From ab529b96050a61836b859a69a65a63d9f5ace1f8 Mon Sep 17 00:00:00 2001 From: Alex Shevchuk Date: Tue, 19 Aug 2025 00:46:43 +0300 Subject: [PATCH] 22 --- .gitea/workflows/deploy_staging.yaml | 67 ++++++++++++++-------------- 1 file changed, 33 insertions(+), 34 deletions(-) diff --git a/.gitea/workflows/deploy_staging.yaml b/.gitea/workflows/deploy_staging.yaml index 005da0e..8eb0606 100644 --- a/.gitea/workflows/deploy_staging.yaml +++ b/.gitea/workflows/deploy_staging.yaml @@ -55,20 +55,10 @@ jobs: env: STACK_NAME: molvaapp-${{ inputs.environment }} - strategy: - matrix: - project: - - test_deploy - steps: - name: Checkout code uses: actions/checkout@v4 - - name: Show selected version - run: | - echo "Deploying version: ${{ inputs.version }}" - echo "Available versions were: ${{ needs.get_available_versions.outputs.version_options }}" - - name: Extract Git metadata id: git-metadata run: | @@ -80,22 +70,33 @@ jobs: run: | echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin - - name: Push Docker Image + - name: Build and Push Docker Image + if: ${{ inputs.version == 'latest' }} + env: + IMAGE_NAME: molvaapp/test_deploy + IMAGE_TAG: ${{ steps.git-metadata.outputs.GIT_TAG != "none" && steps.git-metadata.outputs.GIT_TAG || steps.git-metadata.outputs.GIT_SHA }} run: | - if [ "${{ inputs.version }}" == "latest" ]; then - TAG=${{ steps.git-metadata.outputs.GIT_TAG != "none" && steps.git-metadata.outputs.GIT_TAG || steps.git-metadata.outputs.GIT_SHA }} - IMAGE_NAME="molvaapp/${{ matrix.project }}" + docker build -t $IMAGE_NAME:$IMAGE_TAG . - docker build -t $IMAGE_NAME:$TAG . - docker push $IMAGE_NAME:$TAG - echo "Pushed image $IMAGE_NAME:$TAG" - else - echo "Using non-latest version ${{ inputs.version }}" - echo "Skipping pushing image..." - fi + docker tag $IMAGE_NAME:$IMAGE_TAG $IMAGE_NAME:latest - - name: Install envsubst - run: sudo apt-get update && sudo apt-get install -y gettext + docker push $IMAGE_NAME:$IMAGE_TAG + docker push $IMAGE_NAME:latest + + echo "Pushed image $IMAGE_NAME:$IMAGE_TAG and :latest" + + - name: Install dependencies + run: | + sudo apt-get update + sudo apt-get install -y gettext jq + + - name: Prepare environment + run: | + mkdir -p /tmp/swarm-certs + echo "${{ secrets.SWARM_CA_PEM }}" > /tmp/swarm-certs/ca.pem + echo "${{ secrets.SWARM_CERT_PEM }}" > /tmp/swarm-certs/cert.pem + echo "${{ secrets.SWARM_KEY_PEM }}" > /tmp/swarm-certs/key.pem + chmod 600 /tmp/swarm-certs/*.pem - name: Deploy to Swarm env: @@ -103,6 +104,8 @@ jobs: DOCKER_TLS_VERIFY: 1 DOCKER_CERT_PATH: /tmp/swarm-certs + VERSION: ${{ inputs.version }} + KEYCLOAK_BASE_URL: ${{ secrets.KEYCLOAK_BASE_URL }} KEYCLOAK_REALM: ${{ secrets.KEYCLOAK_REALM }} KEYCLOAK_CLIENT_ID: ${{ secrets.KEYCLOAK_CLIENT_ID }} @@ -128,26 +131,22 @@ jobs: run: | envsubst < docker-compose.staging.yaml > docker-compose.runtime.yaml - if [ "${{ inputs.version }}" == "latest" ]; then - VERSION="latest" - else - VERSION="${{ inputs.version }}" - fi + echo "=== Processed Compose File ===" + grep -E 'KEYCLOAK|BROKER|DB_' docker-compose.runtime.yaml echo "Deploying version $VERSION to ${{ inputs.environment }}..." echo "Log level: ${{ inputs.logLevel }}" - mkdir -p /tmp/swarm-certs - echo "${{ secrets.SWARM_CA_PEM }}" > /tmp/swarm-certs/ca.pem - echo "${{ secrets.SWARM_CERT_PEM }}" > /tmp/swarm-certs/cert.pem - echo "${{ secrets.SWARM_KEY_PEM }}" > /tmp/swarm-certs/key.pem - chmod 600 /tmp/swarm-certs/*.pem - docker stack deploy \ --with-registry-auth \ -c docker-compose.runtime.yaml \ ${{ env.STACK_NAME }} + - name: Cleanup + run: | + rm -rf /tmp/swarm-certs + rm -f docker-compose.runtime.yaml + - name: Post-deploy run: | echo "Deployment to ${{ inputs.environment }} completed."