name: Deploy Backend and Backoffice Dev on: workflow_dispatch: push: branches: - dev jobs: build-and-push: runs-on: docker-ready env: DOCKER_API_VERSION: "1.43" defaults: run: shell: sh steps: - name: Install Dependencies run: | # Troca para um mirror mais robusto antes de instalar sed -i 's/dl-cdn.alpinelinux.org/mirror.leaseweb.com/g' /etc/apk/repositories apk add --no-cache --update git docker-cli docker-cli-buildx nodejs - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 1 - name: Set up Docker Buildx (Deep Clean) run: | # Limpeza total para evitar conflitos de blobs e 401 Unauthorized docker buildx rm local-builder || true docker builder prune -a -f docker buildx create --use --driver docker-container --name local-builder \ --driver-opt network=host \ --driver-opt image=moby/buildkit:master docker buildx inspect --bootstrap - name: Login to Forgejo Registry uses: docker/login-action@v3 with: registry: pipe.gohorsejobs.com username: bohessefm password: ${{ secrets.FORGEJO_TOKEN }} - name: Build and Push Backend uses: docker/build-push-action@v5 with: context: ./backend file: ./backend/Dockerfile push: true provenance: false sbom: false no-cache: true tags: | pipe.gohorsejobs.com/bohessefm/gohorsejobs:latest pipe.gohorsejobs.com/bohessefm/gohorsejobs:${{ github.sha }} - name: Build and Push Backoffice uses: docker/build-push-action@v5 with: context: ./backoffice file: ./backoffice/Dockerfile push: true provenance: false sbom: false no-cache: true tags: | pipe.gohorsejobs.com/bohessefm/backoffice:latest pipe.gohorsejobs.com/bohessefm/backoffice:${{ github.sha }} deploy-to-k3s: needs: build-and-push runs-on: docker-ready defaults: run: shell: sh steps: - name: Install Tools (Git & Kubectl) run: | sed -i 's/dl-cdn.alpinelinux.org/mirror.leaseweb.com/g' /etc/apk/repositories apk add --no-cache git curl K8S_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt) curl -L -o /usr/local/bin/kubectl "https://dl.k8s.io/release/${K8S_VERSION}/bin/linux/amd64/kubectl" chmod +x /usr/local/bin/kubectl - name: Checkout code uses: actions/checkout@v4 - name: Deploy to K3s run: | mkdir -p $HOME/.kube echo "${{ secrets.KUBECONFIG }}" > $HOME/.kube/config chmod 600 $HOME/.kube/config export KUBECONFIG=$HOME/.kube/config kubectl create namespace gohorsejobsdev --dry-run=client -o yaml | kubectl apply -f - kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found kubectl -n gohorsejobsdev create secret generic backend-secrets \ --from-literal=MTU='${{ vars.MTU }}' \ --from-literal=AWS_REGION='${{ vars.AWS_REGION }}' \ --from-literal=AWS_ACCESS_KEY_ID='${{ vars.AWS_ACCESS_KEY_ID }}' \ --from-literal=AWS_SECRET_ACCESS_KEY='${{ vars.AWS_SECRET_ACCESS_KEY }}' \ --from-literal=AWS_ENDPOINT='${{ vars.AWS_ENDPOINT }}' \ --from-literal=S3_BUCKET='${{ vars.S3_BUCKET }}' \ --from-literal=JWT_SECRET='${{ vars.JWT_SECRET }}' \ --from-literal=JWT_EXPIRATION='${{ vars.JWT_EXPIRATION }}' \ --from-literal=PASSWORD_PEPPER='${{ vars.PASSWORD_PEPPER }}' \ --from-literal=COOKIE_SECRET='${{ vars.COOKIE_SECRET }}' \ --from-literal=COOKIE_DOMAIN='${{ vars.COOKIE_DOMAIN }}' \ --from-literal=BACKEND_PORT='${{ vars.BACKEND_PORT }}' \ --from-literal=BACKEND_HOST='${{ vars.BACKEND_HOST }}' \ --from-literal=ENV='${{ vars.ENV }}' \ --from-literal=CORS_ORIGINS='${{ vars.CORS_ORIGINS }}' \ --from-literal=AMQP_URL='${{ vars.AMQP_URL }}' \ --from-literal=DATABASE_URL='${{ vars.DATABASE_URL }}' kubectl -n gohorsejobsdev create secret docker-registry forgejo-registry \ --docker-server=pipe.gohorsejobs.com \ --docker-username=bohessefm \ --docker-password='${{ secrets.FORGEJO_TOKEN }}' \ --dry-run=client -o yaml | kubectl apply -f - kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "forgejo-registry"}]}' -n gohorsejobsdev kubectl apply -f k8s/dev/ -n gohorsejobsdev kubectl rollout restart deployment/gohorse-backend-dev -n gohorsejobsdev || true kubectl rollout restart deployment/gohorse-backoffice-dev -n gohorsejobsdev || true