mz/DiunaBI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

morska release
Some checks failed
BuildApp / build-frontend (push) Successful in 58s
Details
BuildApp / build-backend (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Michał Zieliński
2025-09-12 11:27:08 +02:00
parent 4341866dcc
commit cc5ffca3aa
1 changed files with 104 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

194
.gitea/workflows/morskaRelease.yml
View File

@@ -1,7 +1,7 @@
name: Release Morska (latest successful build) name: Release Morska (latest successful build)
on: on:
workflow_dispatch: {} # ręczny trigger workflow_dispatch: { } # ręczny trigger
env: env:
DEPLOY_HOST: "bim-it.pl" DEPLOY_HOST: "bim-it.pl"
@@ -9,6 +9,7 @@ env:
DEPLOY_PATH: "./deployment/" DEPLOY_PATH: "./deployment/"
SSH_KEYFILE: "/ci-keys/morska" SSH_KEYFILE: "/ci-keys/morska"
BUILD_WORKFLOW_PATH: ".gitea/workflows/build.yml" BUILD_WORKFLOW_PATH: ".gitea/workflows/build.yml"
API_BASE: "https://code.bim-it.pl/api/v1"
jobs: jobs:
release: release:
@@ -23,94 +24,107 @@ jobs:
apt-get update -y apt-get update -y
apt-get install -y jq unzip zip openssh-client apt-get install -y jq unzip zip openssh-client
- name: Resolve repo/env - name: Resolve repo/env
id: repo id: repo
env: env:
GITEA_SERVER_URL: ${{ github.server_url }} # np. https://code.bim-it.pl GITHUB_REPOSITORY: ${{ github.repository }} # owner/repo
GITHUB_REPOSITORY: ${{ github.repository }} # owner/repo API_BASE: ${{ env.API_BASE }}
run: | run: |
set -euo pipefail set -euo pipefail
OWNER="${GITHUB_REPOSITORY%%/*}" OWNER="${GITHUB_REPOSITORY%%/*}"
REPO="${GITHUB_REPOSITORY##*/}" REPO="${GITHUB_REPOSITORY##*/}"
echo "owner=$OWNER" >> $GITHUB_OUTPUT echo "owner=$OWNER" >> $GITHUB_OUTPUT
echo "repo=$REPO" >> $GITHUB_OUTPUT echo "repo=$REPO" >> $GITHUB_OUTPUT
echo "api=${GITEA_SERVER_URL%/}/api/v1" >> $GITHUB_OUTPUT echo "api=$API_BASE" >> $GITHUB_OUTPUT
- name: Pick latest successful build (main) - name: Probe API & auth
id: pick env:
env: API: ${{ steps.repo.outputs.api }}
API: ${{ steps.repo.outputs.api }} OWNER: ${{ steps.repo.outputs.owner }}
OWNER: ${{ steps.repo.outputs.owner }} REPO: ${{ steps.repo.outputs.repo }}
REPO: ${{ steps.repo.outputs.repo }} TOKEN: ${{ secrets.GITEATOKEN }}
TOKEN: ${{ secrets.GITEATOKEN }} # PAT z odczytem Actions/artefaktów w tym repo run: |
BUILD_PATH: ${{ env.BUILD_WORKFLOW_PATH }} set -euo pipefail
run: | echo "Probing: $API/repos/$OWNER/$REPO"
set -euo pipefail curl -sfSL -H "Authorization: token $TOKEN" "$API/repos/$OWNER/$REPO" >/dev/null
RESP="$(curl -sfSL -H "Authorization: token $TOKEN" \ echo "OK"
"$API/repos/$OWNER/$REPO/actions/runs?status=success&branch=main&per_page=20")"
RUN_ID="$(echo "$RESP" | jq -r --arg p "$BUILD_PATH" '
.workflow_runs
| map(select(
(.head_branch=="main")
and (.status=="completed")
and (.conclusion=="success")
and (
(.path? // .workflow_path? // .workflow?.path? // "")
| test($p + "$")
)
))
| sort_by(.run_number) | reverse | .[0].id // empty
')"
test -n "$RUN_ID" && echo "run_id=$RUN_ID" >> $GITHUB_OUTPUT || { echo "No successful build found"; exit 1; }
- name: Download artifacts (frontend, webapi) - name: Pick latest successful build (main)
env: id: pick
API: ${{ steps.repo.outputs.api }} env:
OWNER: ${{ steps.repo.outputs.owner }} API: ${{ steps.repo.outputs.api }}
REPO: ${{ steps.repo.outputs.repo }} OWNER: ${{ steps.repo.outputs.owner }}
TOKEN: ${{ secrets.GITEA_TOKEN }} REPO: ${{ steps.repo.outputs.repo }}
RUN_ID: ${{ steps.pick.outputs.run_id }} TOKEN: ${{ secrets.GITEATOKEN }}
run: | run: |
set -euo pipefail set -euo pipefail
mkdir -p release URL="$API/repos/$OWNER/$REPO/actions/runs?status=success&branch=main&per_page=20"
LIST="$(curl -sfSL -H "Authorization: token $TOKEN" \ echo "GET $URL"
"$API/repos/$OWNER/$REPO/actions/runs/$RUN_ID/artifacts")" RESP="$(curl -sfSL -H "Authorization: token $TOKEN" "$URL")"
echo "Artifacts:"; echo "$LIST" | jq -r '.artifacts[]?.name' echo "$RESP" | jq -e '.workflow_runs' >/dev/null
download_artifact () { RUN_ID="$(echo "$RESP" | jq -r '
local NAME="$1" .workflow_runs
local URL | map(select(
URL="$(echo "$LIST" | jq -r --arg n "$NAME" ' (.head_branch=="main")
(.artifacts // []) | map(select(.name==$n)) | .[0].archive_download_url // .[0].url // empty and (.status=="completed")
')" and (.conclusion=="success")
[ -n "$URL" ] && [ "$URL" != "null" ] || { echo "Artifact $NAME not found"; exit 1; } and (
curl -sfSL -H "Authorization: token $TOKEN" -o "$NAME.zip" "$URL" (.path? // .workflow_path? // .workflow?.path? // "")
unzip -o "$NAME.zip" -d "./$NAME" | test("(\\.gitea|\\.github)/workflows/build\\.yml$")
} )
))
download_artifact frontend | sort_by(.run_number) | reverse | .[0].id // empty
download_artifact webapi ')"
(cd frontend && zip -r ../DiunaBI-Morska-Frontend.zip .) test -n "$RUN_ID" && echo "run_id=$RUN_ID" >> $GITHUB_OUTPUT || { echo "No successful build found"; exit 1; }
(cd webapi && zip -r ../DiunaBI-Morska-WebApi.zip .) - name: Download artifacts (frontend, webapi)
ls -la release env:
API: ${{ steps.repo.outputs.api }}
- name: Prepare known_hosts OWNER: ${{ steps.repo.outputs.owner }}
run: | REPO: ${{ steps.repo.outputs.repo }}
mkdir -p ~/.ssh TOKEN: ${{ secrets.GITEA_TOKEN }}
ssh-keyscan -H "${{ env.DEPLOY_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true RUN_ID: ${{ steps.pick.outputs.run_id }}
run: |
- name: Send artifacts to PROD set -euo pipefail
run: | mkdir -p release
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \ LIST="$(curl -sfSL -H "Authorization: token $TOKEN" \
./release/DiunaBI-Morska-Frontend.zip \ "$API/repos/$OWNER/$REPO/actions/runs/$RUN_ID/artifacts")"
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}" echo "Artifacts:"; echo "$LIST" | jq -r '.artifacts[]?.name'
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
./release/DiunaBI-Morska-WebApi.zip \ download_artifact () {
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}" local NAME="$1"
local URL
- name: Run remote deploy script URL="$(echo "$LIST" | jq -r --arg n "$NAME" '
run: | (.artifacts // []) | map(select(.name==$n)) | .[0].archive_download_url // .[0].url // empty
ssh -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \ ')"
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}" << 'EOF' [ -n "$URL" ] && [ "$URL" != "null" ] || { echo "Artifact $NAME not found"; exit 1; }
./deployment/DiunaBI-Morska.Release.sh curl -sfSL -H "Authorization: token $TOKEN" -o "$NAME.zip" "$URL"
EOF unzip -o "$NAME.zip" -d "./$NAME"
}
download_artifact frontend
download_artifact webapi
(cd frontend && zip -r ../DiunaBI-Morska-Frontend.zip .)
(cd webapi && zip -r ../DiunaBI-Morska-WebApi.zip .)
ls -la release
- name: Prepare known_hosts
run: |
mkdir -p ~/.ssh
ssh-keyscan -H "${{ env.DEPLOY_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true
- name: Send artifacts to PROD
run: |
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
./release/DiunaBI-Morska-Frontend.zip \
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
./release/DiunaBI-Morska-WebApi.zip \
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
- name: Run remote deploy script
run: |
ssh -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}" << 'EOF'
./deployment/DiunaBI-Morska.Release.sh
EOF