rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Update .forgejo/workflows/deploy.yaml

Browse source
This commit is contained in:
bohessefm 2026-02-21 13:16:38 +00:00
parent b05456e21c
commit 1b07447550
1 changed files with 9 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
.forgejo/workflows/deploy.yaml
View file

@ -58,15 +58,15 @@ jobs:
- name: Sync Secrets and Vars - name: Sync Secrets and Vars
run: | run: |
# Garante que o namespace existe # 1. Garante que o namespace existe
kubectl create namespace ${{ env.NAMESPACE }} --dry-run=client -o yaml | kubectl apply -f - kubectl create namespace ${{ env.NAMESPACE }} --dry-run=client -o yaml | kubectl apply -f -
# Sincroniza Registry Secret do namespace forgejo # 2. Sincroniza Registry Secret limpando metadados que causam erro de Conflict
kubectl get secret forgejo-registry-secret --namespace=forgejo -o yaml | \ kubectl get secret forgejo-registry-secret --namespace=forgejo -o yaml | \
sed "s/namespace: forgejo/namespace: ${{ env.NAMESPACE }}/" | \ grep -vE "resourceVersion|uid|creationTimestamp|namespace" | \
kubectl apply -f - kubectl apply --namespace=${{ env.NAMESPACE }} -f -
# Prepara a chave RSA (Prioriza Secret, depois Var) # 3. Prepara a chave RSA
RSA_CONTENT="${{ secrets.RSA_PRIVATE_KEY_BASE64 || vars.RSA_PRIVATE_KEY_BASE64 }}" RSA_CONTENT="${{ secrets.RSA_PRIVATE_KEY_BASE64 || vars.RSA_PRIVATE_KEY_BASE64 }}"
if [ -n "$RSA_CONTENT" ]; then if [ -n "$RSA_CONTENT" ]; then
echo "$RSA_CONTENT" > /tmp/rsa_raw.txt echo "$RSA_CONTENT" > /tmp/rsa_raw.txt
@ -77,8 +77,7 @@ jobs:
fi fi
fi fi
# CRIAÇÃO DA SECRET USANDO DRY-RUN + APPLY (Evita deletar e falhar) # 4. Cria ou atualiza a backend-secrets (sem deletar antes para evitar downtime)
# O uso de quotes nas variáveis previne erros de shell
kubectl create secret generic backend-secrets -n ${{ env.NAMESPACE }} \ kubectl create secret generic backend-secrets -n ${{ env.NAMESPACE }} \
--from-literal=MTU="${{ vars.MTU }}" \ --from-literal=MTU="${{ vars.MTU }}" \
--from-literal=DATABASE_URL="${{ vars.DATABASE_URL }}" \ --from-literal=DATABASE_URL="${{ vars.DATABASE_URL }}" \
@ -104,13 +103,13 @@ jobs:
run: | run: |
kubectl apply -f k8s/dev/ -n ${{ env.NAMESPACE }} kubectl apply -f k8s/dev/ -n ${{ env.NAMESPACE }}
# Atualiza as imagens para o novo SHA # Atualiza as imagens nos deployments
kubectl -n ${{ env.NAMESPACE }} set image deployment/gohorse-backend-dev backend=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/gohorsejobs:${{ github.sha }} kubectl -n ${{ env.NAMESPACE }} set image deployment/gohorse-backend-dev backend=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/gohorsejobs:${{ github.sha }}
kubectl -n ${{ env.NAMESPACE }} set image deployment/gohorse-backoffice-dev backoffice=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/backoffice:${{ github.sha }} kubectl -n ${{ env.NAMESPACE }} set image deployment/gohorse-backoffice-dev backoffice=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/backoffice:${{ github.sha }}
# Reinicia para garantir leitura da nova Secret # Restart para garantir que novos pods peguem a Secret atualizada
kubectl -n ${{ env.NAMESPACE }} rollout restart deployment/gohorse-backend-dev kubectl -n ${{ env.NAMESPACE }} rollout restart deployment/gohorse-backend-dev
kubectl -n ${{ env.NAMESPACE }} rollout restart deployment/gohorse-backoffice-dev kubectl -n ${{ env.NAMESPACE }} rollout restart deployment/gohorse-backoffice-dev
# Status # Aguarda o backend ficar pronto
kubectl -n ${{ env.NAMESPACE }} rollout status deployment/gohorse-backend-dev --timeout=120s kubectl -n ${{ env.NAMESPACE }} rollout status deployment/gohorse-backend-dev --timeout=120s