name: 'Production deploy' on: release: types: [published] jobs: create-release-tar: name: 'Create release tar' runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v3.0.2 - name: Setup node uses: actions/setup-node@v3.4.1 with: node-version: 17.9.0 - name: Build run: | npm ci npm run build - name: Get version from tag id: vars run: echo ::set-output name=tag::${GITHUB_REF#refs/*/} - name: Create tar.gz run: tar -czvf cinny-${{ steps.vars.outputs.tag }}.tar.gz dist - name: Sign tar.gz run: | echo '${{ secrets.GNUPG_KEY }}' | gpg --batch --import # Sadly a few lines in the private key match a few lines in the public key, # As a result just --export --armor gives us a few lines replaced with *** # making it useless for importing the signing key. Instead, we dump it as # non-armored and hex-encode it so that its printable. echo "PGP Signing key, in raw PGP format in hex. Import with cat ... | xxd -r -p - | gpg --import" gpg --export | xxd -p echo '${{ secrets.GNUPG_PASSPHRASE }}' | gpg --batch --yes --pinentry-mode loopback --passphrase-fd 0 --armor --detach-sign cinny-${{ steps.vars.outputs.tag }}.tar.gz - name: Upload tagged release uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5 with: files: | cinny-${{ steps.vars.outputs.tag }}.tar.gz cinny-${{ steps.vars.outputs.tag }}.tar.gz.asc deploy-to-netlify: name: 'Deploy to Netlify' runs-on: ubuntu-latest permissions: contents: read steps: - name: Checkout repository uses: actions/checkout@v3.0.2 - name: Setup node uses: actions/setup-node@v3.4.1 with: node-version: 17.9.0 - name: Build and deploy to Netlify uses: jsmrcaga/action-netlify-deploy@53de32e559b0b3833615b9788c7a090cd2fddb03 with: install_command: "npm ci" NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} BUILD_DIRECTORY: "dist" NETLIFY_DEPLOY_MESSAGE: "Prod deploy v${{ github.ref }}" NETLIFY_DEPLOY_TO_PROD: true push-to-dockerhub: name: Push Docker image to Docker Hub, ghcr runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Checkout repository uses: actions/checkout@v3.0.2 - name: Set up QEMU uses: docker/setup-qemu-action@v2.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2.0.0 - name: Login to Docker Hub uses: docker/login-action@v2.0.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to the Container registry uses: docker/login-action@v2.0.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v4.0.1 with: images: | ${{ secrets.DOCKER_USERNAME }}/cinny ghcr.io/${{ github.repository }} - name: Build and push Docker image uses: docker/build-push-action@v3.1.1 with: context: . platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }}