deps: Update mongo-go-driver #50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy on production | |
| on: | |
| push: | |
| branches: | |
| - "production" | |
| env: | |
| MONGO_VERSION: 6.0.8 | |
| UBUNTU_VERSION: linux-x86_64-ubuntu2004 | |
| # name of the binary, the service and the user running the | |
| # service | |
| APP_NAME: mongoplayground | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-20.04 | |
| environment: production | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-go@v3 | |
| with: | |
| go-version: '1.21' | |
| - name: Vet code | |
| run: go vet ./... | |
| - name: Download MongoDB and setup standalone db | |
| run: | | |
| wget --quiet http://downloads.mongodb.org/linux/mongodb-$UBUNTU_VERSION-$MONGO_VERSION.tgz | |
| tar xzvf mongodb-$UBUNTU_VERSION-$MONGO_VERSION.tgz | |
| echo "$PWD/mongodb-$UBUNTU_VERSION-$MONGO_VERSION/bin" >> $GITHUB_PATH | |
| mkdir $PWD/db | |
| mongod --dbpath $PWD/db --logpath /dev/null --nojournal --fork | |
| - name: Run test | |
| run: go test ./... -race | |
| # build binary without debug info to reduce its size | |
| - name: build binary | |
| run: go build -ldflags "-w -s" | |
| - name: Register SSH key | |
| continue-on-error: true | |
| uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY_PRODUCTION }} | |
| - name: Update known host | |
| run: ssh-keyscan -H ${{ secrets.HOST_PRODUCTION }} > /home/runner/.ssh/known_hosts | |
| # stop the service, drop mongodb databases, and copy the new binary and upload the new binary | |
| # before restarting the service, we need to allow binary to listen on protected | |
| # port 80 & 443 with setcap | |
| - name: Deploy on first node | |
| run: | | |
| ssh $APP_NAME@${{ secrets.HOST_PRODUCTION }} sudo systemctl stop $APP_NAME | |
| ssh $APP_NAME@${{ secrets.HOST_PRODUCTION }} mv /home/$APP_NAME/$APP_NAME /home/$APP_NAME/${APP_NAME}_old || true | |
| scp $APP_NAME $APP_NAME@${{ secrets.HOST_PRODUCTION }}:/home/$APP_NAME | |
| ssh $APP_NAME@${{ secrets.HOST_PRODUCTION }} sudo setcap CAP_NET_BIND_SERVICE=+ep $APP_NAME | |
| ssh $APP_NAME@${{ secrets.HOST_PRODUCTION }} sudo systemctl restart $APP_NAME | |
| # ping the server until we're sure it's UP | |
| # script is an adaptation of this question: https://unix.stackexchange.com/questions/82598/ | |
| - name: Check new instance has started correctly | |
| id: ping_new_instance | |
| run: for i in 10 10 15 15; do sleep $i; wget -nv --no-check-certificate -O- https://${{ secrets.HOST_PRODUCTION }}/health | grep -q '{"Status":"UP"' && s=0 && break || s=$?; done; (exit $s) | |
| - name: Check if home/view pages have changed | |
| uses: tj-actions/verify-changed-files@v9 | |
| id: verify-changed-files | |
| with: | |
| files: | | |
| internal/web/playground.html | |
| internal/web/static/about.html | |
| internal/view.go | |
| internal/home.go | |
| - name: If files changed, clear cloudflare cache | |
| if: steps.verify-changed-files.outputs.files_changed == 'true' | |
| run: | | |
| wget -nv --no-check-certificate --header="Authorization: Bearer ${{ secrets.CLOUDFLARE_TOKEN }}" -O- https://${{ secrets.HOST_PRODUCTION }}/clear_cache | |
| - name: Print first logs if deploy failed | |
| if: failure() && steps.ping_new_instance.outcome == 'failure' | |
| run: ssh $APP_NAME@${{ secrets.HOST_PRODUCTION }} journalctl -u $APP_NAME | tail -n 600 | grep -v "Deleting db" | |
| - name: Rollback previous version if deploy failed | |
| if: failure() && steps.ping_new_instance.outcome == 'failure' | |
| run: | | |
| ssh $APP_NAME@${{ secrets.HOST_PRODUCTION }} sudo systemctl stop $APP_NAME | |
| ssh $APP_NAME@${{ secrets.HOST_PRODUCTION }} mv /home/$APP_NAME/${APP_NAME}_old /home/$APP_NAME/$APP_NAME || true | |
| ssh $APP_NAME@${{ secrets.HOST_PRODUCTION }} sudo systemctl restart $APP_NAME |