Merge pull request #656 from dzcode-io/chore/deploy-prod-to-zcluster

Author: ZibanPirate

.github/workflows/cd.deploy.yml

@@ -18,7 +18,6 @@ jobs:
     env:
       CI: true
       STAGE: production
-      SSH_ADDRESS_PRD: ${{ secrets.SSH_ADDRESS_PRD }}
       DEPLOY_VERSION: ${{ github.ref_type == 'tag' && github.ref_name || format('0.0.0-{0}-{1}-{2}', github.ref_name, github.run_number, github.run_attempt) }}
 
     steps:
@@ -34,29 +33,103 @@ jobs:
         uses: actions/download-artifact@v4
         with:
           name: build output (ubuntu-latest, 20)
-      - name: "SSH"
-        uses: shimataro/ssh-key-action@v2
+
+      - name: "Generate Bundle info"
+        run: npm run generate:bundle-info $DEPLOY_VERSION production
+
+      - name: "Sentry Release"
+        # todo-zm: remove sentry entirely
+        run: cd ./api && npm run generate:sentry-release $DEPLOY_VERSION production ${{ secrets.SENTRY_AUTH_TOKEN }}
+
+      - name: "Write ./api deps into Dockerfile..."
+        run: |
+          cd ./api
+          npm run prepare-dockerfile
+
+      - name: Build docker image
+        run: |
+          docker buildx build -f api.Dockerfile . -t ghcr.io/dzcode-io/api-dot-production-dot-dzcode-dot-io-server:latest
+        env:
+          DOCKER_BUILDKIT: 1
+
+      - name: Push docker image
+        run: |
+          echo $CR_PAT | docker login ghcr.io -u dzcode-io --password-stdin
+          docker push ghcr.io/dzcode-io/api-dot-production-dot-dzcode-dot-io-server:latest
+        env:
+          CR_PAT: ${{ secrets.CR_PAT }}
+
+  docker-build-push-web-server:
+    needs: build
+    runs-on: ubuntu-latest
+    env:
+      CI: true
+      STAGE: production
+      DEPLOY_VERSION: ${{ github.ref_type == 'tag' && github.ref_name || format('0.0.0-{0}-{1}-{2}', github.ref_name, github.run_number, github.run_attempt) }}
+
+    steps:
+      - name: "Git"
+        uses: actions/checkout@v4
+      - name: "Nodejs"
+        uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          cache: "npm"
+      - run: npm ci
+      - name: Download artifact
+        uses: actions/download-artifact@v4
         with:
-          key: ${{ secrets.SSH_KEY }}
-          known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }}
-      - name: "Bundle info"
+          name: build output (ubuntu-latest, 20)
+
+      - name: "Generate Bundle info"
         run: npm run generate:bundle-info $DEPLOY_VERSION production
-      - name: "Bundle ./web"
-        run: npx lerna run bundle:alone --scope @dzcode.io/web
+
       - name: "Sentry Release"
-        run: npm run generate:sentry-release $DEPLOY_VERSION production ${{ secrets.SENTRY_AUTH_TOKEN }}
-      - name: "Pre-deploy"
-        run: npm run pre-deploy
-      - name: "Deploy"
-        run: npm run deploy
-
-  lighthouse:
-    needs: bundle-deploy
-    uses: ./.github/workflows/ci.reusable.lighthouse.yml
-    with:
-      serverBaseUrl: "https://lh.dzcode.io"
-      testBaseUrl: "https://www.dzcode.io"
-      stage: "production"
-    secrets:
-      LH_SERVER_TOKEN_STG: ${{ secrets.LH_SERVER_TOKEN_STG }}
-      LH_SERVER_TOKEN_PRD: ${{ secrets.LH_SERVER_TOKEN_PRD }}
+        # todo-zm: remove sentry entirely
+        run: cd ./web && npm run generate:sentry-release $DEPLOY_VERSION production ${{ secrets.SENTRY_AUTH_TOKEN }}
+
+      - name: "Bundle ./web for deployment"
+        run: |
+          cd ./web
+          npm run bundle:alone
+          npm run pre-deploy
+
+      - name: "Write ./web-server deps into Dockerfile..."
+        run: |
+          cd ./web-server
+          npm run prepare-dockerfile
+
+      - name: Build docker image
+        run: |
+          docker buildx build -f web-server.Dockerfile . -t ghcr.io/dzcode-io/production-dot-dzcode-dot-io-server:latest
+        env:
+          DOCKER_BUILDKIT: 1
+
+      - name: Push docker image
+        run: |
+          echo $CR_PAT | docker login ghcr.io -u dzcode-io --password-stdin
+          docker push ghcr.io/dzcode-io/production-dot-dzcode-dot-io-server:latest
+        env:
+          CR_PAT: ${{ secrets.CR_PAT }}
+
+  deploy-to-zcluster:
+    needs: [docker-build-push-api, docker-build-push-web-server]
+    runs-on: ubuntu-latest
+    env:
+      CI: true
+
+    steps:
+      - name: "Git"
+        uses: actions/checkout@v4
+
+      - name: install zcluster
+        run: |
+          curl -fsSL https://infra.zak-man.com/install.sh | sh
+          echo "/home/runner/.zcluster/bin" >> $GITHUB_PATH
+
+      - name: Deploy to zcluster
+        run: zcluster deploy -p production-dzcode ./docker-compose.production.yml
+        env:
+          ADMIN_AUTH_TOKEN: ${{ secrets.ADMIN_AUTH_TOKEN }}
+          OPENAI_KEY: ${{ secrets.OPENAI_KEY }}
+          GITHUB_TOKEN: ${{ secrets.API_GITHUB_TOKEN }}

.gitignore

@@ -16,7 +16,6 @@ coverage
 .bundle-info.json
 
 # api
-api/oracle-cloud/build
 api/fetch_cache
 api/postgres_db
 api/meilisearch_db

README.md

@@ -7,7 +7,7 @@ The code for [dzcode.io](https://dzcode.io), a website for the Algerian open-sou
 **Apps:**
 
 - [`./web`](./web) ([dzcode.io](https://dzcode.io) or [stage.dzcode.io](https://stage.dzcode.io))
-- [`./api`](./api) ([api.dzcode.io](https://api.dzcode.io) or [api-stage.dzcode.io](https://api-stage.dzcode.io))
+- [`./api`](./api) ([api.dzcode.io](https://api.dzcode.io) or [api.stage.dzcode.io](https://api.stage.dzcode.io))
 
 **Packages:**
 

api.Dockerfile

@@ -3,6 +3,7 @@ FROM --platform=linux/amd64 node:22
 WORKDIR /usr/src/repo
 
 COPY ./package.json ./package.json
+COPY ./package-lock.json ./package-lock.json
 
 # AUTO_GEN
 COPY ./api/dist ./api/dist
@@ -18,7 +19,7 @@ COPY ./packages/utils/dist ./packages/utils/dist
 COPY ./packages/utils/package.json ./packages/utils/package.json
 # AUTO_GEN_END
 
-RUN npm install --omit=dev [email protected]/api
+RUN npm install --omit=dev [email protected]/api --frozen-lockfile
 
 ENV PORT=80
 WORKDIR /usr/src/repo/api

api/oracle-cloud/Dockerfile

@@ -63,11 +63,9 @@
     "build:alone:watch": "tspc --watch --preserveWatchOutput",
     "build:watch": "lerna run build:alone:watch [email protected]/api --include-dependencies --parallel",
     "clean": "lerna run clean:alone [email protected]/api --include-dependencies --stream",
-    "clean:alone": "del dist coverage fetch_cache oracle-cloud/build",
+    "clean:alone": "del dist coverage fetch_cache",
     "db:generate-migration": "drizzle-kit generate",
     "db:server": "docker compose down && docker compose up",
-    "deploy": "del ./oracle-cloud/build && tsx oracle-cloud/deploy.ts production",
-    "deploy:stg": "del ./oracle-cloud/build && tsx oracle-cloud/deploy.ts staging",
     "generate:bundle-info": "tsx ../packages/tooling/bundle-info.ts",
     "generate:sentry-release": "tsx ../packages/tooling/sentry-release.ts api dist",
     "lint": "npm run build && npm run lint:alone",
@@ -78,9 +76,9 @@
     "lint:prettier": "prettier  --config ../packages/tooling/.prettierrc --ignore-path ../packages/tooling/.prettierignore --log-level warn",
     "lint:ts-prune": "tsx ../packages/tooling/setup-ts-prune.ts && ts-prune --error",
     "lint:tsc": "tspc --noEmit",
+    "prepare-dockerfile": "tsx ../packages/tooling/write-dockerfile.ts @dzcode.io/api",
     "start": "node dist/app/index.js",
     "start:dev": "tsx ../packages/tooling/nodemon.ts \"@dzcode.io/api\" && npm-run-all --parallel start:nodemon db:server",
-    "prepare-dockerfile": "tsx ../packages/tooling/write-dockerfile.ts @dzcode.io/api",
     "start:nodemon": "wait-port localhost:5432 && delay 2 && nodemon dist/app/index.js",
     "test": "npm run build && npm run test:alone",
     "test:alone": "jest --config ../packages/tooling/jest.config.ts --rootDir .",