LBognanni/deploy.yml Secret

## deploy.yml
name: Deploy
on:
  push:
    branches:
      - "main"

permissions:
  packages: write
  contents: read

jobs:
  build-and-push-image:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Log in to the Container registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Build and push Docker image
        uses: docker/build-push-action@v6
        with:
          context: . # Use the Dockerfile in the repo's root and the contents of the repo as context
          push: true
          cache-from: type=gha
          cache-to: type=gha,mode=max
          tags: |
            ghcr.io/{your username}/{image name}:latest
            ghcr.io/{your username}/{image name}:${{ github.sha }}

  deploy:
    runs-on: ubuntu-latest
    needs:
      - build-and-push-image
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      # We refer to the env file in docker-stack.yml to pick the actual latest version of the container image
      - name: create env file
        run: |
          echo "GIT_COMMIT_HASH=${{ github.sha }}" >> ./envfile

      - name: Docker Stack Deploy
        uses: shockhs/docker-stack-deploy@v1.2
        with:
          registry: "ghcr.io"
          username: ${{ github.actor }}
          password: ${{ secrets.DEPLOY_TOKEN }} # A github token that is scoped to read packages. You can also use GITHUB_TOKEN
          stack_name: "{ your stack name }"
          stack_file: docker-stack.yml
          remote_host: ${{ secrets.REMOTE_HOST }}
          remote_user: ${{ secrets.DEPLOY_USER }}
          remote_private_key: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY }}
          env_file: ./envfile
	name: Deploy
	on:
	push:
	branches:
	- "main"

	permissions:
	packages: write
	contents: read

	jobs:
	build-and-push-image:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Log in to the Container registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build and push Docker image
	uses: docker/build-push-action@v6
	with:
	context: . # Use the Dockerfile in the repo's root and the contents of the repo as context
	push: true
	cache-from: type=gha
	cache-to: type=gha,mode=max
	tags: \|
	ghcr.io/{your username}/{image name}:latest
	ghcr.io/{your username}/{image name}:${{ github.sha }}

	deploy:
	runs-on: ubuntu-latest
	needs:
	- build-and-push-image
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	# We refer to the env file in docker-stack.yml to pick the actual latest version of the container image
	- name: create env file
	run: \|
	echo "GIT_COMMIT_HASH=${{ github.sha }}" >> ./envfile

	- name: Docker Stack Deploy
	uses: shockhs/docker-stack-deploy@v1.2
	with:
	registry: "ghcr.io"
	username: ${{ github.actor }}
	password: ${{ secrets.DEPLOY_TOKEN }} # A github token that is scoped to read packages. You can also use GITHUB_TOKEN
	stack_name: "{ your stack name }"
	stack_file: docker-stack.yml
	remote_host: ${{ secrets.REMOTE_HOST }}
	remote_user: ${{ secrets.DEPLOY_USER }}
	remote_private_key: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY }}
	env_file: ./envfile