CI/CD for PostgreSQL Docker - Build, Push, and Deploy #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD for PostgreSQL Docker - Build, Push, and Deploy | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: 'Environment to deploy (Development/Production)' | |
| required: true | |
| default: 'development' | |
| postgres_version: | |
| description: 'PostgreSQL Version' | |
| required: true | |
| default: '17.0' | |
| jobs: | |
| build-and-push: | |
| name: Build and Push PostgreSQL Docker Image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Postgres Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: trplgit/postgres | |
| token: ${{ secrets.GH_TOKEN }} | |
| path: postgres | |
| - name: Set up Docker | |
| uses: docker/setup-buildx-action@v2 | |
| with: | |
| version: latest | |
| - name: Log in to Azure Container Registry | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.ACR_NAME }}.azurecr.io | |
| username: ${{ vars.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push Postgres Docker Image | |
| run: | | |
| docker build -f ./17/alpine3.21/Dockerfile -t ${{ vars.ACR_NAME }}.azurecr.io/${{ inputs.environment }}/trpl-postgres-docker:v17 ./17/alpine3.21 | |
| docker push ${{ vars.ACR_NAME }}.azurecr.io/${{ inputs.environment }}/trpl-postgres-docker:v17 | |
| deploy: | |
| name: Deploy PostgreSQL Docker Container to Linux VM | |
| runs-on: ubuntu-latest | |
| needs: build-and-push | |
| steps: | |
| - name: Install OpenVPN | |
| run: sudo apt-get install -y openvpn | |
| - name: Prepare VPN Files | |
| run: | | |
| echo "${{ secrets.VPN_PKCS12_FILE }}" | base64 -d > TRPL-FW-TCP-1194-ci-cd-automation.p12 | |
| echo "${{ secrets.VPN_TLS_KEY_FILE }}" | base64 -d > TRPL-FW-TCP-1194-ci-cd-automation-tls.key | |
| - name: Connect to VPN | |
| run: | | |
| echo "${{ secrets.VPN_CONFIG_FILE }}" > vpn-config.ovpn | |
| echo -e "${{ vars.VPN_USERNAME }}\n${{ secrets.VPN_PASSWORD }}" > vpn-credentials.txt | |
| sudo openvpn --config vpn-config.ovpn --auth-user-pass vpn-credentials.txt --daemon | |
| - name: Wait for VPN Connection | |
| run: sleep 15 | |
| - name: Verify VPN Connection | |
| run: | | |
| ifconfig | grep tun || (echo "VPN connection failed" && exit 1) | |
| - name: Add user to Docker group | |
| run: | | |
| sudo usermod -aG docker $USER | |
| newgrp docker || true | |
| - name: Create Docker Network if not exists | |
| run: | | |
| echo "${{ secrets.LINUX_VM_PASSWORD_DEVELOPMENT }}" | sudo -S docker network create odoo-postgres-network || echo "Network already exists" | |
| - name: Deploy PostgreSQL Docker Container to VM | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ vars.LINUX_VM_HOST_DEVELOPMENT }} | |
| username: ${{ vars.LINUX_VM_USERNAME_DEVELOPMENT }} | |
| password: ${{ secrets.LINUX_VM_PASSWORD_DEVELOPMENT }} | |
| port: 22 | |
| script: | | |
| echo "${{ secrets.LINUX_VM_PASSWORD_DEVELOPMENT }}" | sudo -S docker login ${{ vars.ACR_NAME }}.azurecr.io -u ${{ vars.ACR_USERNAME }} -p ${{ secrets.ACR_PASSWORD }} | |
| echo "${{ secrets.LINUX_VM_PASSWORD_DEVELOPMENT }}" | sudo -S docker pull ${{ vars.ACR_NAME }}.azurecr.io/${{ inputs.environment }}/trpl-postgres-docker:v17 | |
| echo "${{ secrets.LINUX_VM_PASSWORD_DEVELOPMENT }}" | sudo -S docker stop postgres-container || true | |
| echo "${{ secrets.LINUX_VM_PASSWORD_DEVELOPMENT }}" | sudo -S docker rm postgres-container || true | |
| # Run Postgres container (PostgreSQL 17) | |
| echo "${{ secrets.LINUX_VM_PASSWORD_DEVELOPMENT }}" | sudo -S docker run -d --restart always --name postgres-container --network=odoo-postgres-network -e POSTGRES_PASSWORD=mysecretpassword -p 5433:5433 ${{ vars.ACR_NAME }}.azurecr.io/${{ inputs.environment }}/trpl-postgres-docker:v17 | |
| - name: Cleanup VPN Credentials | |
| run: | | |
| rm -f vpn-config.ovpn vpn-credentials.txt |