deploy-to-do.yml

name: Deploy to DigitalOcean

on:
  push:
    tags:
      - "v*.*.*"

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:

jobs:

  setup:
    runs-on: ubuntu-latest

    strategy:
      fail-fast: false
      matrix:
        operating-system: [ubuntu-latest]
        php-versions: ['7.4']

    steps:

      - name: Set the release version
        run: echo "RELEASE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV

      - name: Test environment variable
        run: echo ${{ env.RELEASE_VERSION }}

      - name: checkout
        uses: actions/checkout@v2

      - name: setup-php
        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ matrix.php-versions }}
          extensions: mbstring

      - name: get-composer-cache-directory
        id: composer-cache
        run: echo "::set-output name=dir::$(composer config cache-files-dir)"

      - name: cache-composer-dependencies
        uses: actions/cache@v2
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
          restore-keys: ${{ runner.os }}-composer-

      - name: install-composer-dependencies
        run: composer install --no-progress --prefer-dist --optimize-autoloader

      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v1

      - name: Cache Docker layers
        uses: actions/cache@v2
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-buildx-${{ github.sha }}
          restore-keys: |
            ${{ runner.os }}-buildx-
      - name: Install doctl
        uses: digitalocean/action-doctl@v2
        with:
          token: ${{ secrets.DO_DEPLOYMENT_TOKEN }}

      - name: Install Docker Compose V2
        run: |
          mkdir -p ~/.docker/cli-plugins
          curl -sSL https://github.com/docker/compose-cli/releases/download/v2.0.0-beta.3/docker-compose-linux-amd64 -o ~/.docker/cli-plugins/docker-compose
          chmod +x ~/.docker/cli-plugins/docker-compose
      - name: Log in to DigitalOcean Container Registry with short-lived credentials
        run: doctl registry login --expiry-seconds 600

      - name: Build the PHP Docker image
        uses: docker/build-push-action@v2
        with:
          context: .
          file: ./docker/php/Dockerfile.prod
          builder: ${{ steps.buildx.outputs.name }}
          push: true
          tags: |
            ${{ secrets.DOCKER_REGISTRY }}/${{ secrets.CONTAINER_NAMESPACE }}/php-runtime-alpine:${{ env.RELEASE_VERSION }}
            ${{ secrets.DOCKER_REGISTRY }}/${{ secrets.CONTAINER_NAMESPACE }}/php-runtime-alpine:latest
      - name: Image digest
        run: echo ${{ steps.docker_build.outputs.digest }}

      - name: Build the NGINX Docker image
        uses: docker/build-push-action@v2
        with:
          context: .
          file: ./docker/nginx/Dockerfile.prod
          push: true
          tags: |
            ${{ secrets.DOCKER_REGISTRY }}/${{ secrets.CONTAINER_NAMESPACE }}/webserver-alpine:${{ env.RELEASE_VERSION }}
            ${{ secrets.DOCKER_REGISTRY }}/${{ secrets.CONTAINER_NAMESPACE }}/webserver-alpine:latest
      - name: Image digest
        run: echo ${{ steps.docker_build.outputs.digest }}

      - name: "Prepare SSH key and known hosts"
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.DEPLOYMENT_SECRET_KEY }}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
      - name: "Pull latest images"
        env:
          DOCKER_HOST: ${{ secrets.DOCKER_HOST }}
        run: docker compose pull --include-deps

      - name: Push image to DigitalOcean
        env:
          DOCKER_HOST: ${{ secrets.DOCKER_HOST }}
        run: docker compose up -d --remove-orphans