# To use this workflow to deploy Remotely: # # IMPORTANT: You must run the install script as sudo first before using this # GitHub workflow. This will only deploy the updated files. # The script will install dependencies, create the systemd # ervice, create the Nginx site, etc. # # 1. Set up SSH on your Ubuntu server. There are plenty of articles on # the internet that describe the process. Here's a good one: # https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-1604 # # It's a good idea to turn off password-based authentication. # # # 2. Create the below Secrets in GitHub. # - BASE64_ENCODED_PFX # - See below section to get this string. # - PFX_KEY # - The password for the certificate. # - SSH_USERNAME # - Username to use for SSH connection. # - SSH_PRIVATE_KEY # - The private key to use for SSH. # - SSH_HOSTNAME # - The hostname or IP to use for the SSH connection. # - SSH_KNOWN_HOSTS # - The content to go into your known_hosts file. This should # contain the fingerprint for the SSH host (e.g. "{hostname} {public key}") # - SITE_URL # - The public hostname for the site (e.g. https://app.remotely.one). # This can be an IP if it's only going to be used on the local network # with HTTP. # # Secrets are created in GitHub under the repository (your forked repository, # not the lucent-sea/Remotely repository). They are only usable by you and # collaborators that you've allowed on your repo. After being set, they are # not visible or displayed anywhere, even to yourself. # # If you don't want to sign your EXEs, skip creating the BASE64_ENCODED_PFX # and PFX_KEY secrets. They won't be used. # # # 3. Getting the Base64-Encoded PFX # To get the base64-encoded certificate, use the below PowerShell snippet, # using your PFX file name. # # $Pfx_Cert = Get-Content '.\Remotely_Cert.pfx' -Encoding Byte # [System.Convert]::ToBase64String($Pfx_Cert) | clip # # The base64-encoded string is now in your clipboard. You can paste # it into GitHub when creating the Secret. # # # 3. Deploying via SSH # # On GitHub, go to your forked repo, then to Actions. On the left, select # "Deploy via SSH" action underneath "All Workflows". There should be a # banner saying "This workflow has a workflow_dispatch event trigger." # # Click "Run workflow" and select the branch you want to deploy. # # 5. Keeping Your Fork Updated # You'll want to keep your fork updated so you can deploy the latest # changes. There are a few ways to do it, and they're easy to find # with a little Googling. # # Once your branch has been updated, you can run the # workflow again manually in GitHub to re-deploy. name: Deploy via SSH on: # Uncomment these for automatic deployment. # push: # branches: [ master ] # pull_request: # branches: [ master ] workflow_dispatch: jobs: build: strategy: matrix: configuration: [Release] runs-on: windows-latest # For a list of available runner types, refer to # https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idruns-on env: Solution_Name: Remotely.sln # Replace with your solution name, i.e. MyWpfApp.sln. Configuration: ${{ matrix.configuration }} Test_Project_Path: Tests\Tests.csproj # Replace with the path to your test project, i.e. MyWpfApp.Tests\MyWpfApp.Tests.csproj. PfxBase64: ${{ secrets.BASE64_ENCODED_PFX }} PfxKey: ${{ secrets.PFX_KEY }} SiteUrl: ${{ secrets.SITE_URL }} steps: - name: Checkout uses: actions/checkout@v2 with: fetch-depth: 0 # Install the .NET Core workload - name: Install .NET Core uses: actions/setup-dotnet@v1.7.2 # Add MSBuild to the PATH: https://github.com/microsoft/setup-msbuild - name: Setup MSBuild.exe uses: microsoft/setup-msbuild@v1 # Execute all unit tests in the solution - name: Execute unit tests run: dotnet test # Restore the application to populate the obj folder with RuntimeIdentifiers - name: Restore the application run: msbuild $env:Solution_Name /t:Restore /p:Configuration=$env:Configuration # Decode the base 64 encoded pfx and save the Signing_Certificate - name: Decode the pfx run: | if (!($env:PfxBase64)) { echo "Skipping cert signing because Base64_Encoded_Pfx secret is missing." return } echo "Creating Pfx for signing assemblies." $pfx_cert_byte = [System.Convert]::FromBase64String($env:PfxBase64) $certificatePath = Join-Path -Path $env:GITHUB_WORKSPACE -ChildPath GitHubActionsWorkflow.pfx echo "Writing file to $certificatePath." [IO.File]::WriteAllBytes($certificatePath, $pfx_cert_byte) # Store the assembly version in an environment variable - name: Set current version shell: powershell run: | $VersionString = git show -s --format=%ci $VersionDate = [DateTimeOffset]::Parse($VersionString) $Year = $VersionDate.Year.ToString() $Month = $VersionDate.Month.ToString().PadLeft(2, "0") $Day = $VersionDate.Day.ToString().PadLeft(2, "0") $Hour = $VersionDate.Hour.ToString().PadLeft(2, "0") $Minute = $VersionDate.Minute.ToString().PadLeft(2, "0") $CurrentVersion = "$Year.$Month.$Day.$Hour$Minute" echo "::set-env name=CurrentVersion::$CurrentVersion" # This was needed in Azure Pipelines. #[System.Console]::WriteLine("##vso[task.setvariable variable=CurrentVersion]$CurrentVersion") Write-Host "Setting current version to $CurrentVersion." # Run the Publish script to build clients and server. - name: Run Publish script shell: powershell run: | .\Utilities\Publish.ps1 -CertificatePath "$env:GITHUB_WORKSPACE\GitHubActionsWorkflow.pfx" -CertificatePassword $env:PfxKey -Hostname $env:SiteUrl -CurrentVersion $env:CurrentVersion -RID linux-x64 -OutDir "$env:GITHUB_WORKSPACE\publish" # Upload build artifact to be deployed from Ubuntu runner - name: Upload build artifact uses: actions/upload-artifact@v2 with: path: ./publish/ # Remove the pfx - name: Remove the pfx run: Remove-Item -path "$env:GITHUB_WORKSPACE\GitHubActionsWorkflow.pfx" deploy: runs-on: ubuntu-latest needs: build env: SshUsername: ${{ secrets.SSH_USERNAME }} SshPrivateKey: ${{ secrets.SSH_PRIVATE_KEY }} SshHostname: ${{ secrets.SSH_HOSTNAME }} steps: # Install SSH Key - name: Install SSH Key uses: shimataro/ssh-key-action@v2.1.0 with: # SSH private key key: ${{ secrets.SSH_PRIVATE_KEY }} # public keys of SSH servers known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }} # Download Build Artifact - name: Download build artifact uses: actions/download-artifact@v2 - name: Publish shell: bash run: | rsync -r -v ./artifact/ $SshUsername@$SshHostname:/var/www/remotely/