rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ci: configura deploy automatico para k3s via forgejo

Browse source
This commit is contained in:
Marcus 2026-01-23 14:37:18 -03:00
parent baf4f68ed0
commit a437e6d56d
3 changed files with 90 additions and 87 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

156
.forgejo/workflows/deploy.yaml
View file

@ -1,91 +1,95 @@
name: Deploy Stack (Dev) name: Deploy Backend and Backoffice Dev
on: on:
workflow_dispatch:
push: push:
branches: branches:
- dev - dev
paths:
- 'backend/**'
- 'backoffice/**'
- 'frontend/**'
env:
REGISTRY: forgejo-gru.rede5.com.br
NAMESPACE: rede5
jobs: jobs:
# Job: Deploy no Servidor (Pull das imagens do Forgejo) build-and-push:
deploy-dev:
runs-on: docker runs-on: docker
steps: steps:
- name: Checkout code - name: Checkout code
uses: https://github.com/actions/checkout@v4 uses: actions/checkout@v4
with:
fetch-depth: 2
- name: Check changed files - name: Set up Docker Buildx
id: check uses: docker/setup-buildx-action@v3
- name: Login to Forgejo Registry
uses: docker/login-action@v3
with:
registry: pipe.gohorsejobs.com
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Push Backend
uses: docker/build-push-action@v5
with:
context: ./backend
file: ./backend/Dockerfile
push: true
tags: |
pipe.gohorsejobs.com/bohessefm/gohorsejobs:latest
pipe.gohorsejobs.com/bohessefm/gohorsejobs:${{ github.sha }}
build-args: |
MTU=${{ vars.MTU }}
- name: Build and Push Backoffice
uses: docker/build-push-action@v5
with:
context: ./backoffice
file: ./backoffice/Dockerfile
push: true
tags: |
pipe.gohorsejobs.com/bohessefm/backoffice:latest
pipe.gohorsejobs.com/bohessefm/backoffice:${{ github.sha }}
build-args: |
MTU=${{ vars.MTU }}
deploy-to-k3s:
needs: build-and-push
runs-on: docker
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Kubectl
uses: azure/k8s-set-context@v3
with:
method: kubeconfig
kubeconfig: ${{ secrets.KUBECONFIG }}
- name: Update Kubernetes Secrets
run: | run: |
if git diff --name-only HEAD~1 HEAD | grep -q "^backend/"; then cat <<EOF > .env.k8s
echo "backend=true" >> $GITHUB_OUTPUT MTU=${{ vars.MTU }}
else DATABASE_URL=${{ vars.DATABASE_URL }}
echo "backend=false" >> $GITHUB_OUTPUT AWS_REGION=${{ vars.AWS_REGION }}
fi AWS_ACCESS_KEY_ID=${{ vars.AWS_ACCESS_KEY_ID }}
if git diff --name-only HEAD~1 HEAD | grep -q "^frontend/"; then AWS_SECRET_ACCESS_KEY=${{ vars.AWS_SECRET_ACCESS_KEY }}
echo "frontend=true" >> $GITHUB_OUTPUT AWS_ENDPOINT=${{ vars.AWS_ENDPOINT }}
else S3_BUCKET=${{ vars.S3_BUCKET }}
echo "frontend=false" >> $GITHUB_OUTPUT JWT_SECRET=${{ vars.JWT_SECRET }}
fi JWT_EXPIRATION=${{ vars.JWT_EXPIRATION }}
if git diff --name-only HEAD~1 HEAD | grep -q "^backoffice/"; then PASSWORD_PEPPER=${{ vars.PASSWORD_PEPPER }}
echo "backoffice=true" >> $GITHUB_OUTPUT COOKIE_SECRET=${{ vars.COOKIE_SECRET }}
else COOKIE_DOMAIN=${{ vars.COOKIE_DOMAIN }}
echo "backoffice=false" >> $GITHUB_OUTPUT BACKEND_PORT=${{ vars.BACKEND_PORT }}
fi BACKEND_HOST=${{ vars.BACKEND_HOST }}
if git diff --name-only HEAD~1 HEAD | grep -q "^seeder-api/"; then CORS_ORIGINS=${{ vars.CORS_ORIGINS }}
echo "seeder=true" >> $GITHUB_OUTPUT AMQP_URL=${{ vars.AMQP_URL }}
else ENV=${{ vars.ENV }}
echo "seeder=false" >> $GITHUB_OUTPUT EOF
fi
- name: Deploy via SSH kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found
uses: https://github.com/appleboy/ssh-action@v1.0.3 kubectl -n gohorsejobsdev create secret generic backend-secrets --from-env-file=.env.k8s
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.SSH_KEY }}
port: ${{ secrets.PORT || 22 }}
script: |
# Login no Forgejo Registry
echo "${{ secrets.FORGEJO_PASSWORD }}" | podman login ${{ env.REGISTRY }} -u ${{ secrets.FORGEJO_USERNAME }} --password-stdin
# --- DEPLOY DO BACKEND --- - name: Apply K8s Manifests
if [ "${{ steps.check.outputs.backend }}" == "true" ]; then run: |
echo "Pulling e reiniciando Backend..." # 1. Aplica os manifestos da pasta dev
podman pull ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/gohorsejobs-backend:latest kubectl apply -f k8s/dev/ -n gohorsejobsdev
sudo systemctl restart gohorsejobs-backend-dev
fi
# --- DEPLOY DO FRONTEND --- # 2. Força o Kubernetes a usar as novas imagens do Forgejo
if [ "${{ steps.check.outputs.frontend }}" == "true" ]; then kubectl -n gohorsejobsdev rollout restart deployment gohorse-backend-dev
echo "Pulling e reiniciando Frontend..." kubectl -n gohorsejobsdev rollout restart deployment gohorse-backoffice-dev
podman pull ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/gohorsejobs-frontend:latest
sudo systemctl restart gohorsejobs-frontend-dev
fi
# --- DEPLOY DO BACKOFFICE ---
if [ "${{ steps.check.outputs.backoffice }}" == "true" ]; then
echo "Pulling e reiniciando Backoffice..."
podman pull ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/gohorsejobs-backoffice:latest
sudo systemctl restart gohorsejobs-backoffice-dev
fi
# --- DEPLOY DO SEEDER ---
if [ "${{ steps.check.outputs.seeder }}" == "true" ]; then
echo "Pulling e reiniciando Seeder..."
podman pull ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/gohorsejobs-seeder:latest
sudo systemctl restart gohorsejobs-seeder-dev
fi
# --- LIMPEZA ---
echo "Limpando imagens antigas..."
podman image prune -f || true

8
k8s/dev/backend-deployment-dev.yaml
View file

@ -15,8 +15,7 @@ spec:
env: development env: development
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-registry - name: forgejo-registry # <--- ALTERADO
# --- INÍCIO DA CORREÇÃO DE REDE ---
initContainers: initContainers:
- name: set-mtu - name: set-mtu
image: busybox image: busybox
@ -29,17 +28,16 @@ spec:
key: MTU key: MTU
securityContext: securityContext:
privileged: true privileged: true
# --- FIM DA CORREÇÃO DE REDE ---
containers: containers:
- name: backend - name: backend
image: in.gohorsejobs.com/gohorsejobsdev/gohorsejobs-backend:latest # A imagem exata do seu Forgejo
image: pipe.gohorsejobs.com/bohessefm/gohorsejobs:latest
imagePullPolicy: Always imagePullPolicy: Always
ports: ports:
- containerPort: 8521 - containerPort: 8521
envFrom: envFrom:
- secretRef: - secretRef:
name: backend-secrets name: backend-secrets
# Adicionando a variável explicitamente também no container principal se precisar
env: env:
- name: MTU - name: MTU
valueFrom: valueFrom:

7
k8s/dev/backoffice-deployment-dev.yaml
View file

@ -15,7 +15,7 @@ spec:
env: development env: development
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-registry - name: forgejo-registry # <--- ALTERADO para o novo segredo
# --- AJUSTE DE REDE (MTU) --- # --- AJUSTE DE REDE (MTU) ---
initContainers: initContainers:
- name: set-mtu - name: set-mtu
@ -32,14 +32,15 @@ spec:
# --- FIM DO AJUSTE --- # --- FIM DO AJUSTE ---
containers: containers:
- name: backoffice - name: backoffice
image: in.gohorsejobs.com/gohorsejobs-backoffice-dev/backoffice:latest # A imagem exata do backoffice no seu Forgejo
image: pipe.gohorsejobs.com/bohessefm/backoffice:latest
imagePullPolicy: Always imagePullPolicy: Always
ports: ports:
- containerPort: 3001 - containerPort: 3001
env: env:
- name: NODE_TLS_REJECT_UNAUTHORIZED - name: NODE_TLS_REJECT_UNAUTHORIZED
value: "0" value: "0"
- name: MTU # Passando a variável para o container principal também - name: MTU
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: backend-secrets name: backend-secrets