name: Release Docker Images on: workflow_dispatch: {} jobs: release: runs-on: ubuntu-latest steps: - name: Checkout code uses: https://github.com/actions/checkout@v4 - name: Setup Node.js uses: https://github.com/actions/setup-node@v4 with: node-version: 20 - name: Log in to Gitea Container Registry run: | echo "${{ secrets.REGISTRY_TOKEN }}" | docker login code.bim-it.pl -u "${{ secrets.REGISTRY_USER }}" --password-stdin - name: Pull latest build artifacts (images) run: | echo "Pulling latest build images..." docker pull code.bim-it.pl/mz/bimai-api:latest docker pull code.bim-it.pl/mz/bimai-ui:latest - name: Extract appsettings from images run: | mkdir -p artifacts/api artifacts/ui # Extract from API image docker create --name temp-api code.bim-it.pl/mz/bimai-api:latest docker cp temp-api:/app/appsettings.Production.json artifacts/api/ docker rm temp-api # Extract from UI image docker create --name temp-ui code.bim-it.pl/mz/bimai-ui:latest docker cp temp-ui:/app/appsettings.Production.json artifacts/ui/ docker rm temp-ui - name: Show extracted configs (before tokenization) run: | echo "::group::API appsettings.Production.json (with placeholders)" cat artifacts/api/appsettings.Production.json echo "::endgroup::" echo "::group::UI appsettings.Production.json (with placeholders)" cat artifacts/ui/appsettings.Production.json echo "::endgroup::" - name: Tokenize appsettings env: SECRETS: ${{ toJson(secrets) }} VARIABLES: ${{ toJson(vars) }} RUN_ID: ${{ github.run_id }} run: | node .gitea/scripts/replaceTokens.js - name: Show tokenized configs (after tokenization) run: | echo "::group::API appsettings.Production.json (tokenized, passwords hidden)" cat artifacts/api/appsettings.Production.json | sed 's/Password=[^;]*/Password=***/g' | sed 's/"SecretKey":"[^"]*"/"SecretKey":"***"/g' echo "::endgroup::" echo "::group::UI appsettings.Production.json (tokenized)" cat artifacts/ui/appsettings.Production.json echo "::endgroup::" - name: Rebuild images with tokenized configs run: | # API cat > Dockerfile.release.api <<'EOF' FROM code.bim-it.pl/mz/bimai-api:latest LABEL org.opencontainers.image.source=https://code.bim-it.pl/mz/BimAI COPY artifacts/api/appsettings.Production.json /app/ EOF docker build -f Dockerfile.release.api \ -t code.bim-it.pl/mz/bimai-api:prod \ -t code.bim-it.pl/mz/bimai-api:release-${{ github.run_id }} \ . # UI cat > Dockerfile.release.ui <<'EOF' FROM code.bim-it.pl/mz/bimai-ui:latest LABEL org.opencontainers.image.source=https://code.bim-it.pl/mz/BimAI COPY artifacts/ui/appsettings.Production.json /app/ EOF docker build -f Dockerfile.release.ui \ -t code.bim-it.pl/mz/bimai-ui:prod \ -t code.bim-it.pl/mz/bimai-ui:release-${{ github.run_id }} \ . - name: Push final images run: | docker push code.bim-it.pl/mz/bimai-api:prod docker push code.bim-it.pl/mz/bimai-api:release-${{ github.run_id }} docker push code.bim-it.pl/mz/bimai-ui:prod docker push code.bim-it.pl/mz/bimai-ui:release-${{ github.run_id }} - name: Output release info run: | echo "## Docker Images Released" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "**Release ID:** ${{ github.run_id }}" >> $GITHUB_STEP_SUMMARY echo "**Commit:** ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "### 🚀 Production images ready to deploy:" >> $GITHUB_STEP_SUMMARY echo '```bash' >> $GITHUB_STEP_SUMMARY echo "# Production (latest release)" >> $GITHUB_STEP_SUMMARY echo "docker pull code.bim-it.pl/mz/bimai-api:prod" >> $GITHUB_STEP_SUMMARY echo "docker pull code.bim-it.pl/mz/bimai-ui:prod" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "# Specific release (for rollback)" >> $GITHUB_STEP_SUMMARY echo "docker pull code.bim-it.pl/mz/bimai-api:release-${{ github.run_id }}" >> $GITHUB_STEP_SUMMARY echo "docker pull code.bim-it.pl/mz/bimai-ui:release-${{ github.run_id }}" >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY