name: baekjoon-bot-cicd on: push: branches: ["main"] paths-ignore: - "**/*.md" jobs: build_push_deploy: runs-on: ubuntu-latest steps: - name: Setup SSH for Gitea env: SSH_PRIVATE_KEY: ${{ secrets.NKEY_SSH_PRIVATE_KEY }} run: | set -euo pipefail mkdir -p ~/.ssh chmod 700 ~/.ssh echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -p 2222 -t rsa,ed25519 nkeystudy.site >> ~/.ssh/known_hosts chmod 644 ~/.ssh/known_hosts cat >> ~/.ssh/config <<'EOF' Host nkey-gitea HostName nkeystudy.site User git Port 2222 IdentityFile ~/.ssh/id_ed25519 IdentitiesOnly yes EOF chmod 600 ~/.ssh/config - name: Manual checkout via SSH env: REPO: ${{ github.repository }} SHA: ${{ github.sha }} run: | set -euo pipefail git init . git remote add origin "nkey-gitea:${REPO}.git" git fetch --no-tags --prune --depth=1 origin "${SHA}" git checkout -q FETCH_HEAD - name: Ensure docker compose available run: | set -euo pipefail docker version if ! docker compose version >/dev/null 2>&1; then sudo apt-get update sudo apt-get install -y docker-compose-plugin fi docker compose version - name: Docker login env: DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USERNAME }} DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} run: | set -euo pipefail echo "${DOCKERHUB_TOKEN}" | docker login -u "${DOCKERHUB_USER}" --password-stdin - name: Extract image version from commit message id: version env: COMMIT_MESSAGE: ${{ github.event.head_commit.message }} run: | set -euo pipefail VERSION_TAG="" if printf '%s' "${COMMIT_MESSAGE}" | grep -Eq '\[[0-9]+\.[0-9]+\.[0-9]+\]'; then VERSION_TAG="$(printf '%s' "${COMMIT_MESSAGE}" | sed -nE 's/.*\[([0-9]+\.[0-9]+\.[0-9]+)\].*/\1/p' | head -n1)" fi echo "version_tag=${VERSION_TAG}" >> "$GITHUB_OUTPUT" - name: Build and push image env: DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USERNAME }} IMAGE_NAME: baekjoon-bot VERSION_TAG: ${{ steps.version.outputs.version_tag }} run: | set -euo pipefail IMAGE="${DOCKERHUB_USER}/${IMAGE_NAME}:latest" if [ -n "${VERSION_TAG}" ]; then VERSIONED_IMAGE="${DOCKERHUB_USER}/${IMAGE_NAME}:${VERSION_TAG}" docker build -t "${IMAGE}" -t "${VERSIONED_IMAGE}" . docker push "${VERSIONED_IMAGE}" else docker build -t "${IMAGE}" . fi docker push "${IMAGE}" - name: Deploy on server (compose pull/up) run: | set -euo pipefail docker compose -p nkeys-apps -f /nkeysworld/compose.apps.yml pull baekjoon-bot docker compose -p nkeys-apps -f /nkeysworld/compose.apps.yml up -d baekjoon-bot docker image prune -f - name: Discord Notification if: always() env: DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} run: | set -euo pipefail if [ "${{ job.status }}" = "success" ]; then STATUS="SUCCESS" COLOR=3066993 DESC="Baekjoon bot build/push/deploy succeeded." else STATUS="FAILURE" COLOR=15158332 DESC="Baekjoon bot build or deploy failed." fi curl -X POST -H "Content-Type: application/json" \ -d '{ "embeds": [{ "title": "Baekjoon Bot CI/CD - '"$STATUS"'", "description": "'"$DESC"'", "fields": [ { "name": "Repo", "value": "${{ github.repository }}", "inline": true }, { "name": "Commit", "value": "`${{ github.sha }}`", "inline": true }, { "name": "Actor", "value": "${{ github.actor }}", "inline": true }, { "name": "Image Version", "value": "`${{ steps.version.outputs.version_tag || 'latest only' }}`", "inline": true } ], "color": '"$COLOR"', "timestamp": "'$(date -u +%Y-%m-%dT%H:%M:%SZ)'" }] }' "${DISCORD_WEBHOOK}"