denshooter
1f7547a562
- Increase health check wait times in Gitea Actions workflow - Add additional main page accessibility check with longer timeout - Remove basic auth middleware to use custom admin login only - Custom admin login at /manage route provides better UX than browser basic auth This should resolve the 'Main page is not accessible' issue and provide a nicer admin login experience.
207 lines
7.2 KiB
YAML
207 lines
7.2 KiB
YAML
name: CI/CD Pipeline (Using Gitea Variables & Secrets)
|
|
|
|
on:
|
|
push:
|
|
branches: [ production ]
|
|
|
|
env:
|
|
NODE_VERSION: '20'
|
|
DOCKER_IMAGE: portfolio-app
|
|
CONTAINER_NAME: portfolio-app
|
|
|
|
jobs:
|
|
production:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: ${{ env.NODE_VERSION }}
|
|
cache: 'npm'
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Run linting
|
|
run: npm run lint
|
|
|
|
- name: Run tests
|
|
run: npm run test:production
|
|
|
|
- name: Build application
|
|
run: npm run build
|
|
|
|
- name: Run security scan
|
|
run: |
|
|
echo "🔍 Running npm audit..."
|
|
npm audit --audit-level=high || echo "⚠️ Some vulnerabilities found, but continuing..."
|
|
|
|
- name: Verify Gitea Variables and Secrets
|
|
run: |
|
|
echo "🔍 Verifying Gitea Variables and Secrets..."
|
|
|
|
# Check Variables
|
|
if [ -z "${{ vars.NEXT_PUBLIC_BASE_URL }}" ]; then
|
|
echo "❌ NEXT_PUBLIC_BASE_URL variable is missing!"
|
|
echo "Please set this variable in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
if [ -z "${{ vars.MY_EMAIL }}" ]; then
|
|
echo "❌ MY_EMAIL variable is missing!"
|
|
echo "Please set this variable in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
if [ -z "${{ vars.MY_INFO_EMAIL }}" ]; then
|
|
echo "❌ MY_INFO_EMAIL variable is missing!"
|
|
echo "Please set this variable in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
|
|
# Check Secrets
|
|
if [ -z "${{ secrets.MY_PASSWORD }}" ]; then
|
|
echo "❌ MY_PASSWORD secret is missing!"
|
|
echo "Please set this secret in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
if [ -z "${{ secrets.MY_INFO_PASSWORD }}" ]; then
|
|
echo "❌ MY_INFO_PASSWORD secret is missing!"
|
|
echo "Please set this secret in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
if [ -z "${{ secrets.ADMIN_BASIC_AUTH }}" ]; then
|
|
echo "❌ ADMIN_BASIC_AUTH secret is missing!"
|
|
echo "Please set this secret in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
|
|
echo "✅ All required Gitea variables and secrets are present"
|
|
echo "📝 Variables found:"
|
|
echo " - NEXT_PUBLIC_BASE_URL: ${{ vars.NEXT_PUBLIC_BASE_URL }}"
|
|
echo " - MY_EMAIL: ${{ vars.MY_EMAIL }}"
|
|
echo " - MY_INFO_EMAIL: ${{ vars.MY_INFO_EMAIL }}"
|
|
echo " - NODE_ENV: ${{ vars.NODE_ENV }}"
|
|
echo " - LOG_LEVEL: ${{ vars.LOG_LEVEL }}"
|
|
|
|
- name: Build Docker image
|
|
run: |
|
|
echo "🏗️ Building Docker image..."
|
|
docker build -t ${{ env.DOCKER_IMAGE }}:latest .
|
|
docker tag ${{ env.DOCKER_IMAGE }}:latest ${{ env.DOCKER_IMAGE }}:$(date +%Y%m%d-%H%M%S)
|
|
echo "✅ Docker image built successfully"
|
|
|
|
- name: Deploy using Gitea Variables and Secrets
|
|
run: |
|
|
echo "🚀 Deploying using Gitea Variables and Secrets..."
|
|
|
|
echo "📝 Using Gitea Variables and Secrets:"
|
|
echo " - NODE_ENV: ${NODE_ENV}"
|
|
echo " - LOG_LEVEL: ${LOG_LEVEL}"
|
|
echo " - NEXT_PUBLIC_BASE_URL: ${NEXT_PUBLIC_BASE_URL}"
|
|
echo " - MY_EMAIL: ${MY_EMAIL}"
|
|
echo " - MY_INFO_EMAIL: ${MY_INFO_EMAIL}"
|
|
echo " - MY_PASSWORD: [SET FROM GITEA SECRET]"
|
|
echo " - MY_INFO_PASSWORD: [SET FROM GITEA SECRET]"
|
|
echo " - ADMIN_BASIC_AUTH: [SET FROM GITEA SECRET]"
|
|
|
|
# Stop old containers
|
|
echo "🛑 Stopping old containers..."
|
|
docker compose down || true
|
|
|
|
# Clean up orphaned containers
|
|
echo "🧹 Cleaning up orphaned containers..."
|
|
docker compose down --remove-orphans || true
|
|
|
|
# Start new containers
|
|
echo "🚀 Starting new containers..."
|
|
docker compose up -d
|
|
|
|
# Wait a moment for containers to start
|
|
echo "⏳ Waiting for containers to start..."
|
|
sleep 10
|
|
|
|
# Check container logs for debugging
|
|
echo "📋 Container logs (first 20 lines):"
|
|
docker compose logs --tail=20
|
|
|
|
echo "✅ Deployment completed!"
|
|
env:
|
|
NODE_ENV: ${{ vars.NODE_ENV }}
|
|
LOG_LEVEL: ${{ vars.LOG_LEVEL }}
|
|
NEXT_PUBLIC_BASE_URL: ${{ vars.NEXT_PUBLIC_BASE_URL }}
|
|
NEXT_PUBLIC_UMAMI_URL: ${{ vars.NEXT_PUBLIC_UMAMI_URL }}
|
|
NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
|
|
MY_EMAIL: ${{ vars.MY_EMAIL }}
|
|
MY_INFO_EMAIL: ${{ vars.MY_INFO_EMAIL }}
|
|
MY_PASSWORD: ${{ secrets.MY_PASSWORD }}
|
|
MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }}
|
|
ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }}
|
|
|
|
- name: Wait for containers to be ready
|
|
run: |
|
|
echo "⏳ Waiting for containers to be ready..."
|
|
sleep 45
|
|
|
|
# Check if all containers are running
|
|
echo "📊 Checking container status..."
|
|
docker compose ps
|
|
|
|
# Wait for application container to be healthy
|
|
echo "🏥 Waiting for application container to be healthy..."
|
|
for i in {1..60}; do
|
|
if docker exec portfolio-app curl -f http://localhost:3000/api/health > /dev/null 2>&1; then
|
|
echo "✅ Application container is healthy!"
|
|
break
|
|
fi
|
|
echo "⏳ Waiting for application container... ($i/60)"
|
|
sleep 5
|
|
done
|
|
|
|
# Additional wait for main page to be accessible
|
|
echo "🌐 Waiting for main page to be accessible..."
|
|
for i in {1..30}; do
|
|
if curl -f http://localhost:3000/ > /dev/null 2>&1; then
|
|
echo "✅ Main page is accessible!"
|
|
break
|
|
fi
|
|
echo "⏳ Waiting for main page... ($i/30)"
|
|
sleep 3
|
|
done
|
|
|
|
- name: Health check
|
|
run: |
|
|
echo "🔍 Running comprehensive health checks..."
|
|
|
|
# Check container status
|
|
echo "📊 Container status:"
|
|
docker compose ps
|
|
|
|
# Check application container
|
|
echo "🏥 Checking application container..."
|
|
if docker exec portfolio-app curl -f http://localhost:3000/api/health; then
|
|
echo "✅ Application health check passed!"
|
|
else
|
|
echo "❌ Application health check failed!"
|
|
docker logs portfolio-app --tail=50
|
|
exit 1
|
|
fi
|
|
|
|
# Check main page
|
|
if curl -f http://localhost:3000/ > /dev/null; then
|
|
echo "✅ Main page is accessible!"
|
|
else
|
|
echo "❌ Main page is not accessible!"
|
|
exit 1
|
|
fi
|
|
|
|
echo "✅ All health checks passed! Deployment successful!"
|
|
|
|
- name: Cleanup old images
|
|
run: |
|
|
echo "🧹 Cleaning up old images..."
|
|
docker image prune -f
|
|
docker system prune -f
|
|
echo "✅ Cleanup completed"
|