release
This commit is contained in:
Michał Zieliński
@@ -1,7 +1,7 @@
|
|||||||
name: Release Morska (latest successful build)
|
name: Release Morska (latest successful build)
|
||||||
|
|
||||||
on:
|
on:
|
||||||
workflow_dispatch: {} # ręczny trigger
|
workflow_dispatch: {}
|
||||||
|
|
||||||
env:
|
env:
|
||||||
DEPLOY_HOST: "bim-it.pl"
|
DEPLOY_HOST: "bim-it.pl"
|
||||||
@@ -14,76 +14,76 @@ env:
|
|||||||
jobs:
|
jobs:
|
||||||
release:
|
release:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout (for completeness)
|
- name: Checkout (for completeness)
|
||||||
uses: https://github.com/actions/checkout@v4
|
uses: https://github.com/actions/checkout@v4
|
||||||
|
|
||||||
- name: Install tools
|
- name: Install tools
|
||||||
run: |
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
apt-get update -y
|
apt-get update -y
|
||||||
apt-get install -y jq unzip zip openssh-client
|
apt-get install -y jq unzip zip openssh-client
|
||||||
|
|
||||||
- name: Resolve repo/env
|
- name: Resolve repo/env
|
||||||
id: repo
|
id: repo
|
||||||
env:
|
env:
|
||||||
GITEA_SERVER_URL: ${{ github.server_url }} # np. https://code.bim-it.pl
|
|
||||||
GITHUB_REPOSITORY: ${{ github.repository }} # owner/repo
|
GITHUB_REPOSITORY: ${{ github.repository }} # owner/repo
|
||||||
|
API_BASE: ${{ env.API_BASE }}
|
||||||
run: |
|
run: |
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
OWNER="${GITHUB_REPOSITORY%%/*}"
|
OWNER="${GITHUB_REPOSITORY%%/*}"
|
||||||
REPO="${GITHUB_REPOSITORY##*/}"
|
REPO="${GITHUB_REPOSITORY##*/}"
|
||||||
echo "owner=$OWNER" >> $GITHUB_OUTPUT
|
echo "owner=$OWNER" >> $GITHUB_OUTPUT
|
||||||
echo "repo=$REPO" >> $GITHUB_OUTPUT
|
echo "repo=$REPO" >> $GITHUB_OUTPUT
|
||||||
echo "api=${GITEA_SERVER_URL%/}/api/v1" >> $GITHUB_OUTPUT
|
echo "api=$API_BASE" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
- name: Probe API & auth
|
- name: Probe API & auth
|
||||||
env:
|
|
||||||
API: ${{ steps.repo.outputs.api }}
|
|
||||||
OWNER: ${{ steps.repo.outputs.owner }}
|
|
||||||
REPO: ${{ steps.repo.outputs.repo }}
|
|
||||||
TOKEN: ${{ secrets.GITEATOKEN }}
|
|
||||||
run: |
|
|
||||||
set -euo pipefail
|
|
||||||
echo "Probing: $API/repos/$OWNER/$REPO"
|
|
||||||
curl -sfSL -H "Authorization: token $TOKEN" "$API/repos/$OWNER/$REPO" >/dev/null
|
|
||||||
echo "OK"
|
|
||||||
|
|
||||||
- name: Pick latest successful build (main)
|
|
||||||
id: pick
|
|
||||||
env:
|
|
||||||
API: ${{ steps.repo.outputs.api }}
|
|
||||||
OWNER: ${{ steps.repo.outputs.owner }}
|
|
||||||
REPO: ${{ steps.repo.outputs.repo }}
|
|
||||||
TOKEN: ${{ secrets.GITEATOKEN }}
|
|
||||||
run: |
|
|
||||||
set -euo pipefail
|
|
||||||
URL="$API/repos/$OWNER/$REPO/actions/runs?status=success&branch=main&per_page=20"
|
|
||||||
echo "GET $URL"
|
|
||||||
RESP="$(curl -sfSL -H "Authorization: token $TOKEN" "$URL")"
|
|
||||||
echo "$RESP" | jq -e '.workflow_runs' >/dev/null
|
|
||||||
|
|
||||||
RUN_ID="$(echo "$RESP" | jq -r '
|
|
||||||
.workflow_runs
|
|
||||||
| map(select(
|
|
||||||
(.head_branch=="main")
|
|
||||||
and (.status=="completed")
|
|
||||||
and (.conclusion=="success")
|
|
||||||
and (
|
|
||||||
(.path? // .workflow_path? // .workflow?.path? // "")
|
|
||||||
| test("(\\.gitea|\\.github)/workflows/build\\.yml$")
|
|
||||||
)
|
|
||||||
))
|
|
||||||
| sort_by(.run_number) | reverse | .[0].id // empty
|
|
||||||
')"
|
|
||||||
test -n "$RUN_ID" && echo "run_id=$RUN_ID" >> $GITHUB_OUTPUT || { echo "No successful build found"; exit 1; }
|
|
||||||
|
|
||||||
- name: Download artifacts (frontend, webapi)
|
|
||||||
env:
|
env:
|
||||||
API: ${{ steps.repo.outputs.api }}
|
API: ${{ steps.repo.outputs.api }}
|
||||||
OWNER: ${{ steps.repo.outputs.owner }}
|
OWNER: ${{ steps.repo.outputs.owner }}
|
||||||
REPO: ${{ steps.repo.outputs.repo }}
|
REPO: ${{ steps.repo.outputs.repo }}
|
||||||
TOKEN: ${{ secrets.GITEA_TOKEN }}
|
TOKEN: ${{ secrets.GITEATOKEN }}
|
||||||
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
|
echo "Probing: $API/repos/$OWNER/$REPO"
|
||||||
|
curl -sfSL -H "Authorization: token $TOKEN" "$API/repos/$OWNER/$REPO" >/dev/null
|
||||||
|
echo "OK"
|
||||||
|
|
||||||
|
- name: Pick latest successful build (main)
|
||||||
|
id: pick
|
||||||
|
env:
|
||||||
|
API: ${{ steps.repo.outputs.api }}
|
||||||
|
OWNER: ${{ steps.repo.outputs.owner }}
|
||||||
|
REPO: ${{ steps.repo.outputs.repo }}
|
||||||
|
TOKEN: ${{ secrets.GITEATOKEN }}
|
||||||
|
BUILD_PATH: ${{ env.BUILD_WORKFLOW_PATH }}
|
||||||
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
|
URL="$API/repos/$OWNER/$REPO/actions/runs?status=success&branch=main&per_page=20"
|
||||||
|
echo "GET $URL"
|
||||||
|
RESP="$(curl -sfSL -H "Authorization: token $TOKEN" "$URL")"
|
||||||
|
echo "$RESP" | jq -e '.workflow_runs' >/dev/null
|
||||||
|
RUN_ID="$(echo "$RESP" | jq -r --arg p "$BUILD_PATH" '
|
||||||
|
.workflow_runs
|
||||||
|
| map(select(
|
||||||
|
(.head_branch=="main")
|
||||||
|
and (.status=="completed")
|
||||||
|
and (.conclusion=="success")
|
||||||
|
and (
|
||||||
|
(.path? // .workflow_path? // .workflow?.path? // "")
|
||||||
|
| test($p + "$")
|
||||||
|
)
|
||||||
|
))
|
||||||
|
| sort_by(.run_number) | reverse | .[0].id // empty
|
||||||
|
')"
|
||||||
|
test -n "$RUN_ID" && echo "run_id=$RUN_ID" >> $GITHUB_OUTPUT || { echo "No successful build found"; exit 1; }
|
||||||
|
|
||||||
|
- name: Download artifacts (frontend, webapi)
|
||||||
|
env:
|
||||||
|
API: ${{ steps.repo.outputs.api }}
|
||||||
|
OWNER: ${{ steps.repo.outputs.owner }}
|
||||||
|
REPO: ${{ steps.repo.outputs.repo }}
|
||||||
|
TOKEN: ${{ secrets.GITEATOKEN }}
|
||||||
RUN_ID: ${{ steps.pick.outputs.run_id }}
|
RUN_ID: ${{ steps.pick.outputs.run_id }}
|
||||||
run: |
|
run: |
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
@@ -109,13 +109,15 @@ jobs:
|
|||||||
(cd webapi && zip -r ../DiunaBI-Morska-WebApi.zip .)
|
(cd webapi && zip -r ../DiunaBI-Morska-WebApi.zip .)
|
||||||
ls -la release
|
ls -la release
|
||||||
|
|
||||||
- name: Prepare known_hosts
|
- name: Prepare known_hosts
|
||||||
run: |
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
mkdir -p ~/.ssh
|
mkdir -p ~/.ssh
|
||||||
ssh-keyscan -H "${{ env.DEPLOY_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true
|
ssh-keyscan -H "${{ env.DEPLOY_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||||
|
|
||||||
- name: Send artifacts to PROD
|
- name: Send artifacts to PROD
|
||||||
run: |
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
|
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
|
||||||
./release/DiunaBI-Morska-Frontend.zip \
|
./release/DiunaBI-Morska-Frontend.zip \
|
||||||
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
|
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
|
||||||
@@ -123,8 +125,9 @@ jobs:
|
|||||||
./release/DiunaBI-Morska-WebApi.zip \
|
./release/DiunaBI-Morska-WebApi.zip \
|
||||||
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
|
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
|
||||||
|
|
||||||
- name: Run remote deploy script
|
- name: Run remote deploy script
|
||||||
run: |
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
ssh -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
|
ssh -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
|
||||||
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}" << 'EOF'
|
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}" << 'EOF'
|
||||||
./deployment/DiunaBI-Morska.Release.sh
|
./deployment/DiunaBI-Morska.Release.sh
|
||||||
|
|||||||
Reference in New Issue
Block a user