我正在使用GitHub Actions触发dockerfile的构建,它会将容器上传到GitHub Container Registry。在最后一步中,我通过SSH连接到我的远程DigitalOcean Droplet,并执行一个脚本从GHCR拉取和安装新镜像。对于我而言,这个工作流很好,因为我只在项目中构建了一个单独的容器。现在我需要NGINX除了API,所以我正在使用docker compose。由于目前项目对资源的需求不高,我想将容器保留在单个dropplet上。
“如何使用Github Actions和Docker Compose自动部署到单个VM的DigitalOcean的正确方法是什么?”
我目前知道的选项有:
1. 跳过在GHCR上构建容器并通过ssh获取repo以执行生产compose文件来开始远程构建。 2. 在GHCR上构建每个容器,将生产compose文件复制到远程上,然后从GHCR拉取和安装。
如果您知道更干净或更有效的选项,请告诉我!
不幸的是,我找到了一个参考docker-compose with Github Actions for CI question。
“单个容器的GitHub Action”
“如何使用Github Actions和Docker Compose自动部署到单个VM的DigitalOcean的正确方法是什么?”
我目前知道的选项有:
1. 跳过在GHCR上构建容器并通过ssh获取repo以执行生产compose文件来开始远程构建。 2. 在GHCR上构建每个容器,将生产compose文件复制到远程上,然后从GHCR拉取和安装。
如果您知道更干净或更有效的选项,请告诉我!
不幸的是,我找到了一个参考docker-compose with Github Actions for CI question。
“单个容器的GitHub Action”
name: Github Container Registry to DigitalOcean Droplet
on:
# Trigger the workflow via push on main branch
push:
branches:
- main
# use only trigger action if the backend folder changed
paths:
- "backend/**"
- ".github/workflows/**"
jobs:
# Builds a Docker Image and pushes it to Github Container Registry
push_to_github_container_registry:
name: Push to GHCR
runs-on: ubuntu-latest
# use the backend folder as the default working directory for the job
defaults:
run:
working-directory: ./backend
steps:
# Checkout the Repository
- name: Checking out the repository
uses: actions/checkout@v2
# Setting up Docker Builder
- name: Set up Docker Builder
uses: docker/setup-buildx-action@v1
# Set Github Access Token with "write:packages & read:packages" scope for Github Container Registry.
# Then go to repository setings and add the copied token as a secret called "CR_PAT"
# https://github.com/settings/tokens/new?scopes=repo,write:packages&description=Github+Container+Registry
# ! While GHCR is in Beta make sure to enable the feature
- name: Logging into GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }}
# Push to Github Container Registry
- name: Pushing Image to Github Container Registry
uses: docker/build-push-action@v2
with:
context: ./backend
version: latest
file: backend/dockerfile
push: true
tags: ghcr.io/${{ github.repository }}:latest
# Connect to existing Droplet via SSH and (re)installs add. runs the image
# ! Ensure you have installed the preconfigured Droplet with Docker
# ! Ensure you have added SSH Key to the Droplet
# ! - its easier to add the SSH Keys bevore createing the droplet
deploy_to_digital_ocean_dropplet:
name: Deploy to Digital Ocean Droplet
runs-on: ubuntu-latest
needs: push_to_github_container_registry
steps:
- name: Deploy to Digital Ocean droplet via SSH action
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
port: ${{ secrets.PORT }}
script: |
# Stop all running Docker Containers
docker kill $(docker ps -q)
# Free up space
docker system prune -a
# Login to Github Container Registry
docker login https://ghcr.io -u ${{ github.repository_owner }} -p ${{ secrets.CR_PAT }}
# Pull the Docker Image
docker pull ghcr.io/${{ github.repository }}:latest
# Run a new container from a new image
docker run -d -p 80:8080 -p 443:443 -t ghcr.io/${{ github.repository }}:latest
当前Docker-Compose文件
version: "3"
services:
api:
build:
context: ./backend/api
networks:
api-network:
aliases:
- api-net
nginx:
build:
context: ./backend/nginx
ports:
- "80:80"
- "443:443"
networks:
api-network:
aliases:
- nginx-net
depends_on:
- api
networks:
api-network: