Files
few-line-engine/DEPLOYMENT.md

4.9 KiB

GitHub Actions Deployment Setup

This document describes the setup for automatic deployment to a testing server when creating a Pull Request to the develop branch.

Required GitHub Secrets

Go to repository settings → Settings → Secrets and variables → Actions and add the following secrets:

SSH Connection

  • TESTING_SERVER_HOST - IP address or domain of the testing server
  • TESTING_SERVER_USER - User for SSH connection (e.g., deploy)
  • TESTING_SERVER_SSH_KEY - Private SSH key for server connection
  • TESTING_SERVER_PORT - (optional) SSH port (default: 22)

Database Configuration

  • TESTING_DB_ROOT_PASSWORD - Root password for MariaDB
  • TESTING_DB_USERNAME - Database user
  • TESTING_DB_PASSWORD - Database user password

Required GitHub Variables

Go to repository settings → Settings → Secrets and variables → Actions → Variables and add:

  • TESTING_BASE_PORT - Base port for applications (default: 3000)
  • TESTING_BASE_DB_PORT - Base port for databases (default: 3306)
  • TESTING_BASE_REDIS_PORT - Base port for Redis (default: 6379)

Testing Server Setup

1. Installing Docker and Docker Compose

# System update
sudo apt update && sudo apt upgrade -y

# Docker installation
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

# Add user to docker group
sudo usermod -aG docker $USER

# Install Docker Compose
sudo apt install docker-compose-plugin -y

2. Creating deployment user

# Create user
sudo useradd -m -s /bin/bash deploy
sudo usermod -aG docker deploy

# Create SSH keys directory
sudo mkdir -p /home/deploy/.ssh
sudo chmod 700 /home/deploy/.ssh

# Add public SSH key
sudo nano /home/deploy/.ssh/authorized_keys
# Insert public key corresponding to private key in TESTING_SERVER_SSH_KEY

sudo chmod 600 /home/deploy/.ssh/authorized_keys
sudo chown -R deploy:deploy /home/deploy/.ssh

# Create applications directory
sudo mkdir -p /opt/low-code-engine
sudo chown deploy:deploy /opt/low-code-engine

3. Nginx Setup (Optional)

If you want to use domain names instead of ports:

sudo apt install nginx -y

# Create configuration for testing applications
sudo nano /etc/nginx/sites-available/testing-apps

File content:

server {
    listen 80;
    server_name ~^pr-(?<pr_number>\d+)\.testing\.yourdomain\.com$;

    location / {
        set $app_port 3000$pr_number;
        proxy_pass http://127.0.0.1:$app_port;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}
# Activate configuration
sudo ln -s /etc/nginx/sites-available/testing-apps /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

How Deployment Works

Deployment Process

  1. Trigger: Creating or updating Pull Request to develop branch
  2. Build: Building application and creating Docker image
  3. Deploy: Copying files to server and starting containers
  4. Health Check: Checking application availability
  5. Comment: Adding comment to PR with deployment information

Server Structure

/opt/low-code-engine/
├── testing-pr-123/           # Separate directory for each PR
│   ├── docker-compose.yml    # Main docker-compose file
│   ├── docker-compose.override.yml  # Testing overrides
│   ├── .env                  # Environment variables
│   ├── docker/               # Docker configurations
│   └── low-code-engine-testing.tar.gz  # Docker image
├── testing-pr-124/
└── ...

Ports

Each PR is assigned unique ports:

  • Application: TESTING_BASE_PORT + PR_NUMBER (e.g., 3000 + 123 = 3123)
  • Database: TESTING_BASE_DB_PORT + PR_NUMBER (e.g., 3306 + 123 = 3429)
  • Redis: TESTING_BASE_REDIS_PORT + PR_NUMBER (e.g., 6379 + 123 = 6502)

Cleanup

When PR is closed or merged, automatically:

  1. Stop and remove containers
  2. Remove Docker images
  3. Remove files on server
  4. Add cleanup comment

Security

  1. SSH Keys: Use separate SSH key only for deployment
  2. User: Create separate user with minimal privileges
  3. Firewall: Configure firewall to restrict port access
  4. SSL/TLS: Consider using SSL certificates for HTTPS

Monitoring and Logs

View Application Logs

cd /opt/low-code-engine/testing-pr-{PR_NUMBER}
docker-compose logs -f app

View Container Status

docker-compose ps

Resource Monitoring

docker stats

Troubleshooting

Port Issues

If port is occupied, check which applications are using it:

sudo netstat -tulpn | grep :{PORT}

Docker Issues

Clean up unused resources:

docker system prune -f

Database Issues

Check database connection:

docker-compose exec mariadb mysql -u root -p -e "SHOW DATABASES;"

Migration Issues

Manual migration run:

docker-compose exec app yarn migration:run