diff --git a/.forgejo/workflows/deploy.yaml b/.forgejo/workflows/deploy.yaml index 0206dd3..9b5a612 100644 --- a/.forgejo/workflows/deploy.yaml +++ b/.forgejo/workflows/deploy.yaml @@ -39,10 +39,8 @@ jobs: # Push do Backend com Injeção Manual de Auth - name: Push Backend Tags run: | - # Gera o Auth em Base64 (estilo Kubernetes) AUTH=$(echo -n "bohessefm:${{ secrets.FORGEJO_TOKEN }}" | base64 | tr -d '\n') mkdir -p $HOME/.docker - # Escreve o config.json na força bruta echo "{\"auths\":{\"${{ env.REGISTRY }}\":{\"auth\":\"$AUTH\"}}}" > $HOME/.docker/config.json docker tag ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest @@ -60,10 +58,9 @@ jobs: provenance: false tags: ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} - # Push do Backoffice com Injeção Manual de Auth (Blindado contra 401) + # Push do Backoffice com Injeção Manual de Auth - name: Push Backoffice Tags run: | - # Garante que o diretório existe e o arquivo está atualizado AUTH=$(echo -n "bohessefm:${{ secrets.FORGEJO_TOKEN }}" | base64 | tr -d '\n') mkdir -p $HOME/.docker echo "{\"auths\":{\"${{ env.REGISTRY }}\":{\"auth\":\"$AUTH\"}}}" > $HOME/.docker/config.json @@ -76,6 +73,8 @@ jobs: deploy-to-k3s: needs: build-and-push runs-on: docker-ready + env: + REGISTRY: pipe.gohorsejobs.com defaults: run: shell: sh @@ -98,28 +97,38 @@ jobs: chmod 600 $HOME/.kube/config export KUBECONFIG=$HOME/.kube/config + # 1. Namespace (Garante a existência sem erro de anotação) kubectl create namespace gohorsejobsdev --dry-run=client -o yaml | kubectl apply -f - - # O segredo que o K3s usa é exatamente o que injetamos no Docker acima + # 2. IMAGE PULL SECRET (Recria para garantir que o Token está certo) + kubectl -n gohorsejobsdev delete secret forgejo-registry --ignore-not-found kubectl -n gohorsejobsdev create secret docker-registry forgejo-registry \ - --docker-server=${{ env.REGISTRY }} \ - --docker-username=bohessefm \ - --docker-password='${{ secrets.FORGEJO_TOKEN }}' \ - --dry-run=client -o yaml | kubectl apply -f - + --docker-server="${{ env.REGISTRY }}" \ + --docker-username="bohessefm" \ + --docker-password="${{ secrets.FORGEJO_TOKEN }}" + # 3. Secrets de Variáveis kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found kubectl -n gohorsejobsdev create secret generic backend-secrets \ - --from-literal=MTU='${{ vars.MTU }}' \ - --from-literal=JWT_SECRET='${{ vars.JWT_SECRET }}' \ - --from-literal=AMQP_URL='${{ vars.AMQP_URL }}' \ - --from-literal=DATABASE_URL='${{ vars.DATABASE_URL }}' + --from-literal=MTU="${{ vars.MTU }}" \ + --from-literal=JWT_SECRET="${{ vars.JWT_SECRET }}" \ + --from-literal=AMQP_URL="${{ vars.AMQP_URL }}" \ + --from-literal=DATABASE_URL="${{ vars.DATABASE_URL }}" - kubectl apply -f k8s/dev/ -n gohorsejobsdev + # 4. Aplica os Manifestos + if [ -d "k8s/dev" ]; then + kubectl apply -f k8s/dev/ -n gohorsejobsdev + else + echo "Erro: Diretorio k8s/dev nao encontrado!" + exit 1 + fi + # 5. Atualiza a imagem para a nova tag SHA kubectl -n gohorsejobsdev set image deployment/gohorse-backend-dev backend=${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} kubectl -n gohorsejobsdev set image deployment/gohorse-backoffice-dev backoffice=${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} - kubectl delete pod -n gohorsejobsdev -l app=gohorse-backend-dev --force --grace-period=0 - kubectl delete pod -n gohorsejobsdev -l app=gohorse-backoffice-dev --force --grace-period=0 + # 6. Restart Forçado (Cleanup de pods antigos) + kubectl delete pod -n gohorsejobsdev -l app=gohorse-backend-dev --force --grace-period=0 || true + kubectl delete pod -n gohorsejobsdev -l app=gohorse-backoffice-dev --force --grace-period=0 || true echo "Deploy finalizado com sucesso!" \ No newline at end of file