315 lines
11 KiB
YAML
315 lines
11 KiB
YAML
# name: Release pipeline
|
||
|
||
# on:
|
||
# workflow_dispatch:
|
||
|
||
# env:
|
||
# WEB_IMAGE_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web
|
||
# WORKER_IMAGE_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker
|
||
# PROJECT_DIR: /home/${{ secrets.USER }}/tatikoma
|
||
|
||
# jobs:
|
||
# build-and-push:
|
||
# runs-on: ubuntu-latest
|
||
|
||
# steps:
|
||
# - name: Checkout code
|
||
# uses: actions/checkout@v4
|
||
|
||
# - name: Set up Docker Buildx
|
||
# uses: docker/setup-buildx-action@v3
|
||
|
||
# - name: Log in to Docker Hub
|
||
# uses: docker/login-action@v3
|
||
# with:
|
||
# username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||
# password: ${{ secrets.DOCKERHUB_PASSWORD }}
|
||
|
||
# - name: Build and push tatikoma-web image
|
||
# uses: docker/build-push-action@v5
|
||
# with:
|
||
# context: .
|
||
# file: ./Dockerfile.web
|
||
# push: true
|
||
# tags: |
|
||
# ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web:latest
|
||
# cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web:latest
|
||
# cache-to: type=inline
|
||
|
||
# - name: Build and push tatikoma-worker image
|
||
# uses: docker/build-push-action@v5
|
||
# with:
|
||
# context: .
|
||
# file: ./Dockerfile.worker
|
||
# push: true
|
||
# tags: |
|
||
# ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker:latest
|
||
# cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker:latest
|
||
# cache-to: type=inline
|
||
|
||
# - name: Verify push
|
||
# run: |
|
||
# echo "Docker images successfully built and pushed to Docker Hub"
|
||
# echo "Images:"
|
||
# echo "- ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web:latest"
|
||
# echo "- ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker:latest"
|
||
|
||
# build-and-push-send-success-message:
|
||
# runs-on: ubuntu-latest
|
||
# needs: build-and-push
|
||
# if: success()
|
||
# steps:
|
||
# - name: Send success message
|
||
# uses: appleboy/telegram-action@master
|
||
# with:
|
||
# to: ${{ secrets.TELEGRAM_TO }}
|
||
# token: ${{ secrets.TELEGRAM_TOKEN }}
|
||
# format: markdown
|
||
# message: |
|
||
# *${{ github.workflow }}*
|
||
|
||
# ✅ New images pushed to Dockerhub 🐳
|
||
|
||
# Images:
|
||
# - `${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web:latest`
|
||
# - `${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker:latest`
|
||
|
||
# Status: Success
|
||
|
||
# build-and-push-send-failure-message:
|
||
# runs-on: ubuntu-latest
|
||
# needs: build-and-push
|
||
# if: failure()
|
||
# steps:
|
||
# - name: Send failure message
|
||
# uses: appleboy/telegram-action@master
|
||
# with:
|
||
# to: ${{ secrets.TELEGRAM_TO }}
|
||
# token: ${{ secrets.TELEGRAM_TOKEN }}
|
||
# format: markdown
|
||
# message: |
|
||
# *${{ github.workflow }}*
|
||
|
||
# ❌ Error creating and pushing docker images
|
||
|
||
# [View failed workflow](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})
|
||
|
||
# deploy:
|
||
# name: Deploy to server
|
||
# runs-on: ubuntu-latest
|
||
# needs: build-and-push
|
||
# if: success()
|
||
# outputs:
|
||
# container_status: ${{ steps.get_status.outputs.status }}
|
||
|
||
# steps:
|
||
# - name: Checkout code
|
||
# uses: actions/checkout@v4
|
||
|
||
# - name: Create project directory
|
||
# uses: appleboy/ssh-action@master
|
||
# with:
|
||
# host: ${{ secrets.HOST }}
|
||
# username: ${{ secrets.USER }}
|
||
# password: ${{ secrets.SSH_PASSWORD }}
|
||
# script: |
|
||
# set -e
|
||
# echo "Creating project directory..."
|
||
# mkdir -p tatikoma/liquibase
|
||
# mkdir -p tatikoma/liquibase/changelog
|
||
|
||
# - name: Copy project files
|
||
# shell: bash
|
||
# run: |
|
||
# # Копируем docker-compose.yml
|
||
# sshpass -p "${{ secrets.SSH_PASSWORD }}" scp -o StrictHostKeyChecking=no \
|
||
# docker-compose.yml \
|
||
# ${{ secrets.USER }}@${{ secrets.HOST }}:tatikoma/
|
||
|
||
# # Копируем liquibase файлы
|
||
# sshpass -p "${{ secrets.SSH_PASSWORD }}" scp -o StrictHostKeyChecking=no \
|
||
# -r ./liquibase/changelog/ \
|
||
# ${{ secrets.USER }}@${{ secrets.HOST }}:tatikoma/liquibase/
|
||
|
||
# # Копируем nginx конфиги
|
||
# sshpass -p "${{ secrets.SSH_PASSWORD }}" scp -o StrictHostKeyChecking=no \
|
||
# -r ./nginx/ \
|
||
# ${{ secrets.USER }}@${{ secrets.HOST }}:tatikoma/
|
||
|
||
# - name: Create or update environment file
|
||
# uses: appleboy/ssh-action@master
|
||
# with:
|
||
# host: ${{ secrets.HOST }}
|
||
# username: ${{ secrets.USER }}
|
||
# password: ${{ secrets.SSH_PASSWORD }}
|
||
# script: |
|
||
# set -e
|
||
# cd tatikoma
|
||
# rm -f .env
|
||
# touch .env
|
||
# echo "${{ secrets.ENV_FILE }}" >> .env
|
||
# echo "Environment file created/updated"
|
||
|
||
# - name: Prepare directories
|
||
# uses: appleboy/ssh-action@master
|
||
# with:
|
||
# host: ${{ secrets.HOST }}
|
||
# username: ${{ secrets.USER }}
|
||
# password: ${{ secrets.SSH_PASSWORD }}
|
||
# script: |
|
||
# set -e
|
||
# cd tatikoma
|
||
# mkdir -p {nginx/ssl,nginx/htpasswd,uptime-kuma-data}
|
||
|
||
# - name: Setup authentication
|
||
# uses: appleboy/ssh-action@master
|
||
# with:
|
||
# host: ${{ secrets.HOST }}
|
||
# username: ${{ secrets.USER }}
|
||
# password: ${{ secrets.SSH_PASSWORD }}
|
||
# script: |
|
||
# set -e
|
||
# cd tatikoma
|
||
|
||
# echo "Setting up authentication..."
|
||
|
||
# mkdir -p nginx/htpasswd
|
||
|
||
# if ! command -v htpasswd &> /dev/null; then
|
||
# echo "Installing apache2-utils..."
|
||
# apt-get update && apt-get install -y apache2-utils
|
||
# fi
|
||
|
||
# # Используем echo для передачи пароля через stdin
|
||
# # Это безопаснее, чем передавать как аргумент
|
||
# htpasswd -b -c nginx/htpasswd/.htpasswd "${{ secrets.UPTIME_KUMA_USER }}" "${{ secrets.UPTIME_KUMA_PASSWORD }}"
|
||
|
||
# echo "Authentication setup complete"
|
||
|
||
# - name: Setup SSL certificates (if not exists)
|
||
# uses: appleboy/ssh-action@master
|
||
# with:
|
||
# host: ${{ secrets.HOST }}
|
||
# username: ${{ secrets.USER }}
|
||
# password: ${{ secrets.SSH_PASSWORD }}
|
||
# script: |
|
||
# set -e
|
||
# cd tatikoma
|
||
|
||
# echo "Checking SSL certificates..."
|
||
# # Проверяем существование SSL сертификатов
|
||
# if [ ! -f "nginx/ssl/live/${{ secrets.HOST }}/privkey.pem" ]; then
|
||
# echo "ERROR: SSL certificates not found!"
|
||
# echo "Please generate SSL certificates manually first:"
|
||
# echo "mkdir -p nginx/ssl/live/${{ secrets.HOST }}/"
|
||
# echo "Then place privkey.pem and fullchain.pem in that directory"
|
||
# exit 1
|
||
# else
|
||
# echo "SSL certificates found, continuing..."
|
||
# fi
|
||
|
||
# - name: Log in to Docker Hub
|
||
# uses: docker/login-action@v3
|
||
# with:
|
||
# username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||
# password: ${{ secrets.DOCKERHUB_PASSWORD }}
|
||
|
||
# - name: Clean up old images and containers
|
||
# uses: appleboy/ssh-action@master
|
||
# with:
|
||
# host: ${{ secrets.HOST }}
|
||
# username: ${{ secrets.USER }}
|
||
# password: ${{ secrets.SSH_PASSWORD }}
|
||
# script: |
|
||
# set -e
|
||
# echo "Stopping and removing Tatikoma containers..."
|
||
# docker stop tatikoma_web tatikoma_liquibase tatikoma_worker tatikoma_nginx tatikoma_uptime_kuma 2>/dev/null || true
|
||
# docker rm tatikoma_web tatikoma_liquibase tatikoma_worker tatikoma_nginx tatikoma_uptime_kuma 2>/dev/null || true
|
||
|
||
# echo "Cleaning up old Docker images..."
|
||
# docker images lulufox/tatikoma-web --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}\t{{.CreatedAt}}" || true
|
||
# docker images lulufox/tatikoma-worker --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}\t{{.CreatedAt}}" || true
|
||
|
||
# docker rmi $(docker images lulufox/tatikoma-web -q) 2>/dev/null || true
|
||
# docker rmi $(docker images lulufox/tatikoma-worker -q) 2>/dev/null || true
|
||
|
||
# docker image prune -f
|
||
|
||
# - name: Pull latest images
|
||
# uses: appleboy/ssh-action@master
|
||
# with:
|
||
# host: ${{ secrets.HOST }}
|
||
# username: ${{ secrets.USER }}
|
||
# password: ${{ secrets.SSH_PASSWORD }}
|
||
# script: |
|
||
# set -e
|
||
# echo "Pulling latest Docker images..."
|
||
# docker pull lulufox/tatikoma-web:latest
|
||
# docker pull lulufox/tatikoma-worker:latest
|
||
|
||
# - name: Run migrations
|
||
# uses: appleboy/ssh-action@master
|
||
# with:
|
||
# host: ${{ secrets.HOST }}
|
||
# username: ${{ secrets.USER }}
|
||
# password: ${{ secrets.SSH_PASSWORD }}
|
||
# script: |
|
||
# set -e
|
||
# cd tatikoma
|
||
# echo "Running migrations..."
|
||
# docker compose up -d liquibase
|
||
|
||
# - name: Start application services
|
||
# uses: appleboy/ssh-action@master
|
||
# with:
|
||
# host: ${{ secrets.HOST }}
|
||
# username: ${{ secrets.USER }}
|
||
# password: ${{ secrets.SSH_PASSWORD }}
|
||
# script: |
|
||
# set -e
|
||
# cd tatikoma
|
||
# echo "Starting all services..."
|
||
# docker compose up -d
|
||
|
||
# echo "Waiting for services to start..."
|
||
# sleep 30
|
||
|
||
# echo "Current Tatikoma containers status:"
|
||
# docker ps --filter "name=tatikoma" --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
|
||
|
||
# echo "Nginx configuration test:"
|
||
# docker exec tatikoma_nginx nginx -t || true
|
||
|
||
# - name: Get container status
|
||
# id: get_status
|
||
# run: |
|
||
# sleep 15
|
||
# status=$(sshpass -p "${{ secrets.SSH_PASSWORD }}" ssh -o StrictHostKeyChecking=no \
|
||
# ${{ secrets.USER }}@${{ secrets.HOST }} \
|
||
# "docker ps -a --filter "name=tatikoma" --format 'table {{.Names}}\t{{.Status}}'")
|
||
# echo "status<<EOF" >> $GITHUB_OUTPUT
|
||
# echo "$status" >> $GITHUB_OUTPUT
|
||
# echo "EOF" >> $GITHUB_OUTPUT
|
||
|
||
# send_message:
|
||
# runs-on: ubuntu-latest
|
||
# needs: deploy
|
||
# if: always()
|
||
# steps:
|
||
# - name: send message
|
||
# uses: appleboy/telegram-action@master
|
||
# with:
|
||
# to: ${{ secrets.TELEGRAM_TO }}
|
||
# token: ${{ secrets.TELEGRAM_TOKEN }}
|
||
# format: markdown
|
||
# message: |
|
||
# *${{ github.workflow }}*
|
||
# Репозиторий: \`${{ github.repository }}\`
|
||
|
||
# Статус контейнеров:
|
||
# ```
|
||
# ${{ needs.deploy.outputs.container_status || 'Не удалось получить статус' }}
|
||
# ```
|
||
|
||
# Uptime Kuma доступен по: https://${{ secrets.HOST }}
|