Provide production Dockerfile, pullpreview workflow and docker-build-push workflow #5
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PullPreview | |
| on: | |
| # the schedule is optional, but helps to make sure no dangling resources are left when GitHub Action does not behave properly | |
| schedule: | |
| - cron: "30 2 * * *" | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| types: [labeled, unlabeled, synchronize, closed, reopened] | |
| jobs: | |
| deploy: | |
| if: github.event_name == 'schedule' || github.event_name == 'push' || github.event.label.name == 'pullpreview' || contains(github.event.pull_request.labels.*.name, 'pullpreview') | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| permissions: | |
| contents: read # to fetch code (actions/checkout) | |
| deployments: write # to delete deployments | |
| pull-requests: write # to remove labels | |
| statuses: write # to create commit status | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Generate .env file | |
| env: | |
| APP_KEY: ${{ secrets.APP_KEY }} | |
| BASIC_AUTH: ${{ secrets.BASIC_AUTH }} | |
| PROTECTOR_AUTH_TOKEN: ${{ secrets.PROTECTOR_AUTH_TOKEN }} | |
| PROTECTOR_PRIVATE_KEY: ${{ secrets.PROTECTOR_PRIVATE_KEY }} | |
| TRANSMORPHER_SIGNING_KEYPAIR: ${{ secrets.TRANSMORPHER_SIGNING_KEYPAIR }} | |
| run: | | |
| cp .env.example .env | |
| echo "$APP_KEY" >> .env | |
| echo "$PROTECTOR_AUTH_TOKEN" >> .env | |
| echo "$PROTECTOR_PRIVATE_KEY" >> .env | |
| echo "$TRANSMORPHER_SIGNING_KEYPAIR" >> .env | |
| echo "$BASIC_AUTH" > .htpasswd | |
| - uses: pullpreview/action@v5 | |
| with: | |
| # Those GitHub users will have SSH access to the servers | |
| admins: jheusinger, gael-connan-cybex, holyfabi, mszulik | |
| # Use the cidrs option to restrict access to the live environments to specific IP ranges | |
| cidrs: "0.0.0.0/0" | |
| compose_files: docker-compose.pullpreview.yml | |
| # The preview URL will target this port | |
| default_port: 80 | |
| # Use a 512MB RAM instance type instead of the default 2GB | |
| instance_type: nano_2_0 | |
| # Ports to open on the server | |
| ports: 80, 443 | |
| env: | |
| AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ACCESS_KEY_ID }}" | |
| AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}" | |
| AWS_REGION: "eu-central-1" |