From 8d679ac12f04b0ecfe240b707ed30ac4dd2afa72 Mon Sep 17 00:00:00 2001
From: Sceik <60520115+sceuick@users.noreply.github.com>
Date: Mon, 1 Jul 2024 10:53:31 +0800
Subject: [PATCH] No longer auto deploy to prod on push (#960) [skip ci]

---
 .github/deploy.sh                      |  2 +-
 .github/workflows/deploy.yml           |  4 --
 .github/workflows/dev-deploy.yml       | 17 -------
 .github/workflows/prd-deploy-stack.yml | 64 ++++++++++++++++++++++++++
 .github/workflows/web-deploy.yml       |  4 +-
 5 files changed, 67 insertions(+), 24 deletions(-)
 create mode 100644 .github/workflows/prd-deploy-stack.yml

diff --git a/.github/deploy.sh b/.github/deploy.sh
index cbe213d77..9c7d7a563 100644
--- a/.github/deploy.sh
+++ b/.github/deploy.sh
@@ -1,3 +1,3 @@
 #!/bin/bash
 
-# ssh ci@$@ "docker stack deploy -c /home/ci/agn.docker-compose.yml agnaistic"
\ No newline at end of file
+ssh ci@$@ "sh deploy-prd.sh"
\ No newline at end of file
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 6eded44f2..536f481b3 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -38,7 +38,3 @@ jobs:
         run: |
           docker push ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:latest
           docker push ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$GITHUB_SHA
-
-      - name: Update Service
-        run: |
-          sh .github/deploy.sh ${{ secrets.SSH_SERVER }}
diff --git a/.github/workflows/dev-deploy.yml b/.github/workflows/dev-deploy.yml
index aff495141..33df77236 100644
--- a/.github/workflows/dev-deploy.yml
+++ b/.github/workflows/dev-deploy.yml
@@ -59,20 +59,3 @@ jobs:
           aws_bucket: ${{ secrets.S3_DEV_ASSET_BUCKET }}
           source_dir: 'dist'
           destination_dir: ''
-
-      # - name: Build image
-      #   run: |
-      #     docker build -f Dockerfile -t ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:dev --build-arg SHA=$GITHUB_SHA .
-      #     docker tag ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:dev ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$GITHUB_SHA
-
-      # - name: Log in to Container Registry
-      #   run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin
-
-      # - name: Publish
-      #   run: |
-      #     docker push ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:dev
-      #     docker push ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$GITHUB_SHA
-
-      # - name: Update Service
-      #   run: |
-      #     sh .github/dev-deploy.sh ${{ secrets.SSH_SERVER }}
diff --git a/.github/workflows/prd-deploy-stack.yml b/.github/workflows/prd-deploy-stack.yml
new file mode 100644
index 000000000..6950b9ccd
--- /dev/null
+++ b/.github/workflows/prd-deploy-stack.yml
@@ -0,0 +1,64 @@
+name: Deploy to PRD (Web + API)
+
+on: workflow_dispatch
+
+env:
+  IMAGE_NAME: agnaistic
+  node-version: '18.4.0'
+  pnpm-version: 8.6.0
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Get cached dependencies
+        # cache is automatically saved after this job completes. jobs depending on this one will get the latest cached files
+        id: cache-step
+        uses: actions/cache@v3
+        with:
+          path: '**/node_modules'
+          key: ${{ runner.os }}-modules-${{ hashFiles('**/pnpm-lock.yaml') }}
+
+      - name: Install SSH Key
+        uses: shimataro/ssh-key-action@v2
+        with:
+          key: ${{ secrets.SSH_KEY }}
+          known_hosts: 'none'
+
+      - name: Add known host
+        run: |
+          ssh-keyscan -H ${{ secrets.SSH_SERVER }} >> ~/.ssh/known_hosts
+
+      - name: Install project dependencies
+        if: steps.cache-step.outputs.cache-hit != 'true'
+        run: |
+          ls -la
+          echo $NODE_ENV
+          pnpm install --frozen-lockfile
+
+      - name: Build frontend
+        env:
+          INJECT_SCRIPT: ${{ secrets.INJECT_SCRIPT }}
+        run: |
+          pnpm run build:prod
+          cp dist/index.html dist/original.html
+          node .github/inject.js
+
+      - name: Update Backend
+        run: |
+          sh .github/deploy.sh ${{ secrets.SSH_SERVER }}
+
+      - name: Update Frontend
+        uses: shallwefootball/s3-upload-action@master
+        with:
+          aws_key_id: ${{ secrets.S3_ASSET_ACCESS_KEY }}
+          aws_secret_access_key: ${{ secrets.S3_ASSET_SECRET_KEY }}
+          aws_bucket: ${{ secrets.S3_PRD_ASSET_BUCKET }}
+          source_dir: 'dist'
+          destination_dir: ''
diff --git a/.github/workflows/web-deploy.yml b/.github/workflows/web-deploy.yml
index c16bf781a..74e7117d5 100644
--- a/.github/workflows/web-deploy.yml
+++ b/.github/workflows/web-deploy.yml
@@ -1,4 +1,4 @@
-name: Web deploy
+name: Web deploy (to DEV)
 
 on:
   push:
@@ -51,6 +51,6 @@ jobs:
         with:
           aws_key_id: ${{ secrets.S3_ASSET_ACCESS_KEY }}
           aws_secret_access_key: ${{ secrets.S3_ASSET_SECRET_KEY }}
-          aws_bucket: ${{ secrets.S3_PRD_ASSET_BUCKET }}
+          aws_bucket: ${{ secrets.S3_DEV_ASSET_BUCKET }}
           source_dir: 'dist'
           destination_dir: ''