ajuste no drone.yml

.drone.yml

@@ -2,24 +2,29 @@ kind: pipeline
 type: kubernetes
 name: deploy-backend
 
+# ---------------------------------------------
+# ETAPA 1 - BUILD E PUSH PARA O HARBOR (KANIKO)
+# ---------------------------------------------
 steps:
   - name: build-and-push-backend
     image: gcr.io/kaniko-project/executor:latest
+
     environment:
       DOCKER_CONFIG: /kaniko/.docker/
+
+      # IMPORTANTE: os secrets abaixo DEVEM existir no Infisical Prod
       HARBOR_USERNAME:
         from_secret: HARBOR_USERNAME
       HARBOR_PASSWORD:
         from_secret: HARBOR_PASSWORD
+
     volumes:
       - name: docker-config
         path: /kaniko/.docker
-    settings:
-      repo: in.gohorsejobs.com/gohorsejobs-backend
-      tags: latest
 
     commands:
       - echo "Configuring Kaniko auth…"
+
       - |
         cat <<EOF > /kaniko/.docker/config.json
         {
@@ -31,16 +36,25 @@ steps:
           }
         }
         EOF
-      - echo "Running Kaniko build..."
+
+      - echo "Running Kaniko build and push..."
       - /kaniko/executor \
           --context ./backend \
           --dockerfile ./backend/Dockerfile \
           --destination in.gohorsejobs.com/gohorsejobs-backend:latest \
-          --skip-tls-verify
+          --skip-tls-verify \
+          --insecure \
+          --insecure-pull
 
+# ---------------------------------------------
+# ETAPA 2 – DEPLOY NO K3S
+# ---------------------------------------------
   - name: deploy-backend
     image: bitnami/kubectl:latest
+
     environment:
+
+      # --- Secrets do K3s ---
       KUBERNETES_SERVER:
         from_secret: K3S_SERVER
       KUBERNETES_CA:
@@ -50,44 +64,31 @@ steps:
       KUBERNETES_CLIENT_KEY:
         from_secret: K3S_CLIENT_KEY
 
-      DB_HOST:
+      # --- Secrets da aplicação ---
-        from_secret: DB_HOST
+      DB_HOST: { from_secret: DB_HOST }
-      DB_PORT:
+      DB_PORT: { from_secret: DB_PORT }
-        from_secret: DB_PORT
+      DB_USER: { from_secret: DB_USER }
-      DB_USER:
+      DB_PASSWORD: { from_secret: DB_PASSWORD }
-        from_secret: DB_USER
+      DB_NAME: { from_secret: DB_NAME }
-      DB_PASSWORD:
+      DB_SSLMODE: { from_secret: DB_SSLMODE }
-        from_secret: DB_PASSWORD
-      DB_NAME:
-        from_secret: DB_NAME
-      DB_SSLMODE:
-        from_secret: DB_SSLMODE
 
-      AWS_REGION:
+      AWS_REGION: { from_secret: AWS_REGION }
-        from_secret: AWS_REGION
+      AWS_ACCESS_KEY_ID: { from_secret: AWS_ACCESS_KEY_ID }
-      AWS_ACCESS_KEY_ID:
+      AWS_SECRET_ACCESS_KEY: { from_secret: AWS_SECRET_ACCESS_KEY }
-        from_secret: AWS_ACCESS_KEY_ID
+      AWS_ENDPOINT: { from_secret: AWS_ENDPOINT }
-      AWS_SECRET_ACCESS_KEY:
+      S3_BUCKET: { from_secret: S3_BUCKET }
-        from_secret: AWS_SECRET_ACCESS_KEY
-      AWS_ENDPOINT:
-        from_secret: AWS_ENDPOINT
-      S3_BUCKET:
-        from_secret: S3_BUCKET
 
-      JWT_SECRET:
+      JWT_SECRET: { from_secret: JWT_SECRET }
-        from_secret: JWT_SECRET
+      ENV: { from_secret: ENV }
-      ENV:
+      CORS_ORIGINS: { from_secret: CORS_ORIGINS }
-        from_secret: ENV
+      MAX_UPLOAD_SIZE: { from_secret: MAX_UPLOAD_SIZE }
-      CORS_ORIGINS:
+      UPLOAD_DIR: { from_secret: UPLOAD_DIR }
-        from_secret: CORS_ORIGINS
-      MAX_UPLOAD_SIZE:
-        from_secret: MAX_UPLOAD_SIZE
-      UPLOAD_DIR:
-        from_secret: UPLOAD_DIR
 
     commands:
-      - echo "Configuring kubeconfig…"
+      - echo "Creating kubeconfig…"
+
       - mkdir -p ~/.kube
+
       - |
         cat <<EOF > ~/.kube/config
         apiVersion: v1
@@ -111,10 +112,13 @@ steps:
         current-context: drone-context
         EOF
 
-      - echo "Applying backend K8s manifests…"
+      - echo "Applying manifests..."
       - kubectl apply -f k8s/backend-deployment.yaml
       - kubectl apply -f k8s/backend-service.yaml
 
+# ---------------------------------------------
+# VOLUMES
+# ---------------------------------------------
 volumes:
   - name: docker-config
     emptyDir: {}