From 8bf0fcfe6e2ad669f4de99e3d1760528664f8d2f Mon Sep 17 00:00:00 2001
From: bohessefm <bohessefm@gmail.com>
Date: Fri, 30 Jan 2026 22:34:01 +0000
Subject: [PATCH] Update .forgejo/workflows/deploy.yaml

---
 .forgejo/workflows/deploy.yaml | 49 ++++++++++++++++++----------------
 1 file changed, 26 insertions(+), 23 deletions(-)

diff --git a/.forgejo/workflows/deploy.yaml b/.forgejo/workflows/deploy.yaml
index a7bc36c..6da4dd8 100644
--- a/.forgejo/workflows/deploy.yaml
+++ b/.forgejo/workflows/deploy.yaml
@@ -1,5 +1,5 @@
 name: Deploy Backend and Backoffice Dev
-#forgejo
+
 on:
   workflow_dispatch:
   push:
@@ -11,6 +11,7 @@ jobs:
     runs-on: docker-ready 
     env:
       DOCKER_API_VERSION: "1.43"
+      REGISTRY: pipe.gohorsejobs.com
     defaults:
       run:
         shell: sh
@@ -25,18 +26,16 @@ jobs:
         with:
           fetch-depth: 1 
 
+      - name: Login to Forgejo Registry
+        run: |
+          echo "${{ secrets.FORGEJO_TOKEN }}" | docker login ${{ env.REGISTRY }} -u bohessefm --password-stdin
+
       - name: Set up Docker Buildx
         run: |
-          docker buildx create --use --driver docker-container --name local-builder || docker buildx use local-builder
+          # Usando o driver default para evitar isolamento de rede do buildkit em modo container
+          docker buildx create --use --driver docker --name local-builder || docker buildx use local-builder
           docker buildx inspect --bootstrap                    
 
-      - name: Login to Forgejo Registry
-        uses: docker/login-action@v3
-        with:
-          registry: pipe.gohorsejobs.com
-          username: bohessefm
-          password: ${{ secrets.FORGEJO_TOKEN }}
-
       - name: Build and Push Backend
         uses: docker/build-push-action@v5
         with:
@@ -45,8 +44,8 @@ jobs:
           push: true
           provenance: false
           tags: |
-            pipe.gohorsejobs.com/bohessefm/gohorsejobs:latest
-            pipe.gohorsejobs.com/bohessefm/gohorsejobs:${{ github.sha }}                        
+            ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest
+            ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }}                        
 
       - name: Build and Push Backoffice
         uses: docker/build-push-action@v5
@@ -56,8 +55,8 @@ jobs:
           push: true
           provenance: false
           tags: |
-            pipe.gohorsejobs.com/bohessefm/backoffice:latest
-            pipe.gohorsejobs.com/bohessefm/backoffice:${{ github.sha }}                        
+            ${{ env.REGISTRY }}/bohessefm/backoffice:latest
+            ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }}                        
 
   deploy-to-k3s:
     needs: build-and-push
@@ -79,17 +78,18 @@ jobs:
 
       - name: Deploy to K3s
         run: |
-          # 1. Preparação do ambiente 
           mkdir -p $HOME/.kube
           echo "${{ secrets.KUBECONFIG }}" > $HOME/.kube/config
           chmod 600 $HOME/.kube/config
           export KUBECONFIG=$HOME/.kube/config
 
-          # 2. Testa conexão rápida
           echo "Testando conexão com o cluster..."
           kubectl cluster-info || { echo "ERRO: Falha na conexão com o cluster!"; exit 1; }
 
-          # 3. Gerencia os Secrets de Variáveis
+          # Criar namespace se não existir
+          kubectl create namespace gohorsejobsdev --dry-run=client -o yaml | kubectl apply -f -
+
+          # Gerencia os Secrets de Variáveis
           kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found
           kubectl -n gohorsejobsdev create secret generic backend-secrets \
             --from-literal=MTU='${{ vars.MTU }}' \
@@ -110,19 +110,22 @@ jobs:
             --from-literal=AMQP_URL='${{ vars.AMQP_URL }}' \
             --from-literal=DATABASE_URL='${{ vars.DATABASE_URL }}'
 
-          # 4. Gerencia o Secret de Autenticação da Imagem (Resolve ErrImagePull)
+          # Gerencia o Secret de Autenticação da Imagem
           kubectl -n gohorsejobsdev create secret docker-registry forgejo-registry \
             --docker-server=pipe.gohorsejobs.com \
             --docker-username=bohessefm \
             --docker-password='${{ secrets.FORGEJO_TOKEN }}' \
             --dry-run=client -o yaml | kubectl apply -f -
 
-          # 5. Aplica os Manifestos
+          # Patch para garantir que o serviceaccount use o secret de pull
+          kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "forgejo-registry"}]}' -n gohorsejobsdev
+
+          # Aplica os Manifestos
           kubectl apply -f k8s/dev/ -n gohorsejobsdev
 
-          # 6. Restart Forçado
-          echo "Reiniciando pods para aplicar novas variáveis e imagens..."
-          kubectl delete pod -n gohorsejobsdev -l app=gohorse-backend-dev --force --grace-period=0
-          kubectl delete pod -n gohorsejobsdev -l app=gohorse-backoffice-dev --force --grace-period=0
-
+          # Rollout status em vez de delete pod (mais seguro)
+          echo "Aguardando atualização dos deployments..."
+          kubectl rollout restart deployment/gohorse-backend-dev -n gohorsejobsdev
+          kubectl rollout restart deployment/gohorse-backoffice-dev -n gohorsejobsdev
+          
           echo "Deploy finalizado!"
\ No newline at end of file