🔧 Enhance Gitea deployment workflows and fix nginx configuration

- Added new CI/CD workflow `ci-cd-reliable.yml` for reliable deployments with database support. - Created `docker-compose.zero-downtime-fixed.yml` to address nginx configuration issues for zero-downtime deployments. - Improved existing workflows to check for nginx configuration file and create a fallback if missing. - Updated `DEPLOYMENT-FIXES.md` to document new workflows and fixes. ✅ These changes improve deployment reliability and ensure proper nginx configuration for seamless updates.
2025-09-14 19:11:37 +02:00
parent ca2cbc2c92
commit fc3f9ebf12
4 changed files with 409 additions and 10 deletions
--- a/.gitea/workflows/ci-cd-reliable.yml
+++ b/.gitea/workflows/ci-cd-reliable.yml
@@ -0,0 +1,177 @@
+name: CI/CD Pipeline (Reliable & Simple)
+
+on:
+  push:
+    branches: [ production ]
+
+env:
+  NODE_VERSION: '20'
+  DOCKER_IMAGE: portfolio-app
+  CONTAINER_NAME: portfolio-app
+
+jobs:
+  production:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run linting
+        run: npm run lint
+
+      - name: Run tests
+        run: npm run test
+
+      - name: Build application
+        run: npm run build
+
+      - name: Run security scan
+        run: |
+          echo "🔍 Running npm audit..."
+          npm audit --audit-level=high || echo "⚠️ Some vulnerabilities found, but continuing..."
+
+      - name: Verify secrets and variables
+        run: |
+          echo "🔍 Verifying secrets and variables..."
+          
+          # Check Variables
+          if [ -z "${{ vars.NEXT_PUBLIC_BASE_URL }}" ]; then
+            echo "❌ NEXT_PUBLIC_BASE_URL variable is missing!"
+            exit 1
+          fi
+          if [ -z "${{ vars.MY_EMAIL }}" ]; then
+            echo "❌ MY_EMAIL variable is missing!"
+            exit 1
+          fi
+          if [ -z "${{ vars.MY_INFO_EMAIL }}" ]; then
+            echo "❌ MY_INFO_EMAIL variable is missing!"
+            exit 1
+          fi
+          
+          # Check Secrets
+          if [ -z "${{ secrets.MY_PASSWORD }}" ]; then
+            echo "❌ MY_PASSWORD secret is missing!"
+            exit 1
+          fi
+          if [ -z "${{ secrets.MY_INFO_PASSWORD }}" ]; then
+            echo "❌ MY_INFO_PASSWORD secret is missing!"
+            exit 1
+          fi
+          if [ -z "${{ secrets.ADMIN_BASIC_AUTH }}" ]; then
+            echo "❌ ADMIN_BASIC_AUTH secret is missing!"
+            exit 1
+          fi
+          
+          echo "✅ All required secrets and variables are present"
+
+      - name: Build Docker image
+        run: |
+          echo "🏗️ Building Docker image..."
+          docker build -t ${{ env.DOCKER_IMAGE }}:latest .
+          docker tag ${{ env.DOCKER_IMAGE }}:latest ${{ env.DOCKER_IMAGE }}:$(date +%Y%m%d-%H%M%S)
+          echo "✅ Docker image built successfully"
+
+      - name: Deploy with database services
+        run: |
+          echo "🚀 Deploying with database services..."
+          
+          # Export environment variables
+          export NODE_ENV="${{ vars.NODE_ENV }}"
+          export LOG_LEVEL="${{ vars.LOG_LEVEL }}"
+          export NEXT_PUBLIC_BASE_URL="${{ vars.NEXT_PUBLIC_BASE_URL }}"
+          export NEXT_PUBLIC_UMAMI_URL="${{ vars.NEXT_PUBLIC_UMAMI_URL }}"
+          export NEXT_PUBLIC_UMAMI_WEBSITE_ID="${{ vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}"
+          export MY_EMAIL="${{ vars.MY_EMAIL }}"
+          export MY_INFO_EMAIL="${{ vars.MY_INFO_EMAIL }}"
+          export MY_PASSWORD="${{ secrets.MY_PASSWORD }}"
+          export MY_INFO_PASSWORD="${{ secrets.MY_INFO_PASSWORD }}"
+          export ADMIN_BASIC_AUTH="${{ secrets.ADMIN_BASIC_AUTH }}"
+          
+          # Stop old containers
+          echo "🛑 Stopping old containers..."
+          docker compose down || true
+          
+          # Clean up orphaned containers
+          echo "🧹 Cleaning up orphaned containers..."
+          docker compose down --remove-orphans || true
+          
+          # Start new containers
+          echo "🚀 Starting new containers..."
+          docker compose up -d
+          
+          echo "✅ Deployment completed!"
+        env:
+          NODE_ENV: ${{ vars.NODE_ENV }}
+          LOG_LEVEL: ${{ vars.LOG_LEVEL }}
+          NEXT_PUBLIC_BASE_URL: ${{ vars.NEXT_PUBLIC_BASE_URL }}
+          NEXT_PUBLIC_UMAMI_URL: ${{ vars.NEXT_PUBLIC_UMAMI_URL }}
+          NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
+          MY_EMAIL: ${{ vars.MY_EMAIL }}
+          MY_INFO_EMAIL: ${{ vars.MY_INFO_EMAIL }}
+          MY_PASSWORD: ${{ secrets.MY_PASSWORD }}
+          MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }}
+          ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }}
+
+      - name: Wait for containers to be ready
+        run: |
+          echo "⏳ Waiting for containers to be ready..."
+          sleep 20
+          
+          # Check if all containers are running
+          echo "📊 Checking container status..."
+          docker compose ps
+          
+          # Wait for application container to be healthy
+          echo "🏥 Waiting for application container to be healthy..."
+          for i in {1..30}; do
+            if docker exec portfolio-app curl -f http://localhost:3000/api/health > /dev/null 2>&1; then
+              echo "✅ Application container is healthy!"
+              break
+            fi
+            echo "⏳ Waiting for application container... ($i/30)"
+            sleep 3
+          done
+
+      - name: Health check
+        run: |
+          echo "🔍 Running comprehensive health checks..."
+          
+          # Check container status
+          echo "📊 Container status:"
+          docker compose ps
+          
+          # Check application container
+          echo "🏥 Checking application container..."
+          if docker exec portfolio-app curl -f http://localhost:3000/api/health; then
+            echo "✅ Application health check passed!"
+          else
+            echo "❌ Application health check failed!"
+            docker logs portfolio-app --tail=50
+            exit 1
+          fi
+          
+          # Check main page
+          if curl -f http://localhost:3000/ > /dev/null; then
+            echo "✅ Main page is accessible!"
+          else
+            echo "❌ Main page is not accessible!"
+            exit 1
+          fi
+          
+          echo "✅ All health checks passed! Deployment successful!"
+
+      - name: Cleanup old images
+        run: |
+          echo "🧹 Cleaning up old images..."
+          docker image prune -f
+          docker system prune -f
+          echo "✅ Cleanup completed"
--- a/.gitea/workflows/ci-cd-zero-downtime-fixed.yml
+++ b/.gitea/workflows/ci-cd-zero-downtime-fixed.yml
@@ -93,13 +93,50 @@ jobs:
          export MY_INFO_PASSWORD="${{ secrets.MY_INFO_PASSWORD }}"
          export ADMIN_BASIC_AUTH="${{ secrets.ADMIN_BASIC_AUTH }}"
          
+          # Check if nginx config file exists
+          echo "🔍 Checking nginx configuration file..."
+          if [ ! -f "nginx-zero-downtime.conf" ]; then
+            echo "⚠️ nginx-zero-downtime.conf not found, creating fallback..."
+            cat > nginx-zero-downtime.conf << 'EOF'
+events {
+    worker_connections 1024;
+}
+http {
+    upstream portfolio_backend {
+        server portfolio-app-1:3000 max_fails=3 fail_timeout=30s;
+        server portfolio-app-2:3000 max_fails=3 fail_timeout=30s;
+    }
+    server {
+        listen 80;
+        server_name _;
+        location /health {
+            access_log off;
+            return 200 "healthy\n";
+            add_header Content-Type text/plain;
+        }
+        location / {
+            proxy_pass http://portfolio_backend;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+}
+EOF
+          fi
+          
          # Stop old containers
          echo "🛑 Stopping old containers..."
-          docker compose -f docker-compose.zero-downtime.yml down || true
+          docker compose -f docker-compose.zero-downtime-fixed.yml down || true
+          
+          # Clean up any orphaned containers
+          echo "🧹 Cleaning up orphaned containers..."
+          docker compose -f docker-compose.zero-downtime-fixed.yml down --remove-orphans || true
          
          # Start new containers
          echo "🚀 Starting new containers..."
-          docker compose -f docker-compose.zero-downtime.yml up -d
+          docker compose -f docker-compose.zero-downtime-fixed.yml up -d
          
          echo "✅ Zero downtime deployment completed!"
        env:
@@ -121,7 +158,7 @@ jobs:
          
          # Check if all containers are running
          echo "📊 Checking container status..."
-          docker compose -f docker-compose.zero-downtime.yml ps
+          docker compose -f docker-compose.zero-downtime-fixed.yml ps
          
          # Wait for application containers to be healthy
          echo "🏥 Waiting for application containers to be healthy..."
@@ -153,7 +190,7 @@ jobs:
          
          # Check container status
          echo "📊 Container status:"
-          docker compose -f docker-compose.zero-downtime.yml ps
+          docker compose -f docker-compose.zero-downtime-fixed.yml ps
          
          # Check individual application containers
          echo "🏥 Checking individual application containers..."
@@ -203,7 +240,7 @@ jobs:
      - name: Show container status
        run: |
          echo "📊 Container status:"
-          docker compose -f docker-compose.zero-downtime.yml ps
+          docker compose -f docker-compose.zero-downtime-fixed.yml ps

      - name: Cleanup old images
        run: |