Skip to content

Ansible deploy dev #742

Ansible deploy dev

Ansible deploy dev #742

Workflow file for this run

name: Ansible deploy dev
on:
workflow_run:
workflows:
- 'Build and deploy Docker images'
branches:
- main
- master
types:
- completed
workflow_dispatch:
env:
SNOWPACK_PUBLIC_BACKEND_ENDPOINT: https://stylo-dev.huma-num.fr
SNOWPACK_PUBLIC_GRAPHQL_ENDPOINT: https://stylo-dev.huma-num.fr/graphql
SNOWPACK_PUBLIC_PANDOC_EXPORT_ENDPOINT: https://export.stylo-dev.huma-num.fr
SNOWPACK_PUBLIC_HUMAN_ID_REGISTER_ENDPOINT: https://auth-test.huma-num.fr/register?service=https://stylo-dev.huma-num.fr/authorization-code/callback
SNOWPACK_MATOMO_URL: https://analyseweb.huma-num.fr/
SNOWPACK_MATOMO_SITE_ID: 286
SNOWPACK_PUBLIC_ANNOTATIONS_CANONICAL_BASE_URL: https://stylo-dev.huma-num.fr
SENTRY_DSN: https://276d5080680a70a3edf98783a2b264d0@o4507130700496896.ingest.de.sentry.io/4507130704560208
SENTRY_ENVIRONMENT: dev
jobs:
build-assets:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: .nvmrc
cache: npm
- name: Build front assets
run: |
npm clean-install --prefix=front
npm run build --prefix=front -- --mode=development
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
- name: Store build artifacts for the deploy stage
uses: actions/upload-artifact@v4
with:
name: front-assets
path: ./front/build
if-no-files-found: error
include-hidden-files: true
deployment:
runs-on: ubuntu-latest
needs: [build-assets]
environment:
name: staging
url: https://stylo-dev.huma-num.fr
if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }}
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
id: assets
with:
name: front-assets
path: /tmp/front-assets
- name: Set up Python 3.10 (w/ cache)
uses: actions/setup-python@v5
with:
python-version: '3.10'
cache: 'pip'
cache-dependency-path: '**/deploy-requirements.txt'
- name: Install dependencies
run: |
python -m pip install -r .github/workflows/deploy-requirements.txt
- name: Set Ansible config secrets
run: |
echo "${{ secrets.ANSIBLE_VAULT_PASSWORD_DEV }}" > infrastructure/.ansible-vault-password
- name: Setup SSH
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY_DEV }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
- name: Run playbook
working-directory: ./infrastructure
run: |
ansible-playbook -v -i inventories/dev \
--extra-vars "@vault-dev.yml" \
--extra-vars "assets_path=/tmp/front-assets/" \
--private-key ~/.ssh/id_ed25519 \
--vault-password-file ./.ansible-vault-password \
playbook.yml