add build, deploy workflows

.deploy/start.sh.template

@@ -0,0 +1,23 @@
+#!/bin/bash
+set -ex
+
+# Pull latest image
+docker pull ${SERVICE_IMAGE}
+
+# Stop and remove running container
+CONTAINERS=$(docker ps --format '{{.Names}}' | awk "/^(${SERVICE_CONTAINER})$/")
+if [ ! -z "£{CONTAINERS}" ]; then
+  echo "£{CONTAINERS}" | xargs docker stop
+  echo "£{CONTAINERS}" | xargs docker rm
+fi
+
+# Start ArangoDB container
+docker run -d -ti --restart unless-stopped --network ${NETWORK} \
+  -v ${SERVICE_CONTAINER}-data:/var/lib/arangodb3 \
+  --env "CSV=${CSV}" \
+  --env "LETSENCRYPT_HOST=${SERVICE_HOST}" \
+  --env "NETWORK_ACCESS=${SERVICE_NETWORK_ACCESS}" \
+  --env "VIRTUAL_HOST=${SERVICE_HOST}" \
+  --env "VIRTUAL_PORT=3000" \
+  --expose "3000" \
+  --name ${SERVICE_CONTAINER} ${SERVICE_IMAGE}

.github/workflows/build.yml

@@ -0,0 +1,67 @@
+# Build and publish to GitHub Container Registry
+#
+# https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#publishing-a-package-using-an-action
+
+name: Build and publish
+
+concurrency:
+  group: build-${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - develop
+    paths:
+      - .github/workflows/build.yml
+      - Dockerfile
+      - go.mod
+      - go.sum
+      - main.go
+
+env:
+  IMAGE_NAME: ${{ github.repository }}
+  REGISTRY: ghcr.io
+
+jobs:
+  build:
+    name: Build and publish
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract image metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push image
+        uses: docker/build-push-action@v5
+        with:
+          labels: ${{ steps.meta.outputs.labels }}
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+
+  # https://github.com/recipeer/docs/blob/develop/workflows/discord-notifications.md
+  notify:
+    name: Discord notification
+    uses: recipeer/docs/.github/workflows/discord.yml@develop
+    needs: build
+    secrets: inherit
+    if: ${{ always() }}
+    with:
+      repository: ${{ github.repository }}
+      result: ${{ needs.build.result }}
+      run_id: ${{ github.run_id }}
+      run_number: ${{ github.run_number }}
+      workflow: ${{ github.workflow }}

.github/workflows/deploy.yml

@@ -0,0 +1,71 @@
+# Deploy short URL service to a server
+#
+# nginx-proxy should be deployed first: https://github.com/recipeer/nginx-proxy
+
+name: Deploy
+
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: 'Environment'
+        required: true
+        type: environment
+      tag:
+        description: 'Image tag'
+        required: true
+        default: develop
+
+env:
+  SERVICE_IMAGE: ghcr.io/recipeer/short-url-service:${{ inputs.tag }}
+  TARGET_START_SH: /tmp/short-url-service.start-${{ github.run_number }}.sh
+
+jobs:
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Prepare id_rsa
+        run: echo "${{ secrets.DEPLOY_KEY }}" > id_rsa && chmod 600 id_rsa
+
+      - name: Prepare deployment script
+        run: |
+          export CSV="${{ vars.CSV }}"
+          export NETWORK=${{ vars.NETWORK }}
+          export SERVICE_CONTAINER=${{ vars.SERVICE_CONTAINER }}
+          export SERVICE_HOST=${{ vars.SERVICE_HOST }}
+          export SERVICE_IMAGE=${{ env.SERVICE_IMAGE }}
+          export SERVICE_NETWORK_ACCESS=${{ vars.SERVICE_NETWORK_ACCESS }}
+          envsubst < .deploy/start.sh.template | sed 's/£/$/g' > .deploy/start.sh
+
+      - name: Import target SSH public key
+        run: |
+          TARGET=$(echo "${{ vars.SSH_TARGET }}" | awk -F@ '{ print $2 }')
+          mkdir -p ~/.ssh && ssh-keyscan ${TARGET} >> ~/.ssh/known_hosts
+
+      - name: Copy deployment script to server
+        run: scp -vi id_rsa .deploy/start.sh ${{ vars.SSH_TARGET }}:${{ env.TARGET_START_SH }}
+
+      - name: Run deployment script
+        run: ssh -i id_rsa ${{ vars.SSH_TARGET }} bash ${{ env.TARGET_START_SH }}
+
+      - name: Cleanup deployment script
+        run: ssh -i id_rsa ${{ vars.SSH_TARGET }} rm ${{ env.TARGET_START_SH }}
+
+  # https://github.com/recipeer/docs/blob/develop/workflows/discord-notifications.md
+  notify:
+    name: Discord notification
+    uses: recipeer/docs/.github/workflows/discord.yml@develop
+    needs: deploy
+    secrets: inherit
+    if: ${{ always() }}
+    with:
+      repository: ${{ github.repository }}
+      result: ${{ needs.deploy.result }}
+      run_id: ${{ github.run_id }}
+      run_number: ${{ github.run_number }}
+      workflow: ${{ github.workflow }}