rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

ci: configura deploy automatico para k3s via forgejo

Browse source
This commit is contained in:
Marcus 2026-01-23 14:37:18 -03:00
parent baf4f68ed0
commit a437e6d56d
3 changed files with 90 additions and 87 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

158
.forgejo/workflows/deploy.yaml
View file

@ -1,91 +1,95 @@
name: Deploy Stack (Dev)
name: Deploy Backend and Backoffice Dev
on:
workflow_dispatch:
push:
branches:
- dev
paths:
- 'backend/**'
- 'backoffice/**'
- 'frontend/**'
env:
REGISTRY: forgejo-gru.rede5.com.br
NAMESPACE: rede5
jobs:
# Job: Deploy no Servidor (Pull das imagens do Forgejo)
deploy-dev:
build-and-push:
runs-on: docker
steps:
- name: Checkout code
uses: https://github.com/actions/checkout@v4
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Forgejo Registry
uses: docker/login-action@v3
with:
fetch-depth: 2
- name: Check changed files
id: check
registry: pipe.gohorsejobs.com
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Push Backend
uses: docker/build-push-action@v5
with:
context: ./backend
file: ./backend/Dockerfile
push: true
tags: |
pipe.gohorsejobs.com/bohessefm/gohorsejobs:latest
pipe.gohorsejobs.com/bohessefm/gohorsejobs:${{ github.sha }}
build-args: |
MTU=${{ vars.MTU }}
- name: Build and Push Backoffice
uses: docker/build-push-action@v5
with:
context: ./backoffice
file: ./backoffice/Dockerfile
push: true
tags: |
pipe.gohorsejobs.com/bohessefm/backoffice:latest
pipe.gohorsejobs.com/bohessefm/backoffice:${{ github.sha }}
build-args: |
MTU=${{ vars.MTU }}
deploy-to-k3s:
needs: build-and-push
runs-on: docker
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Kubectl
uses: azure/k8s-set-context@v3
with:
method: kubeconfig
kubeconfig: ${{ secrets.KUBECONFIG }}
- name: Update Kubernetes Secrets
run: |
if git diff --name-only HEAD~1 HEAD | grep -q "^backend/"; then
echo "backend=true" >> $GITHUB_OUTPUT
else
echo "backend=false" >> $GITHUB_OUTPUT
fi
if git diff --name-only HEAD~1 HEAD | grep -q "^frontend/"; then
echo "frontend=true" >> $GITHUB_OUTPUT
else
echo "frontend=false" >> $GITHUB_OUTPUT
fi
if git diff --name-only HEAD~1 HEAD | grep -q "^backoffice/"; then
echo "backoffice=true" >> $GITHUB_OUTPUT
else
echo "backoffice=false" >> $GITHUB_OUTPUT
fi
if git diff --name-only HEAD~1 HEAD | grep -q "^seeder-api/"; then
echo "seeder=true" >> $GITHUB_OUTPUT
else
echo "seeder=false" >> $GITHUB_OUTPUT
fi
cat <<EOF > .env.k8s
MTU=${{ vars.MTU }}
DATABASE_URL=${{ vars.DATABASE_URL }}
AWS_REGION=${{ vars.AWS_REGION }}
AWS_ACCESS_KEY_ID=${{ vars.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY=${{ vars.AWS_SECRET_ACCESS_KEY }}
AWS_ENDPOINT=${{ vars.AWS_ENDPOINT }}
S3_BUCKET=${{ vars.S3_BUCKET }}
JWT_SECRET=${{ vars.JWT_SECRET }}
JWT_EXPIRATION=${{ vars.JWT_EXPIRATION }}
PASSWORD_PEPPER=${{ vars.PASSWORD_PEPPER }}
COOKIE_SECRET=${{ vars.COOKIE_SECRET }}
COOKIE_DOMAIN=${{ vars.COOKIE_DOMAIN }}
BACKEND_PORT=${{ vars.BACKEND_PORT }}
BACKEND_HOST=${{ vars.BACKEND_HOST }}
CORS_ORIGINS=${{ vars.CORS_ORIGINS }}
AMQP_URL=${{ vars.AMQP_URL }}
ENV=${{ vars.ENV }}
EOF
- name: Deploy via SSH
uses: https://github.com/appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.SSH_KEY }}
port: ${{ secrets.PORT || 22 }}
script: |
# Login no Forgejo Registry
echo "${{ secrets.FORGEJO_PASSWORD }}" | podman login ${{ env.REGISTRY }} -u ${{ secrets.FORGEJO_USERNAME }} --password-stdin
kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found
kubectl -n gohorsejobsdev create secret generic backend-secrets --from-env-file=.env.k8s
# --- DEPLOY DO BACKEND ---
if [ "${{ steps.check.outputs.backend }}" == "true" ]; then
echo "Pulling e reiniciando Backend..."
podman pull ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/gohorsejobs-backend:latest
sudo systemctl restart gohorsejobs-backend-dev
fi
# --- DEPLOY DO FRONTEND ---
if [ "${{ steps.check.outputs.frontend }}" == "true" ]; then
echo "Pulling e reiniciando Frontend..."
podman pull ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/gohorsejobs-frontend:latest
sudo systemctl restart gohorsejobs-frontend-dev
fi
# --- DEPLOY DO BACKOFFICE ---
if [ "${{ steps.check.outputs.backoffice }}" == "true" ]; then
echo "Pulling e reiniciando Backoffice..."
podman pull ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/gohorsejobs-backoffice:latest
sudo systemctl restart gohorsejobs-backoffice-dev
fi
# --- DEPLOY DO SEEDER ---
if [ "${{ steps.check.outputs.seeder }}" == "true" ]; then
echo "Pulling e reiniciando Seeder..."
podman pull ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/gohorsejobs-seeder:latest
sudo systemctl restart gohorsejobs-seeder-dev
fi
# --- LIMPEZA ---
echo "Limpando imagens antigas..."
podman image prune -f || true
- name: Apply K8s Manifests
run: |
# 1. Aplica os manifestos da pasta dev
kubectl apply -f k8s/dev/ -n gohorsejobsdev
# 2. Força o Kubernetes a usar as novas imagens do Forgejo
kubectl -n gohorsejobsdev rollout restart deployment gohorse-backend-dev
kubectl -n gohorsejobsdev rollout restart deployment gohorse-backoffice-dev

10
k8s/dev/backend-deployment-dev.yaml
View file

@ -15,8 +15,7 @@ spec:
env: development
spec:
imagePullSecrets:
- name: harbor-registry
# --- INÍCIO DA CORREÇÃO DE REDE ---
- name: forgejo-registry # <--- ALTERADO
initContainers:
- name: set-mtu
image: busybox
@ -29,17 +28,16 @@ spec:
key: MTU
securityContext:
privileged: true
# --- FIM DA CORREÇÃO DE REDE ---
containers:
- name: backend
image: in.gohorsejobs.com/gohorsejobsdev/gohorsejobs-backend:latest
# A imagem exata do seu Forgejo
image: pipe.gohorsejobs.com/bohessefm/gohorsejobs:latest
imagePullPolicy: Always
ports:
- containerPort: 8521
envFrom:
- secretRef:
name: backend-secrets
# Adicionando a variável explicitamente também no container principal se precisar
env:
- name: MTU
valueFrom:
@ -64,4 +62,4 @@ spec:
path: /health
port: 8521
initialDelaySeconds: 5
periodSeconds: 10
periodSeconds: 10

9
k8s/dev/backoffice-deployment-dev.yaml
View file

@ -15,7 +15,7 @@ spec:
env: development
spec:
imagePullSecrets:
- name: harbor-registry
- name: forgejo-registry # <--- ALTERADO para o novo segredo
# --- AJUSTE DE REDE (MTU) ---
initContainers:
- name: set-mtu
@ -32,14 +32,15 @@ spec:
# --- FIM DO AJUSTE ---
containers:
- name: backoffice
image: in.gohorsejobs.com/gohorsejobs-backoffice-dev/backoffice:latest
# A imagem exata do backoffice no seu Forgejo
image: pipe.gohorsejobs.com/bohessefm/backoffice:latest
imagePullPolicy: Always
ports:
- containerPort: 3001
env:
- name: NODE_TLS_REJECT_UNAUTHORIZED
value: "0"
- name: MTU # Passando a variável para o container principal também
- name: MTU
valueFrom:
secretKeyRef:
name: backend-secrets
@ -53,4 +54,4 @@ spec:
cpu: "300m"
limits:
memory: "2Gi"
cpu: "800m"
cpu: "800m"