gohorsejobs/.forgejo/workflows/deploy.yaml

name: Deploy Backend and Backoffice Dev

on:
  workflow_dispatch:
  push:
    branches:
      - dev

# AJUSTE 1: Força o uso do IP 127.0.0.1 (mais estável que localhost no K8s)
env:
  DOCKER_HOST: tcp://127.0.0.1:2375

jobs:
  build-and-push:
    runs-on: ubuntu-latest 
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          # AJUSTE 2: Conecta o Buildx diretamente ao sidecar do Docker
          endpoint: tcp://127.0.0.1:2375

      - name: Login to Forgejo Registry
        uses: docker/login-action@v3
        with:
          registry: pipe.gohorsejobs.com
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build and Push Backend
        uses: docker/build-push-action@v5
        with:
          context: ./backend
          file: ./backend/Dockerfile
          push: true
          tags: |
            pipe.gohorsejobs.com/bohessefm/gohorsejobs:latest
            pipe.gohorsejobs.com/bohessefm/gohorsejobs:${{ github.sha }}            
          build-args: |
            MTU=${{ vars.MTU }}            

      - name: Build and Push Backoffice
        uses: docker/build-push-action@v5
        with:
          context: ./backoffice
          file: ./backoffice/Dockerfile
          push: true
          tags: |
            pipe.gohorsejobs.com/bohessefm/backoffice:latest
            pipe.gohorsejobs.com/bohessefm/backoffice:${{ github.sha }}            
          build-args: |
            MTU=${{ vars.MTU }}            

  deploy-to-k3s:
    needs: build-and-push
    runs-on: ubuntu-latest 
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Setup Kubectl
        uses: azure/k8s-set-context@v3
        with:
          method: kubeconfig
          kubeconfig: ${{ secrets.KUBECONFIG }}

      - name: Update Kubernetes Secrets
        run: |
          cat <<EOF > .env.k8s
          MTU=${{ vars.MTU }}
          DATABASE_URL=${{ vars.DATABASE_URL }}
          AWS_REGION=${{ vars.AWS_REGION }}
          AWS_ACCESS_KEY_ID=${{ vars.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY=${{ vars.AWS_SECRET_ACCESS_KEY }}
          AWS_ENDPOINT=${{ vars.AWS_ENDPOINT }}
          S3_BUCKET=${{ vars.S3_BUCKET }}
          JWT_SECRET=${{ vars.JWT_SECRET }}
          JWT_EXPIRATION=${{ vars.JWT_EXPIRATION }}
          PASSWORD_PEPPER=${{ vars.PASSWORD_PEPPER }}
          COOKIE_SECRET=${{ vars.COOKIE_SECRET }}
          COOKIE_DOMAIN=${{ vars.COOKIE_DOMAIN }}
          BACKEND_PORT=${{ vars.BACKEND_PORT }}
          BACKEND_HOST=${{ vars.BACKEND_HOST }}
          CORS_ORIGINS=${{ vars.CORS_ORIGINS }}
          AMQP_URL=${{ vars.AMQP_URL }}
          ENV=${{ vars.ENV }}
          EOF

          kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found
          kubectl -n gohorsejobsdev create secret generic backend-secrets --from-env-file=.env.k8s          

      - name: Apply K8s Manifests
        run: |
          kubectl apply -f k8s/dev/ -n gohorsejobsdev
          kubectl -n gohorsejobsdev rollout restart deployment gohorse-backend-dev
          kubectl -n gohorsejobsdev rollout restart deployment gohorse-backoffice-dev