morska release
This commit is contained in:
Michał Zieliński
@@ -1,39 +1,117 @@
|
||||
release:
|
||||
if: github.event_name != 'pull_request'
|
||||
needs: [build-frontend, build-backend]
|
||||
name: Release Morska (latest successful build)
|
||||
|
||||
on:
|
||||
workflow_dispatch: {} # ręczny trigger
|
||||
|
||||
env:
|
||||
# STAŁE DLA TEGO ŚRODOWISKA
|
||||
DEPLOY_HOST: "bim-it.pl"
|
||||
DEPLOY_USER: "mz"
|
||||
DEPLOY_PATH: "./deployment/"
|
||||
SSH_KEYFILE: "/ci-keys/morska"
|
||||
BUILD_WORKFLOW_PATH: ".gitea/workflows/build.yml"
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
environment: Morska
|
||||
|
||||
steps:
|
||||
- uses: https://github.com/actions/checkout@v4
|
||||
- name: Checkout (for completeness)
|
||||
uses: https://github.com/actions/checkout@v4
|
||||
|
||||
- name: Download frontend artifacts
|
||||
uses: https://github.com/actions/download-artifact@v3
|
||||
with:
|
||||
name: frontend
|
||||
path: ./release/frontend
|
||||
- name: Install tools
|
||||
run: |
|
||||
apt-get update -y
|
||||
apt-get install -y jq unzip zip openssh-client
|
||||
|
||||
- name: Download backend artifacts
|
||||
uses: https://github.com/actions/download-artifact@v3
|
||||
with:
|
||||
name: webapi
|
||||
path: ./release/webapi
|
||||
- name: Resolve repo/env
|
||||
id: repo
|
||||
env:
|
||||
GITEA_SERVER_URL: ${{ github.server_url }} # np. https://code.bim-it.pl
|
||||
GITHUB_REPOSITORY: ${{ github.repository }} # owner/repo
|
||||
run: |
|
||||
set -euo pipefail
|
||||
OWNER="${GITHUB_REPOSITORY%%/*}"
|
||||
REPO="${GITHUB_REPOSITORY##*/}"
|
||||
echo "owner=$OWNER" >> $GITHUB_OUTPUT
|
||||
echo "repo=$REPO" >> $GITHUB_OUTPUT
|
||||
echo "api=${GITEA_SERVER_URL%/}/api/v1" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Archive frontend
|
||||
run: (cd release/frontend && zip -r ../DiunaBI-Morska-Frontend.zip .)
|
||||
- name: Pick latest successful build (main)
|
||||
id: pick
|
||||
env:
|
||||
API: ${{ steps.repo.outputs.api }}
|
||||
OWNER: ${{ steps.repo.outputs.owner }}
|
||||
REPO: ${{ steps.repo.outputs.repo }}
|
||||
TOKEN: ${{ secrets.GITEA_TOKEN }} # PAT z odczytem Actions/artefaktów w tym repo
|
||||
BUILD_PATH: ${{ env.BUILD_WORKFLOW_PATH }}
|
||||
run: |
|
||||
set -euo pipefail
|
||||
RESP="$(curl -sfSL -H "Authorization: token $TOKEN" \
|
||||
"$API/repos/$OWNER/$REPO/actions/runs?status=success&branch=main&per_page=20")"
|
||||
RUN_ID="$(echo "$RESP" | jq -r --arg p "$BUILD_PATH" '
|
||||
.workflow_runs
|
||||
| map(select(
|
||||
(.head_branch=="main")
|
||||
and (.status=="completed")
|
||||
and (.conclusion=="success")
|
||||
and (
|
||||
(.path? // .workflow_path? // .workflow?.path? // "")
|
||||
| test($p + "$")
|
||||
)
|
||||
))
|
||||
| sort_by(.run_number) | reverse | .[0].id // empty
|
||||
')"
|
||||
test -n "$RUN_ID" && echo "run_id=$RUN_ID" >> $GITHUB_OUTPUT || { echo "No successful build found"; exit 1; }
|
||||
|
||||
- name: Archive backend
|
||||
run: (cd release/webapi && zip -r ../DiunaBI-Morska-WebApi.zip .)
|
||||
- name: Download artifacts (frontend, webapi)
|
||||
env:
|
||||
API: ${{ steps.repo.outputs.api }}
|
||||
OWNER: ${{ steps.repo.outputs.owner }}
|
||||
REPO: ${{ steps.repo.outputs.repo }}
|
||||
TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
RUN_ID: ${{ steps.pick.outputs.run_id }}
|
||||
run: |
|
||||
set -euo pipefail
|
||||
mkdir -p release
|
||||
LIST="$(curl -sfSL -H "Authorization: token $TOKEN" \
|
||||
"$API/repos/$OWNER/$REPO/actions/runs/$RUN_ID/artifacts")"
|
||||
echo "Artifacts:"; echo "$LIST" | jq -r '.artifacts[]?.name'
|
||||
|
||||
download_artifact () {
|
||||
local NAME="$1"
|
||||
local URL
|
||||
URL="$(echo "$LIST" | jq -r --arg n "$NAME" '
|
||||
(.artifacts // []) | map(select(.name==$n)) | .[0].archive_download_url // .[0].url // empty
|
||||
')"
|
||||
[ -n "$URL" ] && [ "$URL" != "null" ] || { echo "Artifact $NAME not found"; exit 1; }
|
||||
curl -sfSL -H "Authorization: token $TOKEN" -o "$NAME.zip" "$URL"
|
||||
unzip -o "$NAME.zip" -d "./$NAME"
|
||||
}
|
||||
|
||||
download_artifact frontend
|
||||
download_artifact webapi
|
||||
(cd frontend && zip -r ../DiunaBI-Morska-Frontend.zip .)
|
||||
(cd webapi && zip -r ../DiunaBI-Morska-WebApi.zip .)
|
||||
ls -la release
|
||||
|
||||
- name: Prepare known_hosts
|
||||
run: |
|
||||
mkdir -p ~/.ssh
|
||||
ssh-keyscan -H "${{ vars.DEPLOY_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||
ssh-keyscan -H "${{ env.DEPLOY_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||
|
||||
- name: Upload artifacts via SCP
|
||||
- name: Send artifacts to PROD
|
||||
run: |
|
||||
scp -i /ci-keys/prod_deploy -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
|
||||
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
|
||||
./release/DiunaBI-Morska-Frontend.zip \
|
||||
"${{ vars.DEPLOY_USER }}@${{ vars.DEPLOY_HOST }}:${{ vars.DEPLOY_PATH }}"
|
||||
scp -i /ci-keys/prod_deploy -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
|
||||
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
|
||||
scp -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
|
||||
./release/DiunaBI-Morska-WebApi.zip \
|
||||
"${{ vars.DEPLOY_USER }}@${{ vars.DEPLOY_HOST }}:${{ vars.DEPLOY_PATH }}"
|
||||
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}:${{ env.DEPLOY_PATH }}"
|
||||
|
||||
- name: Run remote deploy script
|
||||
run: |
|
||||
ssh -i "${{ env.SSH_KEYFILE }}" -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes \
|
||||
"${{ env.DEPLOY_USER }}@${{ env.DEPLOY_HOST }}" << 'EOF'
|
||||
./deployment/DiunaBI-Morska.Release.sh
|
||||
EOF
|
||||
|
||||
Reference in New Issue
Block a user