name: deploy-prod-non-docker on: push: branches: - main workflow_dispatch: concurrency: group: wx-service-prod cancel-in-progress: true jobs: deploy: runs-on: ubuntu-latest timeout-minutes: 20 steps: - name: Checkout uses: actions/checkout@v4 - name: Setup Go uses: actions/setup-go@v5 with: go-version: '1.23.x' - name: Download modules run: go mod download - name: Build linux binary run: | mkdir -p tmp CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -trimpath -ldflags "-s -w" -o tmp/wx_service ./cmd/api - name: Prepare SSH env: SSH_KEY: ${{ secrets.PROD_SSH_KEY }} HOST: ${{ secrets.PROD_HOST }} PORT: ${{ secrets.PROD_PORT }} run: | set -e if [ -z "$SSH_KEY" ] || [ -z "$HOST" ]; then echo "Missing required secrets: PROD_SSH_KEY / PROD_HOST" exit 1 fi mkdir -p ~/.ssh chmod 700 ~/.ssh printf '%s\n' "$SSH_KEY" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -p "${PORT:-22}" "$HOST" >> ~/.ssh/known_hosts - name: Upload binary to server env: HOST: ${{ secrets.PROD_HOST }} PORT: ${{ secrets.PROD_PORT }} USER: ${{ secrets.PROD_USER }} run: | set -e REMOTE_BIN="/tmp/wx_service-${GITHUB_SHA}" SSH_OPTS="-o BatchMode=yes -o ConnectTimeout=15 -o ServerAliveInterval=10 -o ServerAliveCountMax=3" scp -O ${SSH_OPTS} -P "${PORT:-22}" tmp/wx_service "${USER:-root}@${HOST}:${REMOTE_BIN}" - name: Deploy on server env: HOST: ${{ secrets.PROD_HOST }} PORT: ${{ secrets.PROD_PORT }} USER: ${{ secrets.PROD_USER }} run: | set -e REMOTE_BIN="/tmp/wx_service-${GITHUB_SHA}" SSH_OPTS="-o BatchMode=yes -o ConnectTimeout=15 -o ServerAliveInterval=10 -o ServerAliveCountMax=3" ssh ${SSH_OPTS} -p "${PORT:-22}" "${USER:-root}@${HOST}" \ "APP_DIR='/www/wwwroot/wx_service' \ DIST_DIR='/www/wwwroot/wx_service/dist' \ SOURCE_BIN='${REMOTE_BIN}' \ RELEASE_ID='${GITHUB_SHA}' \ SERVICE_NAME='wx_service' \ RUN_USER='www' \ RUN_GROUP='www' \ PORT='8080' \ SYNC_CODE='true' \ DEPLOY_REF='${GITHUB_SHA}' \ INSTALL_SERVICE='true' \ bash -s" < scripts/ops/deploy_binary.sh