Merge branch 'release/v1.0.4' #43
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Clean Architecture the template CI/CD | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| env: | |
| DOTNET_INSTALL_DIR: "./.dotnet" | |
| DOCKER_BUILDKIT: "1" | |
| jobs: | |
| build: | |
| name: 🛠️ Restore • Build • Test • Publish | |
| runs-on: self-hosted | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup .NET | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: "8.0.408" | |
| - name: Cache NuGet packages | |
| id: cache-nuget | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.nuget/packages | |
| key: ${{ runner.os }}-nuget-${{ hashFiles('src/**/packages.lock.json','tests/**/packages.lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-nuget- | |
| - name: Install dependencies | |
| run: dotnet restore --locked-mode | |
| - name: Build | |
| run: dotnet build --configuration Release --no-restore | |
| - name: Test | |
| run: dotnet dotnet test --no-restore --verbosity normal -e ASPNETCORE_ENVIRONMENT=Deployment | |
| - name: Publish Application | |
| run: dotnet publish -c Release --property:PublishDir=${{ github.workspace }}/app/publish | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: app-build | |
| path: | | |
| ${{ github.workspace }}/app/publish | |
| docker: | |
| name: 🐳 Build & Push Docker Image | |
| needs: build | |
| runs-on: self-hosted | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Download the artifact from the build job | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: app-build | |
| path: | | |
| ${{ github.workspace }}/app/publish | |
| # Set up Docker Buildx | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| version: latest | |
| # Login to GitHub Container Registry | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ vars.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.PWD_TOKEN }} | |
| # add tag for docker sha and latest | |
| - name: Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ vars.REGISTRY }}/${{ github.actor }}/${{ vars.IMAGE_NAME }} | |
| tags: | | |
| type=sha,format=long | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build and push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| deploy: | |
| name: 🚀 Deploy to Production Server | |
| needs: docker | |
| runs-on: self-hosted | |
| permissions: | |
| contents: read | |
| environment: production | |
| steps: | |
| - name: Deploy to Server | |
| uses: appleboy/ssh-action@v1.2.0 | |
| with: | |
| host: ${{ vars.SSH_HOST }} | |
| username: ${{ secrets.SSH_USER }} | |
| key: ${{ secrets.SERVER_SSH_KEY }} | |
| port: 22 | |
| script: | | |
| echo "${{ secrets.PWD_TOKEN }}" | docker login ${{ vars.REGISTRY }} -u ${{ github.actor }} --password-stdin | |
| docker pull ${{ vars.REGISTRY }}/${{ github.actor }}/${{ vars.IMAGE_NAME }}:latest | |
| cd ${{ secrets.APP_PATH }} | |
| docker compose down | |
| docker compose up -d --build |