core/.forgejo/workflows/deploy.yaml

name: Deploy Core (Dashboard & Identity Gateway)

on:
  push:
    branches:
      - dev
    paths:
      - 'dashboard/**'
      - 'identity-gateway/**'

env:
  REGISTRY: rg.fr-par.scw.cloud/yumi

jobs:
  deploy-dev:
    runs-on: docker
    steps:
      - name: Checkout code
        uses: https://github.com/actions/checkout@v4
        with:
          fetch-depth: 2

      - name: Check changed files
        id: check
        run: |
          if git diff --name-only HEAD~1 HEAD | grep -q "^dashboard/"; then
            echo "dashboard=true" >> $GITHUB_OUTPUT
          else
            echo "dashboard=false" >> $GITHUB_OUTPUT
          fi
          if git diff --name-only HEAD~1 HEAD | grep -q "^identity-gateway/"; then
            echo "identity-gateway=true" >> $GITHUB_OUTPUT
          else
            echo "identity-gateway=false" >> $GITHUB_OUTPUT
          fi          

      - name: Deploy via SSH
        uses: https://github.com/appleboy/ssh-action@v1.0.3
        with:
          host: ${{ secrets.HOST }}
          username: ${{ secrets.USERNAME }}
          key: ${{ secrets.SSH_KEY }}
          port: ${{ secrets.PORT || 22 }}
          script: |
            # Login no Scaleway Registry
            echo "${{ secrets.SCW_SECRET_KEY }}" | podman login ${{ env.REGISTRY }} -u nologin --password-stdin

            # --- DEPLOY DASHBOARD ---
            if [ "${{ steps.check.outputs.dashboard }}" == "true" ]; then
              echo "🚀 Deploying Dashboard..."
              podman pull ${{ env.REGISTRY }}/dashboard:latest
              # Stop ancient container if exists
              podman stop dashboard || true
              podman rm dashboard || true
              # Run new container
              podman run -d --name dashboard -p 3000:3000 --restart always ${{ env.REGISTRY }}/dashboard:latest
            fi

            # --- DEPLOY IDENTITY GATEWAY ---
            if [ "${{ steps.check.outputs.identity-gateway }}" == "true" ]; then
              echo "🚀 Deploying Identity Gateway..."
              podman pull ${{ env.REGISTRY }}/identity-gateway:latest
              # Stop ancient container if exists
              podman stop identity-gateway || true
              podman rm identity-gateway || true
              # Run new container (assuming env from host or .env file mapping needed)
              # NOTE: You might need to map .env file: --env-file /path/to/.env
              podman run -d --name identity-gateway -p 4000:4000 --restart always ${{ env.REGISTRY }}/identity-gateway:latest
            fi

            # --- LIMPEZA ---
            echo "🧹 Pruning old images..."
            podman image prune -f || true