denshooter
8c223db2a8
Some checks failed
Dev Deployment (Zero Downtime) / deploy-dev (push) Has been cancelled
- Created separate workflows for production and dev deployments - Production branch → dk0.dev (port 3000) - Dev branch → dev.dk0.dev (port 3002) - Zero-downtime deployment pattern (start new, wait for health, remove old) - Complete isolation between environments (separate containers, databases, networks) - Cleaned up unused code and files: - Removed unused GhostEditor and ResizableGhostEditor components - Removed old/unused workflows and markdown files - Fixed docker-compose references - Upgraded dependencies to latest compatible versions - Fixed TypeScript errors in editor page - Updated staging to use dev.dk0.dev domain
254 lines
9.8 KiB
Plaintext
254 lines
9.8 KiB
Plaintext
name: CI/CD Pipeline (Using Gitea Variables & Secrets)
|
|
|
|
on:
|
|
push:
|
|
branches: [ dev, main, production ]
|
|
|
|
env:
|
|
NODE_VERSION: '20'
|
|
DOCKER_IMAGE: portfolio-app
|
|
CONTAINER_NAME: portfolio-app
|
|
|
|
jobs:
|
|
production:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: ${{ env.NODE_VERSION }}
|
|
cache: 'npm'
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Run linting
|
|
run: npm run lint
|
|
|
|
- name: Run tests
|
|
run: npm run test:production
|
|
|
|
- name: Build application
|
|
run: npm run build
|
|
|
|
- name: Run security scan
|
|
run: |
|
|
echo "🔍 Running npm audit..."
|
|
npm audit --audit-level=high || echo "⚠️ Some vulnerabilities found, but continuing..."
|
|
|
|
- name: Verify Gitea Variables and Secrets
|
|
run: |
|
|
echo "🔍 Verifying Gitea Variables and Secrets..."
|
|
|
|
# Check Variables
|
|
if [ -z "${{ vars.NEXT_PUBLIC_BASE_URL }}" ]; then
|
|
echo "❌ NEXT_PUBLIC_BASE_URL variable is missing!"
|
|
echo "Please set this variable in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
if [ -z "${{ vars.MY_EMAIL }}" ]; then
|
|
echo "❌ MY_EMAIL variable is missing!"
|
|
echo "Please set this variable in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
if [ -z "${{ vars.MY_INFO_EMAIL }}" ]; then
|
|
echo "❌ MY_INFO_EMAIL variable is missing!"
|
|
echo "Please set this variable in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
|
|
# Check Secrets
|
|
if [ -z "${{ secrets.MY_PASSWORD }}" ]; then
|
|
echo "❌ MY_PASSWORD secret is missing!"
|
|
echo "Please set this secret in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
if [ -z "${{ secrets.MY_INFO_PASSWORD }}" ]; then
|
|
echo "❌ MY_INFO_PASSWORD secret is missing!"
|
|
echo "Please set this secret in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
if [ -z "${{ secrets.ADMIN_BASIC_AUTH }}" ]; then
|
|
echo "❌ ADMIN_BASIC_AUTH secret is missing!"
|
|
echo "Please set this secret in Gitea repository settings"
|
|
exit 1
|
|
fi
|
|
|
|
echo "✅ All required Gitea variables and secrets are present"
|
|
echo "📝 Variables found:"
|
|
echo " - NEXT_PUBLIC_BASE_URL: ${{ vars.NEXT_PUBLIC_BASE_URL }}"
|
|
echo " - MY_EMAIL: ${{ vars.MY_EMAIL }}"
|
|
echo " - MY_INFO_EMAIL: ${{ vars.MY_INFO_EMAIL }}"
|
|
echo " - NODE_ENV: ${{ vars.NODE_ENV }}"
|
|
echo " - LOG_LEVEL: ${{ vars.LOG_LEVEL }}"
|
|
|
|
- name: Build Docker image
|
|
run: |
|
|
echo "🏗️ Building Docker image..."
|
|
docker build -t ${{ env.DOCKER_IMAGE }}:latest .
|
|
docker tag ${{ env.DOCKER_IMAGE }}:latest ${{ env.DOCKER_IMAGE }}:$(date +%Y%m%d-%H%M%S)
|
|
echo "✅ Docker image built successfully"
|
|
|
|
- name: Deploy using Gitea Variables and Secrets
|
|
run: |
|
|
# Determine if this is staging or production
|
|
if [ "${{ github.ref }}" == "refs/heads/dev" ] || [ "${{ github.ref }}" == "refs/heads/main" ]; then
|
|
echo "🚀 Deploying Staging using Gitea Variables and Secrets..."
|
|
COMPOSE_FILE="docker-compose.staging.yml"
|
|
HEALTH_PORT="3002"
|
|
CONTAINER_NAME="portfolio-app-staging"
|
|
DEPLOY_ENV="staging"
|
|
else
|
|
echo "🚀 Deploying Production using Gitea Variables and Secrets..."
|
|
COMPOSE_FILE="docker-compose.production.yml"
|
|
HEALTH_PORT="3000"
|
|
CONTAINER_NAME="portfolio-app"
|
|
DEPLOY_ENV="production"
|
|
fi
|
|
|
|
echo "📝 Using Gitea Variables and Secrets:"
|
|
echo " - NODE_ENV: ${DEPLOY_ENV}"
|
|
echo " - LOG_LEVEL: ${LOG_LEVEL}"
|
|
echo " - NEXT_PUBLIC_BASE_URL: ${NEXT_PUBLIC_BASE_URL}"
|
|
echo " - MY_EMAIL: ${MY_EMAIL}"
|
|
echo " - MY_INFO_EMAIL: ${MY_INFO_EMAIL}"
|
|
echo " - MY_PASSWORD: [SET FROM GITEA SECRET]"
|
|
echo " - MY_INFO_PASSWORD: [SET FROM GITEA SECRET]"
|
|
echo " - ADMIN_BASIC_AUTH: [SET FROM GITEA SECRET]"
|
|
echo " - N8N_WEBHOOK_URL: ${N8N_WEBHOOK_URL:-}"
|
|
|
|
# Stop old containers (only for the environment being deployed)
|
|
echo "🛑 Stopping old ${DEPLOY_ENV} containers..."
|
|
docker compose -f $COMPOSE_FILE down || true
|
|
|
|
# Clean up orphaned containers
|
|
echo "🧹 Cleaning up orphaned ${DEPLOY_ENV} containers..."
|
|
docker compose -f $COMPOSE_FILE down --remove-orphans || true
|
|
|
|
# Start new containers
|
|
echo "🚀 Starting new ${DEPLOY_ENV} containers..."
|
|
docker compose -f $COMPOSE_FILE up -d --force-recreate
|
|
|
|
# Wait a moment for containers to start
|
|
echo "⏳ Waiting for ${DEPLOY_ENV} containers to start..."
|
|
sleep 15
|
|
|
|
# Check container logs for debugging
|
|
echo "📋 ${DEPLOY_ENV} container logs (first 30 lines):"
|
|
docker compose -f $COMPOSE_FILE logs --tail=30
|
|
|
|
echo "✅ ${DEPLOY_ENV} deployment completed!"
|
|
env:
|
|
NODE_ENV: ${{ vars.NODE_ENV || 'production' }}
|
|
LOG_LEVEL: ${{ vars.LOG_LEVEL || 'info' }}
|
|
NEXT_PUBLIC_BASE_URL: ${{ vars.NEXT_PUBLIC_BASE_URL }}
|
|
NEXT_PUBLIC_UMAMI_URL: ${{ vars.NEXT_PUBLIC_UMAMI_URL }}
|
|
NEXT_PUBLIC_UMAMI_WEBSITE_ID: ${{ vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
|
|
MY_EMAIL: ${{ vars.MY_EMAIL }}
|
|
MY_INFO_EMAIL: ${{ vars.MY_INFO_EMAIL }}
|
|
MY_PASSWORD: ${{ secrets.MY_PASSWORD }}
|
|
MY_INFO_PASSWORD: ${{ secrets.MY_INFO_PASSWORD }}
|
|
ADMIN_BASIC_AUTH: ${{ secrets.ADMIN_BASIC_AUTH }}
|
|
N8N_WEBHOOK_URL: ${{ vars.N8N_WEBHOOK_URL || '' }}
|
|
N8N_SECRET_TOKEN: ${{ secrets.N8N_SECRET_TOKEN || '' }}
|
|
|
|
- name: Wait for containers to be ready
|
|
run: |
|
|
# Determine environment
|
|
if [ "${{ github.ref }}" == "refs/heads/dev" ] || [ "${{ github.ref }}" == "refs/heads/main" ]; then
|
|
COMPOSE_FILE="docker-compose.staging.yml"
|
|
HEALTH_PORT="3002"
|
|
CONTAINER_NAME="portfolio-app-staging"
|
|
DEPLOY_ENV="staging"
|
|
else
|
|
COMPOSE_FILE="docker-compose.production.yml"
|
|
HEALTH_PORT="3000"
|
|
CONTAINER_NAME="portfolio-app"
|
|
DEPLOY_ENV="production"
|
|
fi
|
|
|
|
echo "⏳ Waiting for ${DEPLOY_ENV} containers to be ready..."
|
|
sleep 30
|
|
|
|
# Check if all containers are running
|
|
echo "📊 Checking ${DEPLOY_ENV} container status..."
|
|
docker compose -f $COMPOSE_FILE ps
|
|
|
|
# Wait for application container to be healthy
|
|
echo "🏥 Waiting for ${DEPLOY_ENV} application container to be healthy..."
|
|
for i in {1..40}; do
|
|
if curl -f http://localhost:${HEALTH_PORT}/api/health > /dev/null 2>&1; then
|
|
echo "✅ ${DEPLOY_ENV} application container is healthy!"
|
|
break
|
|
fi
|
|
echo "⏳ Waiting for ${DEPLOY_ENV} application container... ($i/40)"
|
|
sleep 3
|
|
done
|
|
|
|
# Additional wait for main page to be accessible
|
|
echo "🌐 Waiting for ${DEPLOY_ENV} main page to be accessible..."
|
|
for i in {1..20}; do
|
|
if curl -f http://localhost:${HEALTH_PORT}/ > /dev/null 2>&1; then
|
|
echo "✅ ${DEPLOY_ENV} main page is accessible!"
|
|
break
|
|
fi
|
|
echo "⏳ Waiting for ${DEPLOY_ENV} main page... ($i/20)"
|
|
sleep 2
|
|
done
|
|
|
|
- name: Health check
|
|
run: |
|
|
# Determine environment
|
|
if [ "${{ github.ref }}" == "refs/heads/dev" ] || [ "${{ github.ref }}" == "refs/heads/main" ]; then
|
|
COMPOSE_FILE="docker-compose.staging.yml"
|
|
HEALTH_PORT="3002"
|
|
CONTAINER_NAME="portfolio-app-staging"
|
|
DEPLOY_ENV="staging"
|
|
else
|
|
COMPOSE_FILE="docker-compose.production.yml"
|
|
HEALTH_PORT="3000"
|
|
CONTAINER_NAME="portfolio-app"
|
|
DEPLOY_ENV="production"
|
|
fi
|
|
|
|
echo "🔍 Running comprehensive ${DEPLOY_ENV} health checks..."
|
|
|
|
# Check container status
|
|
echo "📊 ${DEPLOY_ENV} container status:"
|
|
docker compose -f $COMPOSE_FILE ps
|
|
|
|
# Check application container
|
|
echo "🏥 Checking ${DEPLOY_ENV} application container..."
|
|
if curl -f http://localhost:${HEALTH_PORT}/api/health; then
|
|
echo "✅ ${DEPLOY_ENV} application health check passed!"
|
|
else
|
|
echo "⚠️ ${DEPLOY_ENV} application health check failed, but continuing..."
|
|
docker compose -f $COMPOSE_FILE logs --tail=50
|
|
# Don't exit 1 for staging, only for production
|
|
if [ "$DEPLOY_ENV" == "production" ]; then
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
# Check main page
|
|
if curl -f http://localhost:${HEALTH_PORT}/ > /dev/null; then
|
|
echo "✅ ${DEPLOY_ENV} main page is accessible!"
|
|
else
|
|
echo "⚠️ ${DEPLOY_ENV} main page check failed, but continuing..."
|
|
if [ "$DEPLOY_ENV" == "production" ]; then
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
echo "✅ ${DEPLOY_ENV} health checks completed!"
|
|
|
|
- name: Cleanup old images
|
|
run: |
|
|
echo "🧹 Cleaning up old images..."
|
|
docker image prune -f
|
|
docker system prune -f
|
|
echo "✅ Cleanup completed"
|