strapi.io
For our application database i went with Strapi.io. Strapi is an open-source headless CMS (Content Management System) that enables developers to build powerful APIs quickly and easily. It allows to get data to our web application just using API calls.
Strapi server is running on it's on virtual machine inside the docker. Once we have any changes to the school_api repo we would trigger action for school_ansible repo Ansible Build and Deploy Strapi.
This action will then connect to the virtual machine from the github runner, trigger a docker image build and will deploy the app.
name: Ansible Build and Deploy Strapi
# Configure Manual Trigger
on:
workflow_dispatch:
# publish blog using webhook
jobs:
deploy:
runs-on: self-hosted
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: 3.x
- name: Create SSH Directory
run: mkdir -p ${{ github.workspace }}/.ssh
- name: Set Ansible SSH Private Key
run: |
echo "${{ secrets.SSH_PRIVATE }}" > ${{ github.workspace }}/.ssh/id_rsa
chmod 400 ${{ github.workspace }}/.ssh/id_rsa
echo "${{ secrets.ANSIBLE_GITHUB_AUTOMATION }}" > ${{ github.workspace }}/github_automation_rsa
chmod 400 ${{ github.workspace }}/github_automation_rsa
ssh-keyscan github.com >> ${{ github.workspace }}/known_hosts
ls -lah
pwd
# ssh-add ${{ github.workspace }}/.ssh/id_rsa | tr -d '\r'
- name: Generate SSH Public Key
run: |
#ssh-keygen -y -f ${{ github.workspace }}/.ssh/id_rsa > ${{ github.workspace }}/.ssh/id_rsa.pub
echo "${{ secrets.SSH_PUBLIC_TEMP }}" > ${{ github.workspace }}/.ssh/id_rsa.pub
chmod 400 ${{ github.workspace }}/.ssh/id_rsa.pub
- name: Install dependencies
run: |
pip3 install ansible
pip3 install requests
pip3 install python-dateutil
- name: Install Ansible roles
run: ansible-galaxy install -r requirements.yml
- name: Add secrets to .env file
run: |
echo "DATABASE_HOST=${{ secrets.DATABASE_HOST_INFI }}" >> ${{ github.workspace }}/.env
echo "DATABASE_PORT=${{ secrets.DATABASE_PORT_INFI }}" >> ${{ github.workspace }}/.env
echo "DATABASE_NAME=${{ secrets.DATABASE_NAME_INFI }}" >> ${{ github.workspace }}/.env
echo "DATABASE_USERNAME=${{ secrets.DATABASE_USERNAME_INFI }}" >> ${{ github.workspace }}/.env
echo "DATABASE_PASSWORD=${{ secrets.DATABASE_PASSWORD_INFI }}" >> ${{ github.workspace }}/.env
echo "NODE_ENV=${{ secrets.NODE_ENV_INFI }}" >> ${{ github.workspace }}/.env
echo "DATABASE_CLIENT=${{ secrets.DATABASE_CLIENT_INFI }}" >> ${{ github.workspace }}/.env
echo "HOST=${{ secrets.HOST_INFI }}" >> ${{ github.workspace }}/.env
echo "PORT=${{ secrets.PORT_INFI }}" >> ${{ github.workspace }}/.env
echo "APP_KEYS=${{ secrets.APP_KEYS_INFI }}" >> ${{ github.workspace }}/.env
echo "API_TOKEN_SALT=${{ secrets.API_TOKEN_SALT_INFI }}" >> ${{ github.workspace }}/.env
echo "ADMIN_JWT_SECRET=${{ secrets.ADMIN_JWT_SECRET_INFI }}" >> ${{ github.workspace }}/.env
echo "TRANSFER_TOKEN_SALT=${{ secrets.TRANSFER_TOKEN_SALT_INFI }}" >> ${{ github.workspace }}/.env
echo "JWT_SECRET=${{ secrets.JWT_SECRET_INFI }}" >> ${{ github.workspace }}/.env
# Add more lines for additional secrets
- name: Set Ansible Vault Password
run: echo "${{ secrets.ANSIBLE_VAULT_PASS_INFI }}" > ${{ github.workspace }}/.ansible_vault_password
# - name: Run Ansible Graph
# run: ansible-inventory --inventory=${{ github.workspace }}/inventory/hcloud.yml --graph --vault-password-file ${{ github.workspace }}/.ansible_vault_password
- name: Run Clone/Build and Start containers
run: ansible-playbook clone.yml --vault-password-file ${{ github.workspace }}/.ansible_vault_password --private-key=${{ github.workspace }}/.ssh/id_rsa