diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 0afc923360b..a1e04774bde 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -8,7 +8,8 @@ jobs: runs-on: ubuntu-24.04 outputs: site_tld: ${{ steps.static_data.outputs.site_tld }} - environment: ${{ steps.static_data.outputs.environment }} + environment_long: ${{ steps.static_data.outputs.environment_long }} + environment_short: ${{ steps.static_data.outputs.environment_short }} steps: - name: Set site_tld @@ -16,19 +17,22 @@ jobs: run: | if [ "${{ github.ref }}" == "refs/heads/prod-staging" ]; then echo "site_tld=dev" >> $GITHUB_OUTPUT - echo "environment=staging" >> $GITHUB_OUTPUT + echo "environment_long=staging" >> $GITHUB_OUTPUT + echo "environment_short=stg" >> $GITHUB_OUTPUT elif [ "${{ github.ref }}" == "refs/heads/prod-current" ]; then echo "site_tld=org" >> $GITHUB_OUTPUT - echo "environment=production" >> $GITHUB_OUTPUT + echo "environment_long=production" >> $GITHUB_OUTPUT + echo "environment_short=prd" >> $GITHUB_OUTPUT else echo "site_tld=dev" >> $GITHUB_OUTPUT - echo "environment=staging" >> $GITHUB_OUTPUT + echo "environment_long=staging" >> $GITHUB_OUTPUT + echo "environment_short=stg" >> $GITHUB_OUTPUT fi build: name: Build & Push Docker Image needs: static - uses: ./.github/workflows/re--docker-docr.yml + uses: ./.github/workflows/docker-docr.yml with: site_tld: ${{ needs.static.outputs.site_tld }} app: api @@ -39,7 +43,7 @@ jobs: permissions: deployments: write environment: - name: ${{ needs.static.outputs.environment }} + name: ${{ needs.static.outputs.environment_long }} url: https://api.freecodecamp.${{ needs.static.outputs.site_tld }}/status/ping?version=${{ needs.build.outputs.tagname }} steps: @@ -60,41 +64,75 @@ jobs: UserKnownHostsFile=/dev/null StrictHostKeyChecking no" > ~/.ssh/config - - name: Check connection to Deployment Target + - name: Check connection run: | tailscale status | grep -q "$TS_MACHINE_NAME" || { echo "Machine not found"; exit 1; } ssh $TS_USERNAME@$TS_MACHINE_NAME "uptime" - name: Deploy with Docker Stack env: - STACK_NAME: stg-api - RUNTIME_ENVS: ${{ secrets.RUNTIME_ENVS }} + # These are set in the "Environment" secrets + API_LOCATION: ${{ secrets.API_LOCATION }} + AUTH0_CLIENT_ID: ${{ secrets.AUTH0_CLIENT_ID }} + AUTH0_CLIENT_SECRET: ${{ secrets.AUTH0_CLIENT_SECRET }} + AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }} + COOKIE_DOMAIN: ${{ secrets.COOKIE_DOMAIN }} + COOKIE_SECRET: ${{ secrets.COOKIE_SECRET }} + DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }} + FCC_API_LOG_LEVEL: ${{ secrets.FCC_API_LOG_LEVEL }} + GROWTHBOOK_FASTIFY_API_HOST: ${{ secrets.GROWTHBOOK_FASTIFY_API_HOST }} + GROWTHBOOK_FASTIFY_CLIENT_KEY: ${{ secrets.GROWTHBOOK_FASTIFY_CLIENT_KEY }} + HOME_LOCATION: ${{ secrets.HOME_LOCATION }} + JWT_SECRET: ${{ secrets.JWT_SECRET }} + MONGOHQ_URL: ${{ secrets.MONGOHQ_URL }} + SENTRY_DSN: ${{ secrets.SENTRY_DSN }} + SES_ID: ${{ secrets.SES_ID }} + SES_SECRET: ${{ secrets.SES_SECRET }} + STRIPE_SECRET_KEY: ${{ secrets.STRIPE_SECRET_KEY }} + # These are set in the static job above + DEPLOYMENT_ENV: ${{ needs.static.outputs.site_tld }} DEPLOYMENT_VERSION: ${{ needs.build.outputs.tagname }} + SENTRY_ENVIRONMENT: api-${{ needs.static.outputs.site_tld }} + STACK_NAME: ${{ needs.static.outputs.environment_short }}-api run: | - REMOTE_USER=$TS_USERNAME ssh $TS_USERNAME@$TS_MACHINE_NAME /bin/bash << EOF - # Change to the config directory - cd /home/${REMOTE_USER}/docker-swarm-config/stacks/api || exit 1 + cd /home/${TS_USERNAME}/docker-swarm-config/stacks/api || { echo "Failed to change directory"; exit 1; } echo "Debug: Current directory: \$(pwd)" - # Create temp file for the environment variables - echo "${RUNTIME_ENVS}" > .env.tmp + echo "API_LOCATION=${API_LOCATION}" >> .env.tmp + echo "AUTH0_CLIENT_ID=${AUTH0_CLIENT_ID}" >> .env.tmp + echo "AUTH0_CLIENT_SECRET=${AUTH0_CLIENT_SECRET}" >> .env.tmp + echo "AUTH0_DOMAIN=${AUTH0_DOMAIN}" >> .env.tmp + echo "COOKIE_DOMAIN=${COOKIE_DOMAIN}" >> .env.tmp + echo "COOKIE_SECRET=${COOKIE_SECRET}" >> .env.tmp + echo "DOCKER_REGISTRY=${DOCKER_REGISTRY}" >> .env.tmp + echo "FCC_API_LOG_LEVEL=${FCC_API_LOG_LEVEL}" >> .env.tmp + echo "GROWTHBOOK_FASTIFY_API_HOST=${GROWTHBOOK_FASTIFY_API_HOST}" >> .env.tmp + echo "GROWTHBOOK_FASTIFY_CLIENT_KEY=${GROWTHBOOK_FASTIFY_CLIENT_KEY}" >> .env.tmp + echo "HOME_LOCATION=${HOME_LOCATION}" >> .env.tmp + echo "JWT_SECRET=${JWT_SECRET}" >> .env.tmp + echo "MONGOHQ_URL=${MONGOHQ_URL}" >> .env.tmp + echo "SENTRY_DSN=${SENTRY_DSN}" >> .env.tmp + echo "SES_ID=${SES_ID}" >> .env.tmp + echo "SES_SECRET=${SES_SECRET}" >> .env.tmp + echo "STRIPE_SECRET_KEY=${STRIPE_SECRET_KEY}" >> .env.tmp + + echo "DEPLOYMENT_ENV=${DEPLOYMENT_ENV}" >> .env.tmp echo "DEPLOYMENT_VERSION=${DEPLOYMENT_VERSION}" >> .env.tmp + echo "SENTRY_ENVIRONMENT=${SENTRY_ENVIRONMENT}" >> .env.tmp - # Source the environment variables - set -a # Automatically export all variables - source .env.tmp || exit 1 + set -a + source .env.tmp || { echo "Failed to source .env.tmp"; exit 1; } set +a - - # Clean up the temp file rm -f .env.tmp - # Verify the environment variables echo "Debug: Sanity check variables: " - env | grep -E '^DEPLOYMENT' || echo 'Vars not found' + env | grep -E '^DEPLOYMENT' || { echo 'Vars not found'; exit 1; } echo "Debug: Sanity check config: " - docker stack config -c stack-api.yml | rg 'DOMAIN' || echo 'Config not found' + docker stack config -c stack-api.yml | rg 'DOMAIN' || { echo 'Invalid stack config'; exit 1; } + # Dump the stack config to a file for debugging, this will be replaced with a deploy command + docker stack config -c stack-api.yml > /tmp/stack-api-${DEPLOYMENT_VERSION}.yml EOF shell: bash