From aaa31ae8042e79e8a341656f047e8e29b56eaa05 Mon Sep 17 00:00:00 2001 From: Marcus Date: Sat, 31 Jan 2026 12:31:54 -0300 Subject: [PATCH] ajustes --- .forgejo/workflows/deploy.yaml | 93 ++++++++++++---------------------- 1 file changed, 32 insertions(+), 61 deletions(-) diff --git a/.forgejo/workflows/deploy.yaml b/.forgejo/workflows/deploy.yaml index 179b377..4422de7 100644 --- a/.forgejo/workflows/deploy.yaml +++ b/.forgejo/workflows/deploy.yaml @@ -10,87 +10,57 @@ jobs: build-and-push: runs-on: docker-ready env: - DOCKER_API_VERSION: "1.43" REGISTRY: pipe.gohorsejobs.com - defaults: - run: - shell: sh steps: - name: Install Dependencies run: | sed -i 's/dl-cdn.alpinelinux.org/mirror.leaseweb.com/g' /etc/apk/repositories - apk add --no-cache git docker-cli docker-cli-buildx nodejs + apk add --no-cache git docker-cli docker-cli-buildx - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 1 - # --- BACKEND --- - - name: Build Backend + # Autenticação Definitiva (Gera o config.json da forma correta) + - name: Login to Forgejo Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: bohessefm + password: ${{ secrets.FORGEJO_TOKEN }} + + # Build e Push do Backend (O push: true aqui é muito mais estável que o comando manual) + - name: Build and Push Backend uses: docker/build-push-action@v5 with: context: ./backend file: ./backend/Dockerfile - load: true + push: true provenance: false - tags: ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} + tags: | + ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} + ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest - - name: Push Backend (Forced Auth) - run: | - docker tag ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest - - # Injeção 1: Push da Tag SHA - AUTH=$(echo -n "bohessefm:${{ secrets.FORGEJO_TOKEN }}" | base64 | tr -d '\n') - mkdir -p $HOME/.docker - echo "{\"auths\":{\"${{ env.REGISTRY }}\":{\"auth\":\"$AUTH\"}}}" > $HOME/.docker/config.json - docker push ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} - - sleep 2 - - # Injeção 2: Push da Tag Latest (Garante que não perdeu a sessão) - echo "{\"auths\":{\"${{ env.REGISTRY }}\":{\"auth\":\"$AUTH\"}}}" > $HOME/.docker/config.json - docker push ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest - - # --- BACKOFFICE --- - - name: Build Backoffice + # Build e Push do Backoffice + - name: Build and Push Backoffice uses: docker/build-push-action@v5 with: context: ./backoffice file: ./backoffice/Dockerfile - load: true + push: true provenance: false - tags: ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} - - - name: Push Backoffice (Forced Auth) - run: | - docker tag ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} ${{ env.REGISTRY }}/bohessefm/backoffice:latest - - # Injeção 3: Push da Tag SHA - AUTH=$(echo -n "bohessefm:${{ secrets.FORGEJO_TOKEN }}" | base64 | tr -d '\n') - mkdir -p $HOME/.docker - echo "{\"auths\":{\"${{ env.REGISTRY }}\":{\"auth\":\"$AUTH\"}}}" > $HOME/.docker/config.json - docker push ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} - - sleep 2 - - # Injeção 4: Push da Tag Latest - echo "{\"auths\":{\"${{ env.REGISTRY }}\":{\"auth\":\"$AUTH\"}}}" > $HOME/.docker/config.json - docker push ${{ env.REGISTRY }}/bohessefm/backoffice:latest + tags: | + ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} + ${{ env.REGISTRY }}/bohessefm/backoffice:latest deploy-to-k3s: needs: build-and-push runs-on: docker-ready - env: - REGISTRY: pipe.gohorsejobs.com - defaults: - run: - shell: sh steps: - - name: Install Tools (Git & Kubectl) + - name: Install Kubectl run: | - sed -i 's/dl-cdn.alpinelinux.org/mirror.leaseweb.com/g' /etc/apk/repositories - apk add --no-cache git curl + apk add --no-cache curl K8S_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt) curl -L -o /usr/local/bin/kubectl "https://dl.k8s.io/release/${K8S_VERSION}/bin/linux/amd64/kubectl" chmod +x /usr/local/bin/kubectl @@ -105,15 +75,17 @@ jobs: chmod 600 $HOME/.kube/config export KUBECONFIG=$HOME/.kube/config - # Ajuste Namespace e Secrets (Sintaxe robusta) + # Namespace kubectl create namespace gohorsejobsdev --dry-run=client -o yaml | kubectl apply -f - + # Registry Secret (Usando aspas duplas para evitar erro de parse) kubectl -n gohorsejobsdev delete secret forgejo-registry --ignore-not-found kubectl -n gohorsejobsdev create secret docker-registry forgejo-registry \ --docker-server="${{ env.REGISTRY }}" \ --docker-username="bohessefm" \ --docker-password="${{ secrets.FORGEJO_TOKEN }}" + # Backend Secrets kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found kubectl -n gohorsejobsdev create secret generic backend-secrets \ --from-literal=MTU="${{ vars.MTU }}" \ @@ -121,14 +93,13 @@ jobs: --from-literal=AMQP_URL="${{ vars.AMQP_URL }}" \ --from-literal=DATABASE_URL="${{ vars.DATABASE_URL }}" + # Aplicar Manifestos kubectl apply -f k8s/dev/ -n gohorsejobsdev - # Set image usando o SHA para garantir que baixe a nova - kubectl -n gohorsejobsdev set image deployment/gohorse-backend-dev backend=${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} - kubectl -n gohorsejobsdev set image deployment/gohorse-backoffice-dev backoffice=${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} + # Update Images com SHA para garantir o rollout + kubectl -n gohorsejobsdev set image deployment/gohorse-backend-dev backend=pipe.gohorsejobs.com/bohessefm/gohorsejobs:${{ github.sha }} + kubectl -n gohorsejobsdev set image deployment/gohorse-backoffice-dev backoffice=pipe.gohorsejobs.com/bohessefm/backoffice:${{ github.sha }} - # Force Restart + # Restart forçado kubectl delete pod -n gohorsejobsdev -l app=gohorse-backend-dev --force --grace-period=0 || true - kubectl delete pod -n gohorsejobsdev -l app=gohorse-backoffice-dev --force --grace-period=0 || true - - echo "Deploy finalizado com sucesso!" \ No newline at end of file + kubectl delete pod -n gohorsejobsdev -l app=gohorse-backoffice-dev --force --grace-period=0 || true \ No newline at end of file