }}" ]]; then
|
||||
echo "COOLIFY_TOKEN secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "COOLIFY_TOKEN secret is set"
|
||||
fi
|
||||
if [[ -z "${{ secrets.DOCKERHUB_USER }}" ]]; then
|
||||
echo "DOCKERHUB_USER secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "DOCKERHUB_USER secret is set"
|
||||
fi
|
||||
if [[ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]]; then
|
||||
echo "DOCKERHUB_TOKEN secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "DOCKERHUB_TOKEN secret is set"
|
||||
fi
|
||||
echo "Current Version: ${{inputs.current_version}}"
|
||||
build:
|
||||
needs: check-inputs
|
||||
if: needs.check-inputs.result == 'success' && inputs.workflow_type == 'release'
|
||||
environment: ${{ inputs.environments }}
|
||||
runs-on: 'ubuntu-latest'
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Branch Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
ref: ${{ inputs.branch }}
|
||||
- name: Login to Docker
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: docker.io
|
||||
username: ${{ secrets.DOCKERHUB_USER }}
|
||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
- name: Docker Build Backend
|
||||
run: docker build -f api/Dockerfile -t john4064/shiftsync:prod_api ./api --build-arg ENVIRONMENT=prod
|
||||
- name: Docker Push Backend
|
||||
run: docker push john4064/shiftsync:prod_api
|
||||
deploy:
|
||||
needs: build
|
||||
if: needs.build.result == 'success' && inputs.workflow_type == 'release'
|
||||
environment: ${{ inputs.environments }}
|
||||
runs-on: 'ubuntu-latest'
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Deploy to Coolify
|
||||
run: |
|
||||
curl --request GET '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
|
||||
|
||||
8
.github/workflows/web-container.yml
vendored
8
.github/workflows/web-container.yml
vendored
|
|
@ -49,7 +49,7 @@ jobs:
|
|||
run: |
|
||||
version=$(jq -r '.version' web/package.json)
|
||||
echo "current_version=$version" >> "$GITHUB_OUTPUT"
|
||||
nonprod-deploy:
|
||||
nonprod-deploy-web:
|
||||
needs: determine-workflow
|
||||
if: needs.determine-workflow.outputs.workflow_type != 'release'
|
||||
strategy:
|
||||
|
|
@ -66,12 +66,12 @@ jobs:
|
|||
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
|
||||
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
TEST: ${{ secrets.TEST }}
|
||||
COOLIFY_WEBHOOK: ${{ secrets.COOLIFY_WEBHOOK }}
|
||||
COOLIFY_WEBHOOK_WEB: ${{ secrets.COOLIFY_WEBHOOK_WEB }}
|
||||
COOLIFY_TOKEN: ${{ secrets.COOLIFY_TOKEN }}
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
prod-deploy:
|
||||
prod-deploy-web:
|
||||
needs: determine-workflow
|
||||
if: needs.determine-workflow.outputs.workflow_type == 'release'
|
||||
strategy:
|
||||
|
|
@ -88,7 +88,7 @@ jobs:
|
|||
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
|
||||
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
TEST: ${{ secrets.TEST }}
|
||||
COOLIFY_WEBHOOK: ${{ secrets.COOLIFY_WEBHOOK }}
|
||||
COOLIFY_WEBHOOK_WEB: ${{ secrets.COOLIFY_WEBHOOK_WEB }}
|
||||
COOLIFY_TOKEN: ${{ secrets.COOLIFY_TOKEN }}
|
||||
permissions:
|
||||
contents: read
|
||||
|
|
|
|||
10
.github/workflows/web-deploy-nonprod.yml
vendored
10
.github/workflows/web-deploy-nonprod.yml
vendored
|
|
@ -22,7 +22,7 @@ on:
|
|||
DOCKERHUB_USER: {}
|
||||
DOCKERHUB_TOKEN: {}
|
||||
TEST: {}
|
||||
COOLIFY_WEBHOOK: {}
|
||||
COOLIFY_WEBHOOK_WEB: {}
|
||||
COOLIFY_TOKEN: {}
|
||||
jobs:
|
||||
check-inputs:
|
||||
|
|
@ -31,11 +31,11 @@ jobs:
|
|||
steps:
|
||||
- name: Check secrets present
|
||||
run: |
|
||||
if [[ -z "${{ secrets.COOLIFY_WEBHOOK }}" ]]; then
|
||||
echo "COOLIFY_WEBHOOK secret is empty or missing"
|
||||
if [[ -z "${{ secrets.COOLIFY_WEBHOOK_WEB }}" ]]; then
|
||||
echo "COOLIFY_WEBHOOK_WEB secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "COOLIFY_WEBHOOK secret is set"
|
||||
echo "COOLIFY_WEBHOOK_WEB secret is set"
|
||||
fi
|
||||
if [[ -z "${{ secrets.COOLIFY_TOKEN }}" ]]; then
|
||||
echo "COOLIFY_TOKEN secret is empty or missing"
|
||||
|
|
@ -90,5 +90,5 @@ jobs:
|
|||
steps:
|
||||
- name: Deploy to Coolify
|
||||
run: |
|
||||
curl --request GET '${{ secrets.COOLIFY_WEBHOOK }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
|
||||
curl --request GET '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
|
||||
|
||||
|
|
|
|||
10
.github/workflows/web-deploy-prod.yml
vendored
10
.github/workflows/web-deploy-prod.yml
vendored
|
|
@ -22,7 +22,7 @@ on:
|
|||
DOCKERHUB_USER: {}
|
||||
DOCKERHUB_TOKEN: {}
|
||||
TEST: {}
|
||||
COOLIFY_WEBHOOK: {}
|
||||
COOLIFY_WEBHOOK_WEB: {}
|
||||
COOLIFY_TOKEN: {}
|
||||
jobs:
|
||||
check-inputs:
|
||||
|
|
@ -31,11 +31,11 @@ jobs:
|
|||
steps:
|
||||
- name: Check secrets present
|
||||
run: |
|
||||
if [[ -z "${{ secrets.COOLIFY_WEBHOOK }}" ]]; then
|
||||
echo "COOLIFY_WEBHOOK secret is empty or missing"
|
||||
if [[ -z "${{ secrets.COOLIFY_WEBHOOK_WEB }}" ]]; then
|
||||
echo "COOLIFY_WEBHOOK_WEB secret is empty or missing"
|
||||
exit 1
|
||||
else
|
||||
echo "COOLIFY_WEBHOOK secret is set"
|
||||
echo "COOLIFY_WEBHOOK_WEB secret is set"
|
||||
fi
|
||||
if [[ -z "${{ secrets.COOLIFY_TOKEN }}" ]]; then
|
||||
echo "COOLIFY_TOKEN secret is empty or missing"
|
||||
|
|
@ -90,5 +90,5 @@ jobs:
|
|||
steps:
|
||||
- name: Deploy to Coolify
|
||||
run: |
|
||||
curl --request GET '${{ secrets.COOLIFY_WEBHOOK }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
|
||||
curl --request GET '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
|
||||
|
||||
|
|
|
|||
1
api/.dockerignore
Normal file
1
api/.dockerignore
Normal file
|
|
@ -0,0 +1 @@
|
|||
**/node_modules/**
|
||||
17
api/Dockerfile
Normal file
17
api/Dockerfile
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
FROM node:20-alpine
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
COPY ./package*.json ./
|
||||
|
||||
RUN npm ci
|
||||
|
||||
COPY . ./
|
||||
|
||||
EXPOSE 5172
|
||||
EXPOSE 5170
|
||||
|
||||
ARG ENVIRONMENT
|
||||
ENV ENVIRONMENT ${ENVIRONMENT}
|
||||
|
||||
CMD npm run ${ENVIRONMENT}
|
||||
14
api/docker-compose.yaml
Normal file
14
api/docker-compose.yaml
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
services:
|
||||
shiftsync-web:
|
||||
image: 'docker.io/john4064/shiftsync:prod_api'
|
||||
environment:
|
||||
- 'TESTVAR=${COOLIFY_VAR}'
|
||||
volumes:
|
||||
- /home/jparkhurst/shiftsync:/shiftsync
|
||||
ports:
|
||||
- "5172:5172"
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "-qO-", "http://localhost:5172"]
|
||||
interval: 10s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
Loading…
Reference in a new issue