Deploy to Production #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to Production | |
concurrency: | |
group: production | |
on: | |
workflow_run: | |
workflows: ["CI"] | |
branches: ["main"] | |
types: | |
- completed | |
jobs: | |
deploy: | |
if: ${{ github.event.workflow_run.conclusion == 'success' }} | |
runs-on: ubuntu-latest | |
environment: production | |
env: | |
BUNDLE_ONLY: deploy | |
DOCKER_BUILDKIT: 1 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Install Ruby and gems | |
uses: ruby/setup-ruby@v1 | |
with: | |
bundler-cache: true | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Expose GitHub Runtime for cache | |
uses: crazy-max/ghaction-github-runtime@v3 | |
- name: Configure 1Password Service Account | |
uses: 1password/load-secrets-action/configure@v2 | |
with: | |
service-account-token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
- name: Load SSH deploy key from 1Password | |
uses: 1password/load-secrets-action@v2 | |
with: | |
export-env: true | |
env: | |
DEPLOY_SSH_KEY: "op://BeBePe DevOps/GHA SSH Key/id_ed25519" | |
- name: Set up SSH | |
uses: webfactory/ssh-agent@v0.9.0 | |
with: | |
ssh-private-key: ${{ env.DEPLOY_SSH_KEY }} | |
- name: Push env changes | |
run: bin/kamal envify | |
- name: Run deploy command | |
run: bin/kamal deploy |