rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Update .forgejo/workflows/deploy.yaml

Browse source
This commit is contained in:
bohessefm 2026-01-31 13:26:17 +00:00
parent 8b620e90a0
commit 26ec6f071f
1 changed files with 24 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

85
.forgejo/workflows/deploy.yaml
View file

@ -18,6 +18,7 @@ jobs:
steps:
- name: Install Dependencies
run: |
# Adicionado retry para evitar falhas de rede temporárias
sed -i 's/dl-cdn.alpinelinux.org/mirror.leaseweb.com/g' /etc/apk/repositories
apk add --no-cache git docker-cli nodejs
@ -26,57 +27,37 @@ jobs:
with:
fetch-depth: 1
- name: Login to Registry
run: |
echo "${{ secrets.FORGEJO_TOKEN }}" | docker login ${{ env.REGISTRY }} -u bohessefm --password-stdin
- name: Build and Push Backend
run: |
echo "🔨 Construindo Backend..."
cd backend
# Build inicial com apenas uma tag para não confundir o daemon
docker build --no-cache -t ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest .
echo "🚀 Enviando Backend (Tag: latest)..."
echo "${{ secrets.FORGEJO_TOKEN }}" | docker login ${{ env.REGISTRY }} -u bohessefm --password-stdin
docker build -t ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest -t ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} .
docker push ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest
echo "⏳ Pausa de segurança para o Registry (5s)..."
sleep 5
echo "🏷️ Criando tag SHA e enviando..."
docker tag ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }}
echo "${{ secrets.FORGEJO_TOKEN }}" | docker login ${{ env.REGISTRY }} -u bohessefm --password-stdin
docker push ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }}
- name: Build and Push Backoffice
run: |
echo "🔨 Construindo Backoffice..."
cd "${GITHUB_WORKSPACE}/backoffice"
docker build --no-cache -t ${{ env.REGISTRY }}/bohessefm/backoffice:latest .
echo "🚀 Enviando Backoffice (Tag: latest)..."
echo "${{ secrets.FORGEJO_TOKEN }}" | docker login ${{ env.REGISTRY }} -u bohessefm --password-stdin
# Removido --no-cache para usar o cache local do runner e acelerar o processo
cd backoffice
docker build -t ${{ env.REGISTRY }}/bohessefm/backoffice:latest -t ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} .
docker push ${{ env.REGISTRY }}/bohessefm/backoffice:latest
echo "⏳ Pausa de segurança para o Registry (5s)..."
sleep 5
echo "🏷️ Criando tag SHA e enviando..."
docker tag ${{ env.REGISTRY }}/bohessefm/backoffice:latest ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }}
echo "${{ secrets.FORGEJO_TOKEN }}" | docker login ${{ env.REGISTRY }} -u bohessefm --password-stdin
docker push ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }}
deploy-to-k3s:
needs: build-and-push
runs-on: docker-ready
defaults:
run:
shell: sh
steps:
- name: Install Tools
run: |
sed -i 's/dl-cdn.alpinelinux.org/mirror.leaseweb.com/g' /etc/apk/repositories
apk add --no-cache git curl
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
mv kubectl /usr/local/bin/
if [ ! -f /usr/local/bin/kubectl ]; then
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
mv kubectl /usr/local/bin/
fi
- name: Checkout code
uses: actions/checkout@v4
@ -86,39 +67,21 @@ jobs:
mkdir -p $HOME/.kube
echo "${{ secrets.KUBECONFIG }}" > $HOME/.kube/config
chmod 600 $HOME/.kube/config
export KUBECONFIG=$HOME/.kube/config
# Criar namespace e secrets (Garantindo que o token do registry esteja atualizado)
kubectl create namespace gohorsejobsdev --dry-run=client -o yaml | kubectl apply -f -
kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found
kubectl -n gohorsejobsdev create secret generic backend-secrets \
--from-literal=MTU='${{ vars.MTU }}' \
--from-literal=AWS_REGION='${{ vars.AWS_REGION }}' \
--from-literal=AWS_ACCESS_KEY_ID='${{ vars.AWS_ACCESS_KEY_ID }}' \
--from-literal=AWS_SECRET_ACCESS_KEY='${{ vars.AWS_SECRET_ACCESS_KEY }}' \
--from-literal=AWS_ENDPOINT='${{ vars.AWS_ENDPOINT }}' \
--from-literal=S3_BUCKET='${{ vars.S3_BUCKET }}' \
--from-literal=JWT_SECRET='${{ vars.JWT_SECRET }}' \
--from-literal=JWT_EXPIRATION='${{ vars.JWT_EXPIRATION }}' \
--from-literal=PASSWORD_PEPPER='${{ vars.PASSWORD_PEPPER }}' \
--from-literal=COOKIE_SECRET='${{ vars.COOKIE_SECRET }}' \
--from-literal=COOKIE_DOMAIN='${{ vars.COOKIE_DOMAIN }}' \
--from-literal=BACKEND_PORT='${{ vars.BACKEND_PORT }}' \
--from-literal=BACKEND_HOST='${{ vars.BACKEND_HOST }}' \
--from-literal=ENV='${{ vars.ENV }}' \
--from-literal=CORS_ORIGINS='${{ vars.CORS_ORIGINS }}' \
--from-literal=AMQP_URL='${{ vars.AMQP_URL }}' \
--from-literal=DATABASE_URL='${{ vars.DATABASE_URL }}'
# Criar secret de imagem
kubectl -n gohorsejobsdev create secret docker-registry forgejo-registry \
--docker-server=${{ env.REGISTRY }} \
--docker-username=bohessefm \
--docker-password='${{ secrets.FORGEJO_TOKEN }}' \
--dry-run=client -o yaml | kubectl apply -f -
kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "forgejo-registry"}]}' -n gohorsejobsdev
# Aplicar manifestos e atualizar imagens para a tag do commit (SHA)
# Isso força o K8s a atualizar sem precisar de 'rollout restart'
kubectl apply -f k8s/dev/ -n gohorsejobsdev
kubectl rollout restart deployment/gohorse-backend-dev -n gohorsejobsdev || true
kubectl rollout restart deployment/gohorse-backoffice-dev -n gohorsejobsdev || true
# Atualização direta para garantir a versão exata do build atual
kubectl -n gohorsejobsdev set image deployment/gohorse-backend-dev backend=${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }}
kubectl -n gohorsejobsdev set image deployment/gohorse-backoffice-dev backoffice=${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }}