A bunch of CI improvements #1
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| workflow_dispatch: | |
| jobs: | |
| # TODO: Filter build to this | |
| # paths: | |
| # - "**/*.rs" | |
| # - "**/Cargo.toml" | |
| # - "Cargo.lock" | |
| # build: | |
| # name: Build | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - uses: actions/checkout@v3 | |
| # - uses: dtolnay/rust-toolchain@stable | |
| # TODO: Connection environment & concurrency 1 | |
| # TODO: Don't do this on PR's | |
| production: | |
| name: Production | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Tailscale | |
| uses: tailscale/github-action@v2 | |
| with: | |
| # Client must have device read & write scope | |
| oauth-client-id: ${{ secrets.TAILSCALE_OAUTH_CLIENT_ID }} | |
| oauth-secret: ${{ secrets.TAILSCALE_OAUTH_SECRET }} | |
| tags: tag:ci | |
| - name: Test | |
| run: ssh -o StrictHostKeyChecking=accept-new -t ec2-user@mattrax "echo 'hello' > ~/hello.txt" | |
| # TODO: Remove all Go from this and cleanup | |
| # mattrax: | |
| # name: Build and deploy `mattrax` server | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - uses: actions/checkout@v3 | |
| # - uses: dtolnay/rust-toolchain@stable | |
| # - uses: Swatinem/rust-cache@v2 | |
| # with: | |
| # cache-on-failure: "true" | |
| # - name: Install Zig toolchain | |
| # uses: korandoru/setup-zig@v1 | |
| # with: | |
| # zig-version: 0.11.0 | |
| # - name: | |
| # Install 'cargo-zigbuild' | |
| # # The Rust cache action is not happy with `cargo bininstall` so we do a manual install. | |
| # run: | | |
| # curl -s https://api.github.com/repos/rust-cross/cargo-zigbuild/releases/latest \ | |
| # | grep "browser_download_url.*.x86_64-unknown-linux-musl.tar.gz\"" \ | |
| # | cut -d : -f 2,3 \ | |
| # | tr -d \" \ | |
| # | wget -qi - | |
| # tar -xf cargo-zigbuild-*.tar.gz | |
| # mv cargo-zigbuild /usr/local/bin | |
| # - name: Add 'aarch64-unknown-linux-gnu' target | |
| # run: rustup target add aarch64-unknown-linux-gnu | |
| # - name: Build Rust | |
| # run: cargo zigbuild --locked --release -p mattrax --target aarch64-unknown-linux-gnu | |
| # - name: Bundle all server files to push to server | |
| # run: | | |
| # mkdir server-dist | |
| # cp target/aarch64-unknown-linux-gnu/release/mattrax server-dist/mattrax | |
| # cp aws/mattrax.service server-dist/mattrax.service | |
| # # TODO: We should probs have concurrency 1 for these steps | |
| # - name: Copy files to production server | |
| # uses: appleboy/[email protected] | |
| # if: github.ref == 'refs/heads/main' | |
| # with: | |
| # host: ${{ secrets.SSH_HOST }} | |
| # username: ${{ secrets.SSH_USERNAME }} | |
| # key: ${{ secrets.SSH_KEY }} | |
| # source: "server-dist/*" | |
| # target: /home/ec2-user | |
| # strip_components: 1 | |
| # - name: executing remote ssh commands using password | |
| # uses: appleboy/[email protected] | |
| # if: github.ref == 'refs/heads/main' | |
| # with: | |
| # host: ${{ secrets.SSH_HOST }} | |
| # username: ${{ secrets.SSH_USERNAME }} | |
| # key: ${{ secrets.SSH_KEY }} | |
| # script: | | |
| # sudo cp /home/ec2-user/mattrax.service /etc/systemd/system/mattrax.service | |
| # sudo systemctl daemon-reload | |
| # sudo systemctl enable mattrax | |
| # sudo systemctl restart mattrax |