Deploy to DigitalOcean App Platform Demo #224
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to DigitalOcean App Platform Demo | |
| on: | |
| workflow_run: | |
| workflows: ['Build and Publish Docker Images Demo'] | |
| branches: [develop] | |
| types: | |
| - completed | |
| jobs: | |
| deploy: | |
| runs-on: buildjet-4vcpu-ubuntu-2204 | |
| environment: demo | |
| steps: | |
| - name: checkout out code | |
| uses: actions/checkout@v4 | |
| - name: Install doctl | |
| uses: digitalocean/action-doctl@v2 | |
| with: | |
| token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
| - name: Modify DB_HOST and REDIS_URL | |
| run: | | |
| echo "DB_HOST_PUBLIC=$(echo '${{ secrets.DB_HOST }}' | sed 's/private-//')" >> $GITHUB_ENV | |
| echo "REDIS_URL_PUBLIC=$(echo '${{ secrets.REDIS_URL }}' | sed 's/private-//')" >> $GITHUB_ENV | |
| - name: Inject secrets into .do/app.yaml | |
| run: | | |
| envsubst < $GITHUB_WORKSPACE/.do/app.yaml > temp.yaml && mv temp.yaml $GITHUB_WORKSPACE/.do/app.yaml | |
| env: | |
| ENV_NAME: 'demo' | |
| DOCR_REPOSITORY: 'gauzy-api-demo' | |
| APP_DOMAIN: 'apidemoda.gauzy.co' | |
| INSTANCE_COUNT: '1' | |
| INSTANCE_SIZE: 'professional-xs' | |
| API_HOST: '0.0.0.0' | |
| DEMO: 'true' | |
| NODE_ENV: 'development' | |
| ADMIN_PASSWORD_RESET: 'true' | |
| API_BASE_URL: 'https://apidemoda.gauzy.co' | |
| CLIENT_BASE_URL: 'https://demo.gauzy.co' | |
| DB_TYPE: '${{ secrets.DB_TYPE }}' | |
| DB_URI: '${{ secrets.DB_URI }}' | |
| DB_HOST: '${{ env.DB_HOST_PUBLIC }}' | |
| DB_USER: '${{ secrets.DB_USER }}' | |
| DB_PASS: '${{ secrets.DB_PASS }}' | |
| DB_NAME: '${{ secrets.DB_NAME }}' | |
| DB_PORT: '${{ secrets.DB_PORT }}' | |
| DB_CA_CERT: '${{ secrets.DB_CA_CERT }}' | |
| DB_SSL_MODE: '${{ secrets.DB_SSL_MODE }}' | |
| DB_POOL_SIZE: '${{ secrets.DB_POOL_SIZE }}' | |
| DB_POOL_SIZE_KNEX: '${{ secrets.DB_POOL_SIZE_KNEX }}' | |
| REDIS_ENABLED: '${{ secrets.REDIS_ENABLED }}' | |
| REDIS_URL: '${{ env.REDIS_URL_PUBLIC }}' | |
| CLOUD_PROVIDER: 'DO' | |
| SENTRY_DSN: '${{ secrets.SENTRY_DSN }}' | |
| SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}' | |
| SENTRY_PROFILE_SAMPLE_RATE: '${{ secrets.SENTRY_PROFILE_SAMPLE_RATE }}' | |
| SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}' | |
| SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}' | |
| SENTRY_PROFILING_ENABLED: '${{ secrets.SENTRY_PROFILING_ENABLED }}' | |
| AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}' | |
| AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}' | |
| AWS_REGION: '${{ secrets.AWS_REGION }}' | |
| AWS_S3_BUCKET: '${{ secrets.AWS_S3_BUCKET }}' | |
| WASABI_ACCESS_KEY_ID: '${{ secrets.WASABI_ACCESS_KEY_ID }}' | |
| WASABI_SECRET_ACCESS_KEY: '${{ secrets.WASABI_SECRET_ACCESS_KEY }}' | |
| WASABI_REGION: '${{ secrets.WASABI_REGION }}' | |
| WASABI_SERVICE_URL: '${{ secrets.WASABI_SERVICE_URL }}' | |
| WASABI_S3_BUCKET: '${{ secrets.WASABI_S3_BUCKET }}' | |
| WASABI_S3_FORCE_PATH_STYLE: '${{ secrets.WASABI_S3_FORCE_PATH_STYLE }}' | |
| DIGITALOCEAN_ACCESS_KEY_ID: '${{ secrets.DIGITALOCEAN_ACCESS_KEY_ID }}' | |
| DIGITALOCEAN_SECRET_ACCESS_KEY: '${{ secrets.DIGITALOCEAN_SECRET_ACCESS_KEY }}' | |
| DIGITALOCEAN_REGION: '${{ secrets.DIGITALOCEAN_REGION }}' | |
| DIGITALOCEAN_SERVICE_URL: '${{ secrets.DIGITALOCEAN_SERVICE_URL }}' | |
| DIGITALOCEAN_CDN_URL: '${{ secrets.DIGITALOCEAN_CDN_URL }}' | |
| DIGITALOCEAN_S3_BUCKET: '${{ secrets.DIGITALOCEAN_S3_BUCKET }}' | |
| DIGITALOCEAN_S3_FORCE_PATH_STYLE: '${{ secrets.DIGITALOCEAN_S3_FORCE_PATH_STYLE }}' | |
| EXPRESS_SESSION_SECRET: '${{ secrets.EXPRESS_SESSION_SECRET }}' | |
| JWT_SECRET: '${{ secrets.JWT_SECRET }}' | |
| JWT_REFRESH_TOKEN_SECRET: '${{ secrets.JWT_REFRESH_TOKEN_SECRET }}' | |
| JWT_REFRESH_TOKEN_EXPIRATION_TIME: '${{ secrets.JWT_REFRESH_TOKEN_EXPIRATION_TIME }}' | |
| CLOUDINARY_API_KEY: '${{ secrets.CLOUDINARY_API_KEY }}' | |
| CLOUDINARY_API_SECRET: '${{ secrets.CLOUDINARY_API_SECRET }}' | |
| CLOUDINARY_CLOUD_NAME: '${{ secrets.CLOUDINARY_CLOUD_NAME }}' | |
| MAIL_FROM_ADDRESS: '${{ secrets.MAIL_FROM_ADDRESS }}' | |
| MAIL_HOST: '${{ secrets.MAIL_HOST }}' | |
| MAIL_PORT: '${{ secrets.MAIL_PORT }}' | |
| MAIL_USERNAME: '${{ secrets.MAIL_USERNAME }}' | |
| MAIL_PASSWORD: '${{ secrets.MAIL_PASSWORD }}' | |
| ALLOW_SUPER_ADMIN_ROLE: '${{ secrets.ALLOW_SUPER_ADMIN_ROLE }}' | |
| GOOGLE_CLIENT_ID: '${{ secrets.GOOGLE_CLIENT_ID }}' | |
| GOOGLE_CLIENT_SECRET: '${{ secrets.GOOGLE_CLIENT_SECRET }}' | |
| GOOGLE_CALLBACK_URL: '${{ secrets.GOOGLE_CALLBACK_URL }}' | |
| FACEBOOK_CLIENT_ID: '${{ secrets.FACEBOOK_CLIENT_ID }}' | |
| FACEBOOK_CLIENT_SECRET: '${{ secrets.FACEBOOK_CLIENT_SECRET }}' | |
| FACEBOOK_GRAPH_VERSION: '${{ secrets.FACEBOOK_GRAPH_VERSION }}' | |
| FACEBOOK_CALLBACK_URL: '${{ secrets.FACEBOOK_CALLBACK_URL }}' | |
| INTEGRATED_USER_DEFAULT_PASS: '${{ secrets.INTEGRATED_USER_DEFAULT_PASS }}' | |
| UPWORK_REDIRECT_URL: '${{ secrets.UPWORK_REDIRECT_URL }}' | |
| FILE_PROVIDER: '${{ secrets.FILE_PROVIDER }}' | |
| GAUZY_AI_GRAPHQL_ENDPOINT: '${{ secrets.GAUZY_AI_GRAPHQL_ENDPOINT }}' | |
| GAUZY_AI_REST_ENDPOINT: '${{ secrets.GAUZY_AI_REST_ENDPOINT }}' | |
| UNLEASH_APP_NAME: '${{ secrets.UNLEASH_APP_NAME }}' | |
| UNLEASH_API_URL: '${{ secrets.UNLEASH_API_URL }}' | |
| UNLEASH_INSTANCE_ID: '${{ secrets.UNLEASH_INSTANCE_ID }}' | |
| UNLEASH_REFRESH_INTERVAL: '${{ secrets.UNLEASH_REFRESH_INTERVAL }}' | |
| UNLEASH_METRICS_INTERVAL: '${{ secrets.UNLEASH_METRICS_INTERVAL }}' | |
| UNLEASH_API_KEY: '${{ secrets.UNLEASH_API_KEY }}' | |
| PM2_MACHINE_NAME: '${{ secrets.PM2_MACHINE_NAME }}' | |
| PM2_SECRET_KEY: '${{ secrets.PM2_SECRET_KEY }}' | |
| PM2_PUBLIC_KEY: '${{ secrets.PM2_PUBLIC_KEY }}' | |
| JITSU_SERVER_URL: '${{ secrets.JITSU_SERVER_URL }}' | |
| JITSU_SERVER_WRITE_KEY: '${{ secrets.JITSU_SERVER_WRITE_KEY }}' | |
| OTEL_ENABLED: '${{ secrets.OTEL_ENABLED }}' | |
| OTEL_PROVIDER: '${{ secrets.OTEL_PROVIDER }}' | |
| OTEL_EXPORTER_OTLP_TRACES_ENDPOINT: '${{ secrets.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT }}' | |
| OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}' | |
| GAUZY_GITHUB_CLIENT_ID: '${{ secrets.GAUZY_GITHUB_CLIENT_ID }}' | |
| GAUZY_GITHUB_CLIENT_SECRET: '${{ secrets.GAUZY_GITHUB_CLIENT_SECRET }}' | |
| GAUZY_GITHUB_APP_PRIVATE_KEY: '${{ secrets.GAUZY_GITHUB_APP_PRIVATE_KEY }}' | |
| GAUZY_GITHUB_WEBHOOK_URL: '${{ secrets.GAUZY_GITHUB_WEBHOOK_URL }}' | |
| GAUZY_GITHUB_WEBHOOK_SECRET: '${{ secrets.GAUZY_GITHUB_WEBHOOK_SECRET }}' | |
| GAUZY_GITHUB_APP_NAME: '${{ secrets.GAUZY_GITHUB_APP_NAME }}' | |
| GAUZY_GITHUB_REDIRECT_URL: '${{ secrets.GAUZY_GITHUB_REDIRECT_URL }}' | |
| GAUZY_GITHUB_POST_INSTALL_URL: '${{ secrets.GAUZY_GITHUB_POST_INSTALL_URL }}' | |
| GAUZY_GITHUB_APP_ID: '${{ secrets.GAUZY_GITHUB_APP_ID }}' | |
| GAUZY_GITHUB_OAUTH_CLIENT_ID: '${{ secrets.GAUZY_GITHUB_OAUTH_CLIENT_ID }}' | |
| GAUZY_GITHUB_OAUTH_CLIENT_SECRET: '${{ secrets.GAUZY_GITHUB_OAUTH_CLIENT_SECRET }}' | |
| GAUZY_GITHUB_OAUTH_CALLBACK_URL: '${{ secrets.GAUZY_GITHUB_OAUTH_CALLBACK_URL }}' | |
| JITSU_BROWSER_URL: '${{ secrets.JITSU_BROWSER_URL }}' | |
| JITSU_BROWSER_WRITE_KEY: '${{ secrets.JITSU_BROWSER_WRITE_KEY }}' | |
| MAGIC_CODE_EXPIRATION_TIME: '${{ secrets.MAGIC_CODE_EXPIRATION_TIME }}' | |
| APP_NAME: '${{ secrets.APP_NAME }}' | |
| APP_LOGO: '${{ secrets.APP_LOGO }}' | |
| APP_SIGNATURE: '${{ secrets.APP_SIGNATURE }}' | |
| APP_LINK: '${{ secrets.APP_LINK }}' | |
| APP_EMAIL_CONFIRMATION_URL: '${{ secrets.APP_EMAIL_CONFIRMATION_URL }}' | |
| APP_MAGIC_SIGN_URL: '${{ secrets.APP_MAGIC_SIGN_URL }}' | |
| COMPANY_LINK: '${{ secrets.COMPANY_LINK }}' | |
| COMPANY_NAME: '${{ secrets.COMPANY_NAME }}' | |
| - name: Check if App Exists | |
| id: check-app | |
| run: | | |
| echo "ENV_NAME is set to '${ENV_NAME}'" | |
| APP_NAME="ever-gauzy-${ENV_NAME}" | |
| echo "Looking for app with name: $APP_NAME" | |
| doctl apps list --no-header | |
| APP_ID=$(doctl apps list --no-header | awk -v appName="$APP_NAME" '$2 == appName {print $1}') | |
| if [ -z "$APP_ID" ]; then | |
| echo "App does not exist, setting CREATE_APP to true" | |
| echo "::set-output name=create_app::true" | |
| else | |
| echo "App exists with ID $APP_ID, setting APP_ID" | |
| echo "::set-output name=app_id::$APP_ID" | |
| echo "::set-output name=create_app::false" | |
| fi | |
| env: | |
| DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
| ENV_NAME: 'demo' | |
| - name: Create App | |
| if: steps.check-app.outputs.create_app == 'true' | |
| run: doctl apps create --spec .do/app.yaml | |
| - name: Update App | |
| if: steps.check-app.outputs.create_app == 'false' | |
| run: doctl apps update ${{ steps.check-app.outputs.app_id }} --spec .do/app.yaml |