Clean CI/CD #51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Symfony deployment | |
| on: | |
| push: | |
| branches: [ "alpha" ] | |
| pull_request: | |
| branches: [ "alpha" ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| validate: | |
| name: Symfony (PHP ${{ matrix.php-versions }}) | |
| runs-on: ubuntu-latest | |
| env: | |
| DATABASE_URL: mysql://root:[email protected]:3306/symfony?serverVersion=9.3 | |
| services: | |
| mysql: | |
| image: mysql:9.3 | |
| env: | |
| MYSQL_ALLOW_EMPTY_PASSWORD: false | |
| MYSQL_ROOT_PASSWORD: symfony | |
| MYSQL_DATABASE: symfony | |
| ports: | |
| - 3306/tcp | |
| options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| php-versions: ['8.4'] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup PHP | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: ${{ matrix.php-versions }} | |
| tools: phpunit-bridge | |
| extensions: mbstring, xml, ctype, iconv, intl, pdo_sqlite, mysql | |
| coverage: xdebug | |
| - name: Copy .env.dist | |
| run: php -r "file_exists('.env.local') || copy('.env.dist', '.env.local');" | |
| - name: Get composer cache directory | |
| id: composer-cache | |
| run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT | |
| - name: Cache composer dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ steps.composer-cache.outputs.dir }} | |
| key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
| restore-keys: ${{ runner.os }}-composer- | |
| - name: Install Composer dependencies | |
| run: composer install --no-progress --prefer-dist --optimize-autoloader | |
| env: | |
| DATABASE_URL: mysql://root:[email protected]:${{ job.services.mysql.ports['3306'] }}/symfony?serverVersion=9.3 | |
| - name: Run Migration | |
| run: | | |
| php bin/console doctrine:schema:update --complete --force || echo "No migrations found or schema update failed" | |
| php bin/console doctrine:migrations:migrate --no-interaction || echo "No migrations found or migration failed" | |
| env: | |
| DATABASE_URL: mysql://root:[email protected]:${{ job.services.mysql.ports['3306'] }}/symfony?serverVersion=9.3 | |
| - name: Run Tests | |
| run: | | |
| composer require --dev phpunit/phpunit | |
| vendor/bin/phpunit --coverage-text | |
| env: | |
| DATABASE_URL: mysql://root:[email protected]:${{ job.services.mysql.ports['3306'] }}/symfony?serverVersion=9.3 | |
| deploy: | |
| name: Deploy image | |
| runs-on: ubuntu-latest | |
| needs: validate | |
| if: github.event_name == 'push' | |
| env: | |
| DOCKER_BRANCH: ${{ github.ref_name }} | |
| DOMAIN_URL: ${{ secrets.DOMAIN_URL }} | |
| DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }} | |
| MYSQL_ROOT_PASSWORD: ${{ secrets.MYSQL_ROOT_PASSWORD }} | |
| MYSQL_USER: ${{ secrets.MYSQL_USER }} | |
| MYSQL_PASSWORD: ${{ secrets.MYSQL_PASSWORD }} | |
| MYSQL_DATABASE: ${{ secrets.MYSQL_DATABASE }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set environment variables | |
| id: set-env | |
| run: | | |
| echo "DOCKER_NETWORK_NAME=api-${DOCKER_BRANCH}" >> $GITHUB_ENV | |
| echo "DATABASE_URL=mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@db:3306/${MYSQL_DATABASE}?serverVersion=9.3" >> $GITHUB_ENV | |
| if [[ "${DOCKER_BRANCH}" == "master" ]]; then | |
| echo "APP_ENV=prod" >> $GITHUB_ENV | |
| echo "HOSTNAME=api.${DOMAIN_URL}" >> $GITHUB_ENV | |
| elif [[ "${DOCKER_BRANCH}" == "preprod" ]]; then | |
| echo "APP_ENV=prod" >> $GITHUB_ENV | |
| echo "HOSTNAME=api.${DOCKER_BRANCH}.${DOMAIN_URL}" >> $GITHUB_ENV | |
| else | |
| echo "APP_ENV=dev" >> $GITHUB_ENV | |
| echo "HOSTNAME=api.${DOCKER_BRANCH}.${DOMAIN_URL}" >> $GITHUB_ENV | |
| fi | |
| - name: Login to registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.DOCKER_REGISTRY }} | |
| username: ${{ secrets.DOCKER_LOGIN }} | |
| password: ${{ secrets.DOCKER_PASSWD }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ secrets.DOCKER_REGISTRY }}/api-php:${{ github.ref_name }} | |
| build-args: | | |
| APP_ENV=${{ env.APP_ENV }} | |
| DATABASE_URL=${{ env.DATABASE_URL }} | |
| cache-from: type=registry,ref=${{ secrets.DOCKER_REGISTRY }}/api-php:${{ github.ref_name }} | |
| cache-to: type=inline | |
| - name: Configure SSH | |
| env: | |
| SSH_USER: ${{ secrets.SSH_USER }} | |
| SSH_KEY: ${{ secrets.SSH_KEY }} | |
| SSH_HOST: ${{ secrets.SSH_HOST }} | |
| SSH_PORT: ${{ secrets.SSH_PORT }} | |
| run: | | |
| mkdir -p ~/.ssh/ | |
| echo "$SSH_KEY" > ~/.ssh/staging.key | |
| chmod 600 ~/.ssh/staging.key | |
| cat >>~/.ssh/config <<END | |
| Host staging | |
| HostName $SSH_HOST | |
| User $SSH_USER | |
| Port $SSH_PORT | |
| IdentityFile ~/.ssh/staging.key | |
| StrictHostKeyChecking no | |
| END | |
| - name: Deploy and run migrations | |
| run: | | |
| ssh staging "cd /var/docker/api/${DOCKER_BRANCH} && \ | |
| export DOCKER_BRANCH='${DOCKER_BRANCH}' && \ | |
| export DOCKER_REGISTRY='${DOCKER_REGISTRY}' && \ | |
| cat > .env << 'ENVEOF' | |
| APP_ENV=${APP_ENV} | |
| DATABASE_URL=${DATABASE_URL} | |
| DOCKER_NETWORK_NAME=${DOCKER_NETWORK_NAME} | |
| HOSTNAME=${HOSTNAME} | |
| MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} | |
| MYSQL_USER=${MYSQL_USER} | |
| MYSQL_PASSWORD=${MYSQL_PASSWORD} | |
| MYSQL_DATABASE=${MYSQL_DATABASE} | |
| ENVEOF | |
| git pull origin ${DOCKER_BRANCH} && \ | |
| docker compose --file docker-compose-branch.yml pull && \ | |
| docker login -u ${{ secrets.DOCKER_LOGIN }} -p ${{ secrets.DOCKER_PASSWD }} ${DOCKER_REGISTRY} && \ | |
| docker compose --project-name ${DOCKER_BRANCH}-api_php --file docker-compose-branch.yml up -d --remove-orphans && \ | |
| echo 'Waiting for container to be ready...' && \ | |
| until docker exec ${DOCKER_BRANCH}-api_php-sf true 2>/dev/null; do sleep 2; done && \ | |
| echo 'Running migrations...' && \ | |
| docker compose --project-name ${DOCKER_BRANCH}-api_php --file docker-compose-branch.yml exec -T symfony php bin/console doctrine:migrations:migrate --no-interaction --allow-no-migration && \ | |
| echo 'Clearing cache...' && \ | |
| docker compose --project-name ${DOCKER_BRANCH}-api_php --file docker-compose-branch.yml exec -T symfony php bin/console cache:clear" |