setup ffsaf auto-deploy

.github/workflows/deploy.yml

@@ -0,0 +1,67 @@
+name: Deploy Server
+
+# Only run the workflow when a PR is merged on main and closed
+on:
+  pull_request:
+    types:
+      - closed
+    branches:
+      - 'master'
+
+# Here we check that the PR was correctly merged to main
+jobs:
+  if_merged:
+    if: github.event.pull_request.merged == true
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Copy repository contents to vps via scp
+        uses: appleboy/scp-action@v0.1.4 # Latest in date when creating the workflow
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.SSH_USER }}
+          port: ${{ secrets.SSH_PORT }}
+          key: ${{ secrets.SSH_KEY }}
+          source: "."
+          target: ${{ secrets.TARGET_DIR }}/ffsaf # Need to create it first on the VPS
+
+      - name: Build application
+        uses: appleboy/ssh-action@v1.0.0
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.SSH_USER }}
+          port: ${{ secrets.SSH_PORT }}
+          key: ${{ secrets.SSH_KEY }}
+          script: |
+            cd ${{ secrets.TARGET_DIR }}/ffsaf
+            chmod 740 mvnw
+            JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 ./mvnw package -Pnative -DskipTests
+
+      - name: Build docker and execute it
+        uses: appleboy/ssh-action@v1.0.0
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.SSH_USER }}
+          port: ${{ secrets.SSH_PORT }}
+          key: ${{ secrets.SSH_KEY }}
+          script: |
+            cd ${{ secrets.TARGET_DIR }}
+            docker stop ffsaf
+            docker rm ffsaf
+            docker compose up --build -d ffsaf
+
+      - name: Check ffsaf container
+        uses: appleboy/ssh-action@v1.0.0
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.SSH_USER }}
+          port: ${{ secrets.SSH_PORT }}
+          key: ${{ secrets.SSH_KEY }}
+          script: |
+            if docker ps | grep ffsaf; then
+              echo 'Container is running'
+            else
+              echo 'Container is not running'
+              exit 1 # This mark the pipeline as failed
+            fi

src/main/docker/Dockerfile.native

@@ -19,9 +19,10 @@ WORKDIR /work/
 RUN chown 1001 /work \
     && chmod "g+rwX" /work \
     && chown 1001:root /work
-COPY --chown=1001:root target/*-runner /work/application
+COPY --chown=1001:root ffsaf/target/*-runner /work/application
+COPY --chown=1001:root ffsaf/src/main/resources/cacerts /work/cacerts
 
 EXPOSE 8080
 USER 1001
 
-ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"]
+ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0", "-Djavax.net.ssl.trustStore=/work/cacerts", "-Djavax.net.ssl.trustStorePassword=changeit"]