shei99
commented
1 year ago A different solution to this would be to:
- Build the Docker Image in the CI/CD Pipeline
- Push the newly built image to a registry (GitHub, Dockerhub or self hosted)
- Use Watchtower (https://containrrr.dev/watchtower/) to update the image on the server
Additionally, all the docker-compose files should be versioned in a separate repository.
Currently after pushing to the corresponding branches we have to manually log into the server and deploy the changes by running
docer-compose up. Since only @alexhorn and me have access to the server other contributors cannot have their changes deployed.We could set up a CI pipeline which automatically runs
docker-compose up -d --buildon our server after a push todevelopandmaster. From my experience, the best way is to generate a ssh key for github and limit the commands that can be executed using this ssh key using thecommand=...option in theauthorized_keysfile.