zapishis-client/.github/workflows/deploy.yml

name: Build & Deploy Web & Bot

on:
  push:
    branches:
      - main

jobs:
  build-and-push:
    name: Build and Push to Docker Hub
    runs-on: ubuntu-latest
    outputs:
      web_tag: ${{ steps.vars.outputs.web_tag }}
      bot_tag: ${{ steps.vars.outputs.bot_tag }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Create fake .env file for build
        run: |
          echo "BOT_TOKEN=fake" > .env
          echo "LOGIN_GRAPHQL=fake" >> .env
          echo "PASSWORD_GRAPHQL=fake" >> .env
          echo "URL_GRAPHQL=http://localhost/graphql" >> .env
          echo "EMAIL_GRAPHQL=fake@example.com" >> .env
          echo "NEXTAUTH_SECRET=fakesecret" >> .env
          echo "BOT_URL=http://localhost:3000" >> .env
          echo "REDIS_PASSWORD=fake" > .env

      - name: Set image tags
        id: vars
        run: |
          echo "web_tag=web-${GITHUB_SHA::7}" >> $GITHUB_OUTPUT
          echo "bot_tag=bot-${GITHUB_SHA::7}" >> $GITHUB_OUTPUT

      - name: Login to Docker Hub
        run: echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

      - name: Build web image
        run: |
          docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/zapishis-web:${{ steps.vars.outputs.web_tag }} -f ./apps/web/Dockerfile .

      - name: Push web image to Docker Hub
        run: |
          docker push ${{ secrets.DOCKERHUB_USERNAME }}/zapishis-web:${{ steps.vars.outputs.web_tag }}

      - name: Build bot image
        run: |
          docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/zapishis-bot:${{ steps.vars.outputs.bot_tag }} -f ./apps/bot/Dockerfile .

      - name: Push bot image to Docker Hub
        run: |
          docker push ${{ secrets.DOCKERHUB_USERNAME }}/zapishis-bot:${{ steps.vars.outputs.bot_tag }}

  deploy:
    name: Deploy to VPS
    needs: build-and-push
    runs-on: ubuntu-latest
    environment: production
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Setup SSH key
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.VPS_SSH_KEY }}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          ssh-keyscan -p ${{ secrets.VPS_PORT }} -H ${{ secrets.VPS_HOST }} >> ~/.ssh/known_hosts

      - name: Ensure zapishis directory exists on VPS
        run: |
          ssh -i ~/.ssh/id_rsa -p ${{ secrets.VPS_PORT }} -o StrictHostKeyChecking=no ${{ secrets.VPS_USER }}@${{ secrets.VPS_HOST }} "mkdir -p /home/${{ secrets.VPS_USER }}/zapishis"

      - name: Create real .env file for production
        run: |
          echo "BOT_TOKEN=${{ secrets.BOT_TOKEN }}" > .env
          echo "LOGIN_GRAPHQL=${{ secrets.LOGIN_GRAPHQL }}" >> .env
          echo "PASSWORD_GRAPHQL=${{ secrets.PASSWORD_GRAPHQL }}" >> .env
          echo "URL_GRAPHQL=${{ secrets.URL_GRAPHQL }}" >> .env
          echo "EMAIL_GRAPHQL=${{ secrets.EMAIL_GRAPHQL }}" >> .env
          echo "NEXTAUTH_SECRET=${{ secrets.NEXTAUTH_SECRET }}" >> .env
          echo "BOT_URL=${{ secrets.BOT_URL }}" >> .env
          echo "WEB_IMAGE_TAG=${{ needs.build-and-push.outputs.web_tag }}" >> .env
          echo "BOT_IMAGE_TAG=${{ needs.build-and-push.outputs.bot_tag }}" >> .env
          echo "DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}" >> .env
          echo "REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}" >> .env

      - name: Copy .env to VPS via SCP
        uses: appleboy/scp-action@master
        with:
          host: ${{ secrets.VPS_HOST }}
          username: ${{ secrets.VPS_USER }}
          key: ${{ secrets.VPS_SSH_KEY }}
          port: ${{ secrets.VPS_PORT }}
          source: '.env'
          target: '/home/${{ secrets.VPS_USER }}/zapishis/'

      - name: Copy docker-compose.yml to VPS via SCP
        uses: appleboy/scp-action@master
        with:
          host: ${{ secrets.VPS_HOST }}
          username: ${{ secrets.VPS_USER }}
          key: ${{ secrets.VPS_SSH_KEY }}
          port: ${{ secrets.VPS_PORT }}
          source: 'docker-compose.yml'
          target: '/home/${{ secrets.VPS_USER }}/zapishis/'

      - name: Login and deploy on VPS
        run: |
          ssh -i ~/.ssh/id_rsa -p ${{ secrets.VPS_PORT }} -o StrictHostKeyChecking=no ${{ secrets.VPS_USER }}@${{ secrets.VPS_HOST }} "
            cd /home/${{ secrets.VPS_USER }}/zapishis && \
            docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }} && \
            docker compose pull && \
            docker compose down && \
            docker compose up -d
          "