From e238da06494da6984bd7576034d74e7b0c0e4db5 Mon Sep 17 00:00:00 2001 From: Tiago Yamamoto Date: Wed, 18 Feb 2026 13:00:36 -0600 Subject: [PATCH] docs: add CI/CD pipeline details, credentials reference, and webhook config - Document Forgejo Actions pipeline (build-and-push OK, deploy FAIL due to K3s) - Add credentials/tokens reference table (~/.ssh/ files) - Document GitHub webhooks for Coolify auto-deploy - Update CI/CD flow diagram with Forgejo Actions runner Co-Authored-By: Claude Opus 4.6 --- docs/DEVOPS.md | 82 ++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 80 insertions(+), 2 deletions(-) diff --git a/docs/DEVOPS.md b/docs/DEVOPS.md index 1b4e8ac..80a74b6 100644 --- a/docs/DEVOPS.md +++ b/docs/DEVOPS.md @@ -376,12 +376,90 @@ graph LR GH --> |"webhook"| Coolify["Coolify\n(redbull)"] Coolify --> |"build & deploy"| Redbull["Redbull VPS"] - Dev --> |"podman build"| Registry["Forgejo Registry\nforgejo-gru.rede5.com.br"] - Registry --> |"podman pull"| Apolo["Apolo VPS"] + FJ --> |"Forgejo Actions"| Runner["Self-hosted Runner\n(K3s)"] + Runner --> |"build & push"| Registry["Forgejo Registry\npipe.gohorsejobs.com"] + Runner --> |"kubectl apply"| K3s["K3s Cluster"] + + Dev --> |"podman build"| RegistryGRU["Forgejo Registry\nforgejo-gru.rede5.com.br"] + RegistryGRU --> |"podman pull"| Apolo["Apolo VPS"] ``` --- +## 🔄 Forgejo CI/CD Pipeline (pipe.gohorsejobs.com) + +O pipeline roda automaticamente via Forgejo Actions a cada push na branch `dev`. + +### Workflow: `.forgejo/workflows/deploy.yaml` + +| Job | Descricao | Status Atual | +|-----|-----------|-------------| +| **build-and-push** | Build Docker images (backend + backoffice), push to registry | OK | +| **deploy** | Deploy ao K3s via kubectl (requer KUBE_CONFIG secret) | FAIL | + +### Pipeline Steps + +1. **build-and-push** (OK): + - Checkout code + - Docker login no registry `pipe.gohorsejobs.com` + - Build & push backend: `pipe.gohorsejobs.com/bohessefm/gohorsejobs:latest` + - Build & push backoffice: `pipe.gohorsejobs.com/bohessefm/backoffice:latest` + +2. **deploy** (FAIL - K3s nao configurado): + - Install kubectl + - Configure kubeconfig (via `secrets.KUBE_CONFIG`) + - Sync secrets e vars ao namespace `gohorsejobsdev` + - `kubectl apply -f k8s/dev/` + - Set image com SHA do commit + - Rollout restart deployments + +> **Nota:** O job deploy falha porque o K3s/kubeconfig ainda nao esta configurado. O build das imagens funciona normalmente. + +### Forgejo API + +```bash +# Token location: ~/.ssh/forgejo-token +FORGEJO_TOKEN="03d23c54672519c8473bd9c46ae7820b13c8b287" + +# Listar runs do pipeline +curl -s -H "Authorization: token $FORGEJO_TOKEN" \ + "https://pipe.gohorsejobs.com/api/v1/repos/bohessefm/gohorsejobs/actions/tasks?limit=5" + +# Listar repositorios +curl -s -H "Authorization: token $FORGEJO_TOKEN" \ + "https://pipe.gohorsejobs.com/api/v1/user/repos" +``` + +### GitHub Webhooks (Auto-deploy Coolify) + +Webhooks configurados no GitHub apontando para o Coolify: + +| App | Webhook URL | +|-----|-------------| +| Backend | `https://redbull.rede5.com.br/webhooks/source/github/events/manual?uuid=iw4sow8s0kkg4cccsk08gsoo&secret=...` | +| Frontend | `https://redbull.rede5.com.br/webhooks/source/github/events/manual?uuid=ao8g40scws0w4cgo8coc8o40&secret=...` | +| Backoffice | `https://redbull.rede5.com.br/webhooks/source/github/events/manual?uuid=hg48wkw4wggwsswcwc8sooo4&secret=...` | +| Seeder | `https://redbull.rede5.com.br/webhooks/source/github/events/manual?uuid=q4w48gos8cgssso00o8w8gck&secret=...` | + +--- + +## 🔑 Credenciais e Tokens (Referencias) + +Todos os tokens estao armazenados em `~/.ssh/`: + +| Arquivo | Servico | Uso | +|---------|---------|-----| +| `~/.ssh/coolify-redbull-token` | Coolify API | Deploy e gerenciamento de apps | +| `~/.ssh/forgejo-token` | Forgejo API (pipe) | CI/CD, webhooks, repos | +| `~/.ssh/github-token` | GitHub API | Webhooks, repos | +| `~/.ssh/cloudflare-token` | Cloudflare API | DNS, cache | +| `~/.ssh/absam-token` | Absam Cloud API | VPS management | +| `~/.ssh/forgejo-gohorsejobs` | SSH Key | Forgejo Git operations | +| `~/.ssh/civo` | SSH Key | Acesso VPS Redbull | +| `~/.ssh/github` | SSH Key | GitHub Git operations | + +--- + ## 💾 Storage & Persistence (`/mnt/data`) All persistent data and configuration files are stored in `/mnt/data` on the host.