mirror of
https://github.com/immense/Remotely.git
synced 2025-10-26 11:27:15 +00:00
200 lines
7.1 KiB
YAML
200 lines
7.1 KiB
YAML
# To use this workflow to deploy Remotely:
|
|
#
|
|
# IMPORTANT: You must run the install script as sudo first before using this
|
|
# GitHub workflow. This will only deploy the updated files.
|
|
# The script will install dependencies, create the systemd
|
|
# ervice, create the Nginx site, etc.
|
|
#
|
|
# 1. Set up SSH on your Ubuntu server. There are plenty of articles on
|
|
# the internet that describe the process. Here's a good one:
|
|
# https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-1604
|
|
#
|
|
# It's a good idea to turn off password-based authentication.
|
|
#
|
|
#
|
|
# 2. Create the below Secrets in GitHub.
|
|
# - BASE64_ENCODED_PFX
|
|
# - See below section to get this string.
|
|
# - PFX_KEY
|
|
# - The password for the certificate.
|
|
# - SSH_USERNAME
|
|
# - Username to use for SSH connection.
|
|
# - SSH_PRIVATE_KEY
|
|
# - The private key to use for SSH.
|
|
# - SSH_HOSTNAME
|
|
# - The hostname or IP to use for the SSH connection.
|
|
# - SSH_KNOWN_HOSTS
|
|
# - The content to go into your known_hosts file. This should
|
|
# contain the fingerprint for the SSH host (e.g. "{hostname} {public key}")
|
|
# - SITE_URL
|
|
# - The public hostname for the site (e.g. https://app.remotely.one).
|
|
# This can be an IP if it's only going to be used on the local network
|
|
# with HTTP.
|
|
#
|
|
# Secrets are created in GitHub under the repository (your forked repository,
|
|
# not the lucent-sea/Remotely repository). They are only usable by you and
|
|
# collaborators that you've allowed on your repo. After being set, they are
|
|
# not visible or displayed anywhere, even to yourself.
|
|
#
|
|
# If you don't want to sign your EXEs, skip creating the BASE64_ENCODED_PFX
|
|
# and PFX_KEY secrets. They won't be used.
|
|
#
|
|
#
|
|
# 3. Getting the Base64-Encoded PFX
|
|
# To get the base64-encoded certificate, use the below PowerShell snippet,
|
|
# using your PFX file name.
|
|
#
|
|
# $Pfx_Cert = Get-Content '.\Remotely_Cert.pfx' -Encoding Byte
|
|
# [System.Convert]::ToBase64String($Pfx_Cert) | clip
|
|
#
|
|
# The base64-encoded string is now in your clipboard. You can paste
|
|
# it into GitHub when creating the Secret.
|
|
#
|
|
#
|
|
# 3. Deploying via SSH
|
|
#
|
|
# On GitHub, go to your forked repo, then to Actions. On the left, select
|
|
# "Deploy via SSH" action underneath "All Workflows". There should be a
|
|
# banner saying "This workflow has a workflow_dispatch event trigger."
|
|
#
|
|
# Click "Run workflow" and select the branch you want to deploy.
|
|
#
|
|
# 5. Keeping Your Fork Updated
|
|
# You'll want to keep your fork updated so you can deploy the latest
|
|
# changes. There are a few ways to do it, and they're easy to find
|
|
# with a little Googling.
|
|
#
|
|
# Once your branch has been updated, you can run the
|
|
# workflow again manually in GitHub to re-deploy.
|
|
|
|
name: Deploy via SSH
|
|
|
|
on:
|
|
# Uncomment these for automatic deployment.
|
|
# push:
|
|
# branches: [ master ]
|
|
# pull_request:
|
|
# branches: [ master ]
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
|
|
build:
|
|
|
|
strategy:
|
|
matrix:
|
|
configuration: [Release]
|
|
|
|
runs-on: windows-latest # For a list of available runner types, refer to
|
|
# https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idruns-on
|
|
|
|
env:
|
|
Solution_Name: Remotely.sln # Replace with your solution name, i.e. MyWpfApp.sln.
|
|
Configuration: ${{ matrix.configuration }}
|
|
Test_Project_Path: Tests\Tests.csproj # Replace with the path to your test project, i.e. MyWpfApp.Tests\MyWpfApp.Tests.csproj.
|
|
PfxBase64: ${{ secrets.BASE64_ENCODED_PFX }}
|
|
PfxKey: ${{ secrets.PFX_KEY }}
|
|
SiteUrl: ${{ secrets.SITE_URL }}
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
# Install the .NET Core workload
|
|
- name: Install .NET Core
|
|
uses: actions/setup-dotnet@v1.7.2
|
|
|
|
# Add MSBuild to the PATH: https://github.com/microsoft/setup-msbuild
|
|
- name: Setup MSBuild.exe
|
|
uses: microsoft/setup-msbuild@v1
|
|
|
|
# Execute all unit tests in the solution
|
|
- name: Execute unit tests
|
|
run: dotnet test
|
|
|
|
# Restore the application to populate the obj folder with RuntimeIdentifiers
|
|
- name: Restore the application
|
|
run: msbuild $env:Solution_Name /t:Restore /p:Configuration=$env:Configuration
|
|
|
|
# Decode the base 64 encoded pfx and save the Signing_Certificate
|
|
- name: Decode the pfx
|
|
run: |
|
|
if (!($env:PfxBase64)) {
|
|
echo "Skipping cert signing because Base64_Encoded_Pfx secret is missing."
|
|
return
|
|
}
|
|
|
|
echo "Creating Pfx for signing assemblies."
|
|
|
|
$pfx_cert_byte = [System.Convert]::FromBase64String($env:PfxBase64)
|
|
$certificatePath = Join-Path -Path $env:GITHUB_WORKSPACE -ChildPath GitHubActionsWorkflow.pfx
|
|
echo "Writing file to $certificatePath."
|
|
[IO.File]::WriteAllBytes($certificatePath, $pfx_cert_byte)
|
|
|
|
# Store the assembly version in an environment variable
|
|
- name: Set current version
|
|
shell: powershell
|
|
run: |
|
|
$VersionString = git show -s --format=%ci
|
|
$VersionDate = [DateTimeOffset]::Parse($VersionString)
|
|
|
|
$Year = $VersionDate.Year.ToString()
|
|
$Month = $VersionDate.Month.ToString().PadLeft(2, "0")
|
|
$Day = $VersionDate.Day.ToString().PadLeft(2, "0")
|
|
$Hour = $VersionDate.Hour.ToString().PadLeft(2, "0")
|
|
$Minute = $VersionDate.Minute.ToString().PadLeft(2, "0")
|
|
$CurrentVersion = "$Year.$Month.$Day.$Hour$Minute"
|
|
|
|
echo "::set-env name=CurrentVersion::$CurrentVersion"
|
|
# This was needed in Azure Pipelines.
|
|
#[System.Console]::WriteLine("##vso[task.setvariable variable=CurrentVersion]$CurrentVersion")
|
|
|
|
Write-Host "Setting current version to $CurrentVersion."
|
|
|
|
# Run the Publish script to build clients and server.
|
|
- name: Run Publish script
|
|
shell: powershell
|
|
run: |
|
|
.\Utilities\Publish.ps1 -CertificatePath "$env:GITHUB_WORKSPACE\GitHubActionsWorkflow.pfx" -CertificatePassword $env:PfxKey -Hostname $env:SiteUrl -CurrentVersion $env:CurrentVersion -RID linux-x64 -OutDir "$env:GITHUB_WORKSPACE\publish"
|
|
|
|
# Upload build artifact to be deployed from Ubuntu runner
|
|
- name: Upload build artifact
|
|
uses: actions/upload-artifact@v2
|
|
with:
|
|
path: ./publish/
|
|
|
|
|
|
# Remove the pfx
|
|
- name: Remove the pfx
|
|
run: Remove-Item -path "$env:GITHUB_WORKSPACE\GitHubActionsWorkflow.pfx"
|
|
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
needs: build
|
|
env:
|
|
SshUsername: ${{ secrets.SSH_USERNAME }}
|
|
SshPrivateKey: ${{ secrets.SSH_PRIVATE_KEY }}
|
|
SshHostname: ${{ secrets.SSH_HOSTNAME }}
|
|
|
|
steps:
|
|
|
|
# Install SSH Key
|
|
- name: Install SSH Key
|
|
uses: shimataro/ssh-key-action@v2.1.0
|
|
with:
|
|
# SSH private key
|
|
key: ${{ secrets.SSH_PRIVATE_KEY }}
|
|
# public keys of SSH servers
|
|
known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }}
|
|
|
|
# Download Build Artifact
|
|
- name: Download build artifact
|
|
uses: actions/download-artifact@v2
|
|
|
|
- name: Publish
|
|
shell: bash
|
|
run: |
|
|
rsync -r -v ./artifact/ $SshUsername@$SshHostname:/var/www/remotely/
|