name: CI/CD Pipeline (Simple & Reliable) on: push: branches: [ production ] env: NODE_VERSION: '20' DOCKER_IMAGE: portfolio-app CONTAINER_NAME: portfolio-app jobs: production: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v3 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' - name: Install dependencies run: npm ci - name: Run linting run: npm run lint - name: Run tests run: npm run test - name: Build application run: npm run build - name: Run security scan run: | echo "๐Ÿ” Running npm audit..." npm audit --audit-level=high || echo "โš ๏ธ Some vulnerabilities found, but continuing..." - name: Verify secrets and variables run: | echo "๐Ÿ” Verifying secrets and variables..." # Check Variables if [ -z "${{ vars.NEXT_PUBLIC_BASE_URL }}" ]; then echo "โŒ NEXT_PUBLIC_BASE_URL variable is missing!" exit 1 fi if [ -z "${{ vars.MY_EMAIL }}" ]; then echo "โŒ MY_EMAIL variable is missing!" exit 1 fi if [ -z "${{ vars.MY_INFO_EMAIL }}" ]; then echo "โŒ MY_INFO_EMAIL variable is missing!" exit 1 fi # Check Secrets if [ -z "${{ secrets.MY_PASSWORD }}" ]; then echo "โŒ MY_PASSWORD secret is missing!" exit 1 fi if [ -z "${{ secrets.MY_INFO_PASSWORD }}" ]; then echo "โŒ MY_INFO_PASSWORD secret is missing!" exit 1 fi if [ -z "${{ secrets.ADMIN_BASIC_AUTH }}" ]; then echo "โŒ ADMIN_BASIC_AUTH secret is missing!" exit 1 fi echo "โœ… All required secrets and variables are present" - name: Deploy using improved script run: | echo "๐Ÿš€ Deploying using improved deployment script..." # Set environment variables for the deployment script export MY_PASSWORD="${{ secrets.MY_PASSWORD }}" export MY_INFO_PASSWORD="${{ secrets.MY_INFO_PASSWORD }}" export ADMIN_BASIC_AUTH="${{ secrets.ADMIN_BASIC_AUTH }}" # Make the script executable chmod +x ./scripts/gitea-deploy.sh # Run the deployment script ./scripts/gitea-deploy.sh env: NODE_ENV: ${{ vars.NODE_ENV }} LOG_LEVEL: ${{ vars.LOG_LEVEL }} NEXT_PUBLIC_BASE_URL: ${{ vars.NEXT_PUBLIC_BASE_URL }} NEXT_PUBLIC_UMAMI_URL: ${{ vars.NEXT_PUBLIC_UMAMI_URL }} NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }} MY_EMAIL: ${{ vars.MY_EMAIL }} MY_INFO_EMAIL: ${{ vars.MY_INFO_EMAIL }} MY_PASSWORD: ${{ secrets.MY_PASSWORD }} MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }} ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }} - name: Final verification run: | echo "๐Ÿ” Final verification..." # Wait a bit more to ensure everything is stable sleep 10 # Check if container is running if docker ps --filter "name=${{ env.CONTAINER_NAME }}" --format "{{.Names}}" | grep -q "${{ env.CONTAINER_NAME }}"; then echo "โœ… Container is running" else echo "โŒ Container is not running" docker ps -a exit 1 fi # Check health endpoint if curl -f http://localhost:3000/api/health; then echo "โœ… Health check passed" else echo "โŒ Health check failed" echo "Container logs:" docker logs ${{ env.CONTAINER_NAME }} --tail=50 exit 1 fi # Check main page if curl -f http://localhost:3000/ > /dev/null; then echo "โœ… Main page is accessible" else echo "โŒ Main page is not accessible" exit 1 fi echo "๐ŸŽ‰ Deployment successful!" - name: Cleanup old images run: | echo "๐Ÿงน Cleaning up old images..." docker image prune -f docker system prune -f echo "โœ… Cleanup completed"