rede5/gohorsejobs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
gohorsejobs/.forgejo/workflows/deploy.yaml
bohessefm ee1207e2d9 Update .forgejo/workflows/deploy.yaml
2026-02-18 23:21:50 +00:00

133 lines
No EOL
6.4 KiB
YAML
Raw Blame History

name: Deploy Backend and Backoffice Dev
on:
workflow_dispatch:
push:
branches: [dev]
env:
REGISTRY: pipe.gohorsejobs.com
IMAGE_NAMESPACE: bohessefm
jobs:
build-and-push:
runs-on: [self-hosted, linux-amd64]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Docker Login
run: |
echo "${{ secrets.FORGEJO_TOKEN }}" | docker login ${{ env.REGISTRY }} \
-u ${{ env.IMAGE_NAMESPACE }} --password-stdin
- name: Build & Push Backend
run: |
docker build -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/gohorsejobs:${{ github.sha }} \
-t ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/gohorsejobs:latest ./backend
docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/gohorsejobs:${{ github.sha }}
docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/gohorsejobs:latest
- name: Build & Push Backoffice
run: |
docker build -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/backoffice:${{ github.sha }} \
-t ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/backoffice:latest ./backoffice
docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/backoffice:${{ github.sha }}
docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/backoffice:latest
deploy:
needs: build-and-push
runs-on: [self-hosted, linux-amd64]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install kubectl
run: |
apk add --no-cache curl
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
mv kubectl /usr/local/bin/
- name: Configure Kubeconfig
run: |
mkdir -p ~/.kube
echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config
chmod 600 ~/.kube/config
- name: Sync Secrets and Vars
run: |
kubectl create namespace gohorsejobsdev --dry-run=client -o yaml | kubectl apply -f -
kubectl get secret forgejo-registry-secret --namespace=forgejo -o yaml | \
sed 's/namespace: forgejo/namespace: gohorsejobsdev/' | \
kubectl apply -f - --force
kubectl delete secret backend-secrets -n gohorsejobsdev --ignore-not-found
# PEGA A SECRET, REMOVE ESPAÇOS E QUEBRAS DE LINHA QUE CAUSAM O ERRO UTF-8
RAW_KEY="${{ secrets.RSA_PRIVATE_KEY_BASE64 || vars.RSA_PRIVATE_KEY_BASE64 }}"
CLEAN_KEY=$(echo "$RAW_KEY" | tr -d '[:space:]')
if [ -n "$CLEAN_KEY" ]; then
echo "Processing RSA Key (Cleaning spaces and newlines)..."
echo "$CLEAN_KEY" > /tmp/rsa_key.base64
# Tenta decodificar. Se falhar (já for PEM), usa o original limpo.
base64 -d /tmp/rsa_key.base64 > /tmp/rsa_key.pem 2>/dev/null || cp /tmp/rsa_key.base64 /tmp/rsa_key.pem
fi
if [ -f /tmp/rsa_key.pem ]; then
kubectl create secret generic backend-secrets -n gohorsejobsdev \
--from-literal=MTU="${{ vars.MTU }}" \
--from-literal=DATABASE_URL="${{ vars.DATABASE_URL }}" \
--from-literal=AMQP_URL="${{ vars.AMQP_URL }}" \
--from-literal=JWT_SECRET="${{ vars.JWT_SECRET }}" \
--from-literal=JWT_EXPIRATION="${{ vars.JWT_EXPIRATION }}" \
--from-literal=PASSWORD_PEPPER="${{ vars.PASSWORD_PEPPER }}" \
--from-literal=COOKIE_SECRET="${{ vars.COOKIE_SECRET }}" \
--from-literal=COOKIE_DOMAIN="${{ vars.COOKIE_DOMAIN }}" \
--from-literal=BACKEND_PORT="${{ vars.BACKEND_PORT }}" \
--from-literal=BACKEND_HOST="${{ vars.BACKEND_HOST }}" \
--from-literal=ENV="${{ vars.ENV }}" \
--from-literal=CORS_ORIGINS="${{ vars.CORS_ORIGINS }}" \
--from-literal=S3_BUCKET="${{ vars.S3_BUCKET }}" \
--from-literal=AWS_REGION="${{ vars.AWS_REGION }}" \
--from-literal=AWS_ENDPOINT="${{ vars.AWS_ENDPOINT }}" \
--from-literal=AWS_ACCESS_KEY_ID="${{ vars.AWS_ACCESS_KEY_ID }}" \
--from-literal=AWS_SECRET_ACCESS_KEY="${{ vars.AWS_SECRET_ACCESS_KEY }}" \
--from-file=private_key.pem=/tmp/rsa_key.pem \
--dry-run=client -o yaml | kubectl apply -f -
else
# Fallback caso a chave não exista
kubectl create secret generic backend-secrets -n gohorsejobsdev \
--from-literal=MTU="${{ vars.MTU }}" \
--from-literal=DATABASE_URL="${{ vars.DATABASE_URL }}" \
--from-literal=AMQP_URL="${{ vars.AMQP_URL }}" \
--from-literal=JWT_SECRET="${{ vars.JWT_SECRET }}" \
--from-literal=JWT_EXPIRATION="${{ vars.JWT_EXPIRATION }}" \
--from-literal=PASSWORD_PEPPER="${{ vars.PASSWORD_PEPPER }}" \
--from-literal=COOKIE_SECRET="${{ vars.COOKIE_SECRET }}" \
--from-literal=COOKIE_DOMAIN="${{ vars.COOKIE_DOMAIN }}" \
--from-literal=BACKEND_PORT="${{ vars.BACKEND_PORT }}" \
--from-literal=BACKEND_HOST="${{ vars.BACKEND_HOST }}" \
--from-literal=ENV="${{ vars.ENV }}" \
--from-literal=CORS_ORIGINS="${{ vars.CORS_ORIGINS }}" \
--from-literal=S3_BUCKET="${{ vars.S3_BUCKET }}" \
--from-literal=AWS_REGION="${{ vars.AWS_REGION }}" \
--from-literal=AWS_ENDPOINT="${{ vars.AWS_ENDPOINT }}" \
--from-literal=AWS_ACCESS_KEY_ID="${{ vars.AWS_ACCESS_KEY_ID }}" \
--from-literal=AWS_SECRET_ACCESS_KEY="${{ vars.AWS_SECRET_ACCESS_KEY }}" \
--dry-run=client -o yaml | kubectl apply -f -
fi
- name: Deploy to K3s
run: |
kubectl apply -f k8s/dev/ -n gohorsejobsdev
kubectl -n gohorsejobsdev set image deployment/gohorse-backend-dev backend=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/gohorsejobs:${{ github.sha }}
kubectl -n gohorsejobsdev set image deployment/gohorse-backoffice-dev backoffice=${{ env.REGISTRY }}/${{ env.IMAGE_NAMESPACE }}/backoffice:${{ github.sha }}
kubectl -n gohorsejobsdev rollout restart deployment/gohorse-backend-dev
kubectl -n gohorsejobsdev rollout restart deployment/gohorse-backoffice-dev
kubectl -n gohorsejobsdev rollout status deployment/gohorse-backend-dev --timeout=120s
Reference in a new issue View git blame Copy permalink