Use one of the default ssh identity file names. #6

Summary
Jobs
- test
- build
- deploy
Run details
- Usage
- Workflow file

Workflow file for this run

	name: Continuous Integration

	on:
	pull_request:
	push:
	branches: ["main"]

	# These are the IDs for https://github.com/organizations/w3ctag/settings/apps/w3c-tag-bot.
	env:
	APP_ID: "1013567"
	CLIENT_ID: "Iv23liXTAsX4IYm9H6lc"

	jobs:
	test:
	runs-on: ubuntu-latest
	env:
	DATABASE_URL: file:./test.db
	steps:
	- uses: actions/checkout@v4
	- name: Setup pnpm
	uses: pnpm/action-setup@v4
	- name: Setup Node
	uses: actions/setup-node@v4
	with:
	node-version-file: "package.json"
	cache: pnpm
	- run: pnpm install
	- run: pnpm prisma db push
	- name: Make a private key for testing.
	run: openssl genrsa -traditional -out testkey.pem
	- name: Run tests
	run: PRIVATE_KEY=$(cat testkey.pem) pnpm test
	env:
	# Generated just for this file and never used elsewhere.
	CLIENT_SECRET: 6d5e528bb01faa2de86ef59dacbdca0b4a406e09
	WEBHOOK_SECRET: 37651a9cf25c2d370308aee98ce0b7c9a6bfc30c

	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Setup pnpm
	uses: pnpm/action-setup@v4
	- name: Setup Node
	uses: actions/setup-node@v4
	with:
	node-version-file: "package.json"
	cache: pnpm
	- run: pnpm install
	- run: pnpm build
	- run: rm -rf node_modules
	- run: pnpm install --prod
	- run: pnpm prisma generate
	- run: tar -cf built-server.tar package.json dist node_modules prisma
	- uses: actions/upload-artifact@v4
	with:
	name: built-server
	path: built-server.tar
	if-no-files-found: error

	deploy:
	if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
	needs: [test, build]
	environment:
	name: production
	url: "https://github-bot.w3ctag.org/"
	concurrency:
	group: production
	runs-on: ubuntu-latest
	steps:
	- uses: actions/download-artifact@v4
	with:
	name: built-server
	- name: Extract the built server
	run: \|
	mkdir built-server
	tar -xf built-server.tar -C built-server
	- name: Store ssh private key and host key
	run: \|
	mkdir ~/.ssh
	echo "$SSH_KEY" > ~/.ssh/id_rsa
	echo "[$SSH_HOST]:$SSH_PORT $SSH_HOST_KEY" > ~/.ssh/known_hosts
	chmod 700 ~/.ssh
	chmod 600 ~/.ssh/*
	env:
	SSH_KEY: ${{ secrets.SSH_KEY }}
	SSH_HOST: ${{ vars.SSH_HOST }}
	SSH_PORT: ${{ vars.SSH_PORT }}
	SSH_HOST_KEY: ${{ vars.SSH_HOST_KEY }}
	- name: Upload
	run: rsync -e "ssh -p $SSH_PORT" -azv --safe-links --hard-links --progress --delete built-server/ "$SSH_USER@$SSH_HOST:$DEPLOY_PATH"
	env:
	SSH_PORT: ${{ vars.SSH_PORT }}
	SSH_HOST: ${{ vars.SSH_HOST }}
	SSH_USER: ${{ vars.SSH_USER }}
	DEPLOY_PATH: ${{ vars.DEPLOY_PATH }}
	- name: Update and Restart
	run: 'ssh -p $SSH_PORT "$SSH_USER@$SSH_HOST" sh -c "DATABASE_URL=file:/var/local/github-bot/prod.db node_modules/.bin/prisma migrate deploy && sudo /usr/bin/systemctl restart github-bot"'
	env:
	SSH_PORT: ${{ vars.SSH_PORT }}
	SSH_HOST: ${{ vars.SSH_HOST }}
	SSH_USER: ${{ vars.SSH_USER }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use one of the default ssh identity file names. #6

Workflow file

Use one of the default ssh identity file names. #6

Jobs

Run details

Workflow file for this run