mz/DiunaBI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

morska release
Some checks failed
BuildApp / build-frontend (push) Successful in 58s
Details
BuildApp / build-backend (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Michał Zieliński
2025-09-12 11:27:08 +02:00
parent 4341866dcc
commit cc5ffca3aa
1 changed files with 104 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

194
.gitea/workflows/morskaRelease.yml
View File

@@ -1,7 +1,7 @@
name: Release Morska (latest successful build)
on:
workflow_dispatch: {} # ręczny trigger
workflow_dispatch: { } # ręczny trigger
env:
DEPLOY_HOST: "bim-it.pl"
@@ -9,6 +9,7 @@ env:
DEPLOY_PATH: "./deployment/"
SSH_KEYFILE: "/ci-keys/morska"
BUILD_WORKFLOW_PATH: ".gitea/workflows/build.yml"
API_BASE: "https://code.bim-it.pl/api/v1"
jobs:
release:
@@ -23,94 +24,107 @@ jobs:
apt-get update -y
apt-get install -y jq unzip zip openssh-client
- name: Resolve repo/env
id: repo
env:
GITEA_SERVER_URL: ${{ github.server_url }} # np. https://code.bim-it.pl
GITHUB_REPOSITORY: ${{ github.repository }} # owner/repo
run: |
set -euo pipefail
OWNER="${GITHUB_REPOSITORY%%/*}"
REPO="${GITHUB_REPOSITORY##*/}"
echo "owner=$OWNER" >> $GITHUB_OUTPUT
echo "repo=$REPO" >> $GITHUB_OUTPUT
echo "api=${GITEA_SERVER_URL%/}/api/v1" >> $GITHUB_OUTPUT
- name: Resolve repo/env
id: repo
env:
GITHUB_REPOSITORY: ${{ github.repository }} # owner/repo
API_BASE: ${{ env.API_BASE }}
run: |
set -euo pipefail
OWNER="${GITHUB_REPOSITORY%%/*}"
REPO="${GITHUB_REPOSITORY##*/}"
echo "owner=$OWNER" >> $GITHUB_OUTPUT
echo "repo=$REPO" >> $GITHUB_OUTPUT
echo "api=$API_BASE" >> $GITHUB_OUTPUT
- name: Pick latest successful build (main)
id: pick
env:
API: ${{ steps.repo.outputs.api }}
OWNER: ${{ steps.repo.outputs.owner }}
REPO: ${{ steps.repo.outputs.repo }}
TOKEN: ${{ secrets.GITEATOKEN }} # PAT z odczytem Actions/artefaktów w tym repo
BUILD_PATH: ${{ env.BUILD_WORKFLOW_PATH }}
run: |
set -euo pipefail
RESP="$(curl -sfSL -H "Authorization: token $TOKEN" \
"$API/repos/$OWNER/$REPO/actions/runs?status=success&branch=main&per_page=20")"
RUN_ID="$(echo "$RESP" | jq -r --arg p "$BUILD_PATH" '
.workflow_runs
| map(select(
(.head_branch=="main")
and (.status=="completed")
and (.conclusion=="success")
and (
(.path? // .workflow_path? // .workflow?.path? // "")
| test($p + "$")
)
))
| sort_by(.run_number) | reverse | .[0].id // empty
')"
test -n "$RUN_ID" && echo "run_id=$RUN_ID" >> $GITHUB_OUTPUT || { echo "No successful build found"; exit 1; }
- name: Probe API & auth
env:
API: ${{ steps.repo.outputs.api }}
OWNER: ${{ steps.repo.outputs.owner }}
REPO: ${{ steps.repo.outputs.repo }}
TOKEN: ${{ secrets.GITEATOKEN }}
run: |
set -euo pipefail
echo "Probing: $API/repos/$OWNER/$REPO"
curl -sfSL -H "Authorization: token $TOKEN" "$API/repos/$OWNER/$REPO" >/dev/null
echo "OK"
- name: Download artifacts (frontend, webapi)
env:
API: ${{ steps.repo.outputs.api }}
OWNER: ${{ steps.repo.outputs.owner }}
REPO: ${{ steps.repo.outputs.repo }}
TOKEN: ${{ secrets.GITEA_TOKEN }}
RUN_ID: ${{ steps.pick.outputs.run_id }}
run: |
set -euo pipefail
mkdir -p release
LIST="$(curl -sfSL -H "Authorization: token $TOKEN" \
"$API/repos/$OWNER/$REPO/actions/runs/$RUN_ID/artifacts")"
echo "Artifacts:"; echo "$LIST" | jq -r '.artifacts[]?.name'
download_artifact () {
local NAME="$1"
local URL
URL="$(echo "$LIST" | jq -r --arg n "$NAME" '
(.artifacts // []) | map(select(.name==$n)) | .[0].archive_download_url // .[0].url // empty
')"
[ -n "$URL" ] && [ "$URL" != "null" ] || { echo "Artifact $NAME not found"; exit 1; }
curl -sfSL -H "Authorization: token $TOKEN" -o "$NAME.zip" "$URL"
unzip -o "$NAME.zip" -d "./$NAME"
}
download_artifact frontend
download_artifact webapi
(cd frontend && zip -r ../DiunaBI-Morska-Frontend.zip .)
(cd webapi && zip -r ../DiunaBI-Morska-WebApi.zip .)
ls -la release
- name: Prepare known_hosts
run: |
mkdir -p ~/.ssh
ssh-keyscan -H "${{ env.DEPLOY_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true
- name: Send artifacts to PROD
run: |
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
./release/DiunaBI-Morska-Frontend.zip \
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
./release/DiunaBI-Morska-WebApi.zip \
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
- name: Run remote deploy script
run: |
ssh -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}" << 'EOF'
./deployment/DiunaBI-Morska.Release.sh
EOF
- name: Pick latest successful build (main)
id: pick
env:
API: ${{ steps.repo.outputs.api }}
OWNER: ${{ steps.repo.outputs.owner }}
REPO: ${{ steps.repo.outputs.repo }}
TOKEN: ${{ secrets.GITEATOKEN }}
run: |
set -euo pipefail
URL="$API/repos/$OWNER/$REPO/actions/runs?status=success&branch=main&per_page=20"
echo "GET $URL"
RESP="$(curl -sfSL -H "Authorization: token $TOKEN" "$URL")"
echo "$RESP" | jq -e '.workflow_runs' >/dev/null
RUN_ID="$(echo "$RESP" | jq -r '
.workflow_runs
| map(select(
(.head_branch=="main")
and (.status=="completed")
and (.conclusion=="success")
and (
(.path? // .workflow_path? // .workflow?.path? // "")
| test("(\\.gitea|\\.github)/workflows/build\\.yml$")
)
))
| sort_by(.run_number) | reverse | .[0].id // empty
')"
test -n "$RUN_ID" && echo "run_id=$RUN_ID" >> $GITHUB_OUTPUT || { echo "No successful build found"; exit 1; }
- name: Download artifacts (frontend, webapi)
env:
API: ${{ steps.repo.outputs.api }}
OWNER: ${{ steps.repo.outputs.owner }}
REPO: ${{ steps.repo.outputs.repo }}
TOKEN: ${{ secrets.GITEA_TOKEN }}
RUN_ID: ${{ steps.pick.outputs.run_id }}
run: |
set -euo pipefail
mkdir -p release
LIST="$(curl -sfSL -H "Authorization: token $TOKEN" \
"$API/repos/$OWNER/$REPO/actions/runs/$RUN_ID/artifacts")"
echo "Artifacts:"; echo "$LIST" | jq -r '.artifacts[]?.name'
download_artifact () {
local NAME="$1"
local URL
URL="$(echo "$LIST" | jq -r --arg n "$NAME" '
(.artifacts // []) | map(select(.name==$n)) | .[0].archive_download_url // .[0].url // empty
')"
[ -n "$URL" ] && [ "$URL" != "null" ] || { echo "Artifact $NAME not found"; exit 1; }
curl -sfSL -H "Authorization: token $TOKEN" -o "$NAME.zip" "$URL"
unzip -o "$NAME.zip" -d "./$NAME"
}
download_artifact frontend
download_artifact webapi
(cd frontend && zip -r ../DiunaBI-Morska-Frontend.zip .)
(cd webapi && zip -r ../DiunaBI-Morska-WebApi.zip .)
ls -la release
- name: Prepare known_hosts
run: |
mkdir -p ~/.ssh
ssh-keyscan -H "${{ env.DEPLOY_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true
- name: Send artifacts to PROD
run: |
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
./release/DiunaBI-Morska-Frontend.zip \
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
./release/DiunaBI-Morska-WebApi.zip \
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
- name: Run remote deploy script
run: |
ssh -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}" << 'EOF'
./deployment/DiunaBI-Morska.Release.sh
EOF