name: Deploy Backend and Backoffice Dev on: workflow_dispatch: push: branches: - dev jobs: build-and-push: runs-on: docker-ready env: REGISTRY: pipe.gohorsejobs.com steps: - name: Install Dependencies run: | sed -i 's/dl-cdn.alpinelinux.org/mirror.leaseweb.com/g' /etc/apk/repositories apk add --no-cache git docker-cli nodejs - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 1 - name: Login to Forgejo Registry run: | # Usar o stdin evita que o token fique exposto nos logs e garante persistência no docker config echo "${{ secrets.FORGEJO_TOKEN }}" | docker login ${{ env.REGISTRY }} -u bohessefm --password-stdin - name: Build and Push Backend run: | cd backend # Build direto pelo Docker Engine (ignora bugs de sessão do Buildx/BuildKit) docker build --no-cache \ -t ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest \ -t ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} . echo "Iniciando push do Backend..." docker push ${{ env.REGISTRY }}/bohessefm/gohorsejobs:latest docker push ${{ env.REGISTRY }}/bohessefm/gohorsejobs:${{ github.sha }} - name: Build and Push Backoffice run: | cd backoffice docker build --no-cache \ -t ${{ env.REGISTRY }}/bohessefm/backoffice:latest \ -t ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} . echo "Iniciando push do Backoffice..." docker push ${{ env.REGISTRY }}/bohessefm/backoffice:latest docker push ${{ env.REGISTRY }}/bohessefm/backoffice:${{ github.sha }} deploy-to-k3s: needs: build-and-push runs-on: docker-ready defaults: run: shell: sh steps: - name: Install Tools (Git & Kubectl) run: | sed -i 's/dl-cdn.alpinelinux.org/mirror.leaseweb.com/g' /etc/apk/repositories apk add --no-cache git curl K8S_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt) curl -L -o /usr/local/bin/kubectl "https://dl.k8s.io/release/${K8S_VERSION}/bin/linux/amd64/kubectl" chmod +x /usr/local/bin/kubectl - name: Checkout code uses: actions/checkout@v4 - name: Deploy to K3s run: | mkdir -p $HOME/.kube echo "${{ secrets.KUBECONFIG }}" > $HOME/.kube/config chmod 600 $HOME/.kube/config export KUBECONFIG=$HOME/.kube/config kubectl create namespace gohorsejobsdev --dry-run=client -o yaml | kubectl apply -f - kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found kubectl -n gohorsejobsdev create secret generic backend-secrets \ --from-literal=MTU='${{ vars.MTU }}' \ --from-literal=AWS_REGION='${{ vars.AWS_REGION }}' \ --from-literal=AWS_ACCESS_KEY_ID='${{ vars.AWS_ACCESS_KEY_ID }}' \ --from-literal=AWS_SECRET_ACCESS_KEY='${{ vars.AWS_SECRET_ACCESS_KEY }}' \ --from-literal=AWS_ENDPOINT='${{ vars.AWS_ENDPOINT }}' \ --from-literal=S3_BUCKET='${{ vars.S3_BUCKET }}' \ --from-literal=JWT_SECRET='${{ vars.JWT_SECRET }}' \ --from-literal=JWT_EXPIRATION='${{ vars.JWT_EXPIRATION }}' \ --from-literal=PASSWORD_PEPPER='${{ vars.PASSWORD_PEPPER }}' \ --from-literal=COOKIE_SECRET='${{ vars.COOKIE_SECRET }}' \ --from-literal=COOKIE_DOMAIN='${{ vars.COOKIE_DOMAIN }}' \ --from-literal=BACKEND_PORT='${{ vars.BACKEND_PORT }}' \ --from-literal=BACKEND_HOST='${{ vars.BACKEND_HOST }}' \ --from-literal=ENV='${{ vars.ENV }}' \ --from-literal=CORS_ORIGINS='${{ vars.CORS_ORIGINS }}' \ --from-literal=AMQP_URL='${{ vars.AMQP_URL }}' \ --from-literal=DATABASE_URL='${{ vars.DATABASE_URL }}' kubectl -n gohorsejobsdev create secret docker-registry forgejo-registry \ --docker-server=pipe.gohorsejobs.com \ --docker-username=bohessefm \ --docker-password='${{ secrets.FORGEJO_TOKEN }}' \ --dry-run=client -o yaml | kubectl apply -f - kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "forgejo-registry"}]}' -n gohorsejobsdev kubectl apply -f k8s/dev/ -n gohorsejobsdev kubectl rollout restart deployment/gohorse-backend-dev -n gohorsejobsdev || true kubectl rollout restart deployment/gohorse-backoffice-dev -n gohorsejobsdev || true