Ограничение доступа к странице со сводкой #39
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy project to test server | |
on: | |
pull_request: | |
branches: | |
- develop | |
types: | |
- closed | |
workflow_dispatch: | |
inputs: | |
environment: | |
description: Environment to run tests | |
required: true | |
env: | |
REGISTRY: ghcr.io | |
REP_OWNER: studio-yandex-practicum | |
IMAGE_NAME: you_can_bot | |
DEPLOY_PATH: ~/you_can_bot | |
defaults: | |
run: | |
working-directory: . | |
jobs: | |
testing: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out the repo | |
uses: actions/checkout@v4 | |
with: | |
ref: develop | |
- name: Setup Poetry | |
uses: Gr1N/setup-poetry@v8 | |
with: | |
poetry-version: "1.5.1" | |
- name: Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: "3.11" | |
- name: Install dependencies | |
run: | | |
poetry install | |
- name: Django tests | |
env: | |
NEED_SQLITE: True | |
run: | | |
poetry run python src/backend/manage.py test src/backend | |
- name: Bot tests | |
env: | |
NEED_SQLITE: True | |
run: | | |
cd src/bot | |
poetry run python -m unittest | |
build-and-push-image-to-github-packages: | |
environment: | |
name: test | |
name: Push Docker image to GitHub Packages | |
runs-on: ubuntu-latest | |
needs: testing | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: develop | |
- name: GitHub Packages login | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
USERNAME: ${{ github.actor }} | |
GITHUB: ${{ env.REGISTRY }} | |
run: echo "$GITHUB_TOKEN" | docker login "${GITHUB}" -u "${USERNAME}" --password-stdin | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: Dockerfile | |
push: true | |
tags: | | |
${{ env.REGISTRY }}/${{ env.REP_OWNER }}/${{ env.IMAGE_NAME }}:latest | |
deploy: | |
name: Deploy changes on server | |
runs-on: ubuntu-latest | |
environment: | |
name: test | |
needs: build-and-push-image-to-github-packages | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: develop | |
- name: Copy docker compose file to server | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.SSH_USER }} | |
key: ${{ secrets.SSH_KEY }} | |
source: "./infra/docker-compose.test.yml, ./infra/default.conf" | |
target: ${{ env.DEPLOY_PATH }} | |
- name: Executing remote ssh commands to deploy | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.SSH_USER }} | |
key: ${{ secrets.SSH_KEY }} | |
script: | | |
cd ${{ env.DEPLOY_PATH }} | |
echo POSTGRES_DB=${{ secrets.POSTGRES_DB }} > .env | |
echo POSTGRES_USER=${{ secrets.POSTGRES_USER }} >> .env | |
echo POSTGRES_PASSWORD='${{ secrets.POSTGRES_PASSWORD }}' >> .env | |
echo SECRET_KEY='${{ secrets.SECRET_KEY }}' >> .env | |
echo DEBUG=${{ vars.DEBUG }} >> .env | |
echo ALLOWED_HOSTS=${{ secrets.DJANGO_ALLOWED_HOSTS }} >> .env | |
echo HOST=${{ secrets.HOST }} >> .env | |
echo INTERNAL_API_URL=${{ secrets.INTERNAL_API_URL }} >> .env | |
echo YOUCANBY_TOKEN=${{ secrets.YOUCANBY_TOKEN }} >> .env | |
echo YOUCANBY_URL=${{ secrets.YOUCANBY_API_URL }} >> .env | |
echo TOKEN=${{ secrets.TOKEN }} >> .env | |
echo EXTERNAL_REQUESTS_ARE_MOCK=${{ vars.EXTERNAL_REQUESTS_ARE_MOCK }} >> .env | |
echo MAIN_MENTOR_ID=${{ secrets.MAIN_MENTOR_ID }} >> .env | |
docker pull ${{ env.REGISTRY }}/${{ env.REP_OWNER }}/${{ env.IMAGE_NAME }}:latest | |
docker image prune -f | |
docker compose -f infra/docker-compose.test.yml stop | |
docker compose -f infra/docker-compose.test.yml rm backend -f | |
docker compose -f infra/docker-compose.test.yml rm bot -f | |
docker compose --env-file .env -f infra/docker-compose.test.yml up -d | |
docker exec backend python backend/manage.py migrate | |
docker exec backend python backend/manage.py collectstatic --noinput |