name: deploy api on: push: branches: - main - canary paths: - fluxer_api/** - .github/workflows/deploy-api.yaml workflow_dispatch: inputs: channel: type: choice options: - stable - canary default: stable description: Release channel to deploy ref: type: string required: false default: '' description: Optional git ref (defaults to the triggering branch) concurrency: group: deploy-fluxer-api-${{ github.event_name == 'workflow_dispatch' && inputs.channel || (github.ref_name == 'canary' && 'canary') || 'stable' }} cancel-in-progress: true permissions: contents: read jobs: channel-vars: uses: ./.github/workflows/channel-vars.yaml with: github_event_name: ${{ github.event_name }} github_ref_name: ${{ github.ref_name }} workflow_dispatch_channel: ${{ github.event_name == 'workflow_dispatch' && inputs.channel || '' }} deploy: name: Deploy api needs: channel-vars runs-on: blacksmith-8vcpu-ubuntu-2404 timeout-minutes: 25 env: CHANNEL: ${{ needs.channel-vars.outputs.channel }} IS_CANARY: ${{ needs.channel-vars.outputs.is_canary }} STACK_SUFFIX: ${{ needs.channel-vars.outputs.stack_suffix }} STACK: ${{ format('fluxer-api{0}', needs.channel-vars.outputs.stack_suffix) }} WORKER_STACK: fluxer-api-worker CANARY_WORKER_REPLICAS: 3 CACHE_SCOPE: ${{ format('deploy-fluxer-api{0}', needs.channel-vars.outputs.stack_suffix) }} CADDY_DOMAIN: ${{ needs.channel-vars.outputs.is_canary == 'true' && 'api.canary.fluxer.app' || 'api.fluxer.app' }} RELEASE_CHANNEL: ${{ needs.channel-vars.outputs.channel }} steps: - uses: actions/checkout@v6 with: ref: ${{ inputs.ref || '' }} fetch-depth: 0 - name: Record deploy commit run: python3 scripts/ci/workflows/deploy_api.py --step record_deploy_commit - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - name: Build image(s) uses: docker/build-push-action@v6 with: context: . file: fluxer_api/Dockerfile tags: | ${{ env.STACK }}:${{ env.DEPLOY_SHA }} ${{ env.WORKER_STACK }}:${{ env.DEPLOY_SHA }} load: true platforms: linux/amd64 cache-from: type=gha,scope=${{ env.CACHE_SCOPE }} cache-to: type=gha,mode=max,scope=${{ env.CACHE_SCOPE }} build-args: | BUILD_SHA=${{ env.SENTRY_BUILD_SHA }} BUILD_NUMBER=${{ env.SENTRY_BUILD_NUMBER }} BUILD_TIMESTAMP=${{ env.SENTRY_BUILD_TIMESTAMP }} RELEASE_CHANNEL=${{ env.RELEASE_CHANNEL }} env: DOCKER_BUILD_SUMMARY: false DOCKER_BUILD_RECORD_UPLOAD: false - name: Install docker-pussh run: python3 scripts/ci/workflows/deploy_api.py --step install_docker_pussh - name: Set up SSH agent uses: webfactory/ssh-agent@v0.9.1 with: ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY_SERVER }} - name: Add server to known hosts run: python3 scripts/ci/workflows/deploy_api.py --step add_known_hosts --server-ip ${{ secrets.SERVER_IP }} - name: Push image(s) and deploy env: SERVER: ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_IP }} IMAGE_TAG_APP: ${{ env.STACK }}:${{ env.DEPLOY_SHA }} IMAGE_TAG_WORKER: ${{ env.WORKER_STACK }}:${{ env.DEPLOY_SHA }} CANARY_WORKER_REPLICAS: ${{ env.CANARY_WORKER_REPLICAS }} SENTRY_BUILD_SHA: ${{ env.SENTRY_BUILD_SHA }} SENTRY_BUILD_NUMBER: ${{ env.SENTRY_BUILD_NUMBER }} SENTRY_BUILD_TIMESTAMP: ${{ env.SENTRY_BUILD_TIMESTAMP }} RELEASE_CHANNEL: ${{ env.CHANNEL }} SENTRY_RELEASE: ${{ format('fluxer-api@{0}', env.SENTRY_BUILD_SHA) }} run: python3 scripts/ci/workflows/deploy_api.py --step push_and_deploy