From 5f24580209bfd856c152450dad5e5307bf51d408 Mon Sep 17 00:00:00 2001
From: Alex Shevchuk <shevchuk.aa@phystech.edu>
Date: Tue, 19 Aug 2025 21:45:36 +0300
Subject: [PATCH] =?UTF-8?q?54=20=D1=8D=D1=82=D0=BE=20=D0=A1=D0=B0=D0=BD?=
 =?UTF-8?q?=D0=BA=D1=82=20=D0=9F=D0=B5=D1=82=D0=B5=D1=80=D0=B1=D1=83=D1=80?=
 =?UTF-8?q?=D0=B3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .gitea/workflows/deploy_staging.yaml | 75 +++++++++++++++++-----------
 1 file changed, 47 insertions(+), 28 deletions(-)

diff --git a/.gitea/workflows/deploy_staging.yaml b/.gitea/workflows/deploy_staging.yaml
index f9ccec0..7f9f8c5 100644
--- a/.gitea/workflows/deploy_staging.yaml
+++ b/.gitea/workflows/deploy_staging.yaml
@@ -38,39 +38,60 @@ jobs:
         run: |
           echo "GIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
           echo "GIT_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo 'none')" >> $GITHUB_OUTPUT
+          echo "REPO_OWNER=$(echo $REPO | cut -d'/' -f1)" >> $GITHUB_OUTPUT
+          echo "REPO_NAME=$(echo $REPO | cut -d'/' -f2)" >> $GITHUB_OUTPUT
 
       - name: Login to Docker Registry
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract image metadata
+        id: docker-metadata
+        needs: git-metadata
+        env:
+          REGISTRY: hub.docker.com
+          REPO_NAME: ${{ steps.git-metadata.outputs.REPO_NAME }}
         run: |
-          echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin
+          TARGET_TAG=${{ inputs.version }}
+
+          if [ ${TARGET_TAG} == "new" ]; then
+            PUSH_DATE=$(date +"%Y-%m-%d %T %Z")
+            IMAGE_TAG=${{ inputs.environment }}-${{ steps.git-metadata.outputs.GIT_TAG != 'none' && steps.git-metadata.outputs.GIT_TAG || steps.git-metadata.outputs.GIT_SHA }}
+          else
+            PUSH_DATE=$(wget -q -O - "https://$REGISTRY/v2/namespaces/molvaapp/repositories/$REPO_NAME/tags/${TARGET_TAG}/" | jq -r '.tag_last_pushed')
+            IMAGE_TAG=${{ inputs.version }}
+          fi
+
+          echo "IMAGE_NAME=molvaapp/${{ steps.git-metadata.outputs.REPO_NAME }}" >> $GITHUB_OUTPUT
+          echo "IMAGE_TAG=${IMAGE_TAG}" >> $GITHUB_OUTPUT
+          echo "TAG_LAST_PUSHED=${PUSH_DATE}" >> $GITHUB_OUTPUT
+
+      - name: Setup Docker Buildx
+        uses: docker/setup-buildx-action@v3
 
       - name: Build and Push Docker Image
         if: ${{ inputs.version == 'new' }}
-        needs: git-metadata
-        env:
-          IMAGE_NAME: molvaapp/test_deploy
-          IMAGE_TAG: ${{ inputs.environment }}-${{ steps.git-metadata.outputs.GIT_TAG != 'none' && steps.git-metadata.outputs.GIT_TAG || steps.git-metadata.outputs.GIT_SHA }}
-          CONFIG_FILE: .build/config/staging.yaml
-        run: |
-          docker build \
-            --build-arg BUILD_LDFLAGS="-w -s" \
-            --build-arg CONFIG_FILE_PATH=$CONFIG_FILE \
-            -t $IMAGE_NAME:$IMAGE_TAG \
-            -t $IMAGE_NAME:latest \
-            .
-
-          docker tag $IMAGE_NAME:$IMAGE_TAG $IMAGE_NAME:latest
-
-          docker push $IMAGE_NAME:$IMAGE_TAG
-          docker push $IMAGE_NAME:latest
-
-          echo "Pushed image $IMAGE_NAME:$IMAGE_TAG and :latest"
+        needs: docker-metadata
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: Dockerfile
+          push: true
+          tags: ${{ steps.docker-metadata.outputs.IMAGE_NAME }}:${{ steps.docker-metadata.outputs.IMAGE_TAG }}
+          build-args: |
+            BUILD_LDFLAGS="-w -s"
+            CONFIG_FILE_PATH=".build/config/staging.yaml"
 
       - name: Install dependencies
+        id: install-dependencies
         run: |
           sudo apt-get update
           sudo apt-get install -y gettext jq
 
       - name: Prepare environment
+        id: prepare-env
         run: |
           mkdir -p /tmp/swarm-certs
           echo "${{ secrets.SWARM_CA_PEM }}" > /tmp/swarm-certs/ca.pem
@@ -79,10 +100,12 @@ jobs:
           chmod 600 /tmp/swarm-certs/*.pem
 
       - name: Deploy to Swarm
+        needs:
+          - git-metadata
+          - docker-metadata
+          - install-dependencies
+          - prepare-env
         env:
-          REGISTRY: hub.docker.com
-          REPO: ${{ github.repository }}
-
           DOCKER_HOST: tcp://${{ secrets.SWARM_MANAGER_HOST }}:2376
           DOCKER_TLS_VERIFY: 1
           DOCKER_CERT_PATH: /tmp/swarm-certs
@@ -90,6 +113,7 @@ jobs:
           VERSION: ${{ inputs.version == 'new' && 'latest' || inputs.version }}
 
           APP_COMMIT: ${{ steps.git-metadata.outputs.GIT_TAG != 'none' && steps.git-metadata.outputs.GIT_TAG || steps.git-metadata.outputs.GIT_SHA }}
+          APP_BUILD_DATE: ${{ steps.docker-metadata.outputs.TAG_LAST_PUSHED }}
 
           KEYCLOAK_BASE_URL: ${{ secrets.KEYCLOAK_BASE_URL }}
           KEYCLOAK_REALM: ${{ secrets.KEYCLOAK_REALM }}
@@ -114,11 +138,6 @@ jobs:
 
           INTEGRATION_VKUSVILL_API_TOKEN: ${{ secrets.INTEGRATION_VKUSVILL_API_TOKEN }}
         run: |
-          REPO_NAME=$(echo $REPO | cut -d'/' -f2)
-
-          APP_BUILD_DATE=$(wget -q -O - "https://$REGISTRY/v2/namespaces/molvaapp/repositories/$REPO_NAME/tags?page_size=100" \
-            | jq -r '.results[] | select(.name == "'$VERSION'") | .tag_last_pushed')
-
           envsubst < docker-compose.staging.yaml > docker-compose.runtime.yaml
 
           cat docker-compose.runtime.yaml