nietzshn/multi-env-pipeline-poc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0a798cf3b0748863eb5b87fc6ec9977e1f196749
multi-env-pipeline-poc/.gitea/workflows/deploy-qa.yml
T
nietzshn 252fbe5003
CI Pipeline / HTML Lint (push) Successful in 11s
Details
Deploy QA / Build and Push (push) Successful in 21s
Details
CI Pipeline / Build Docker Image (push) Successful in 1m3s
Details
Deploy QA / Deploy to QA (push) Successful in 9s
Details
CI Pipeline / Security Scan (push) Successful in 21s
Details
refactor: switch ssh remote variable passing to positional arguments for deploy-qa pipeline
2026-06-02 21:11:41 -06:00

122 lines
3.8 KiB
YAML
Raw Blame History

name: Deploy QA
on:
push:
branches:
- dev
env:
REGISTRY_URL: ${{ vars.REGISTRY_URL }}
IMAGE_NAME: ${{ vars.IMAGE_NAME }}
APP_ENV: qa
jobs:
build-and-push:
name: Build and Push
runs-on: ubuntu-latest
outputs:
image_tag: ${{ steps.meta.outputs.image_tag }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Gitea Registry
run: |
set -euo pipefail
echo "${{ secrets.TOKEN }}" | docker login $REGISTRY_URL -u ${{ gitea.actor }} --password-stdin
- name: Build and push
id: meta
run: |
set -euo pipefail
SHA_TAG="${{ gitea.sha }}"
QA_TAG="qa-latest"
BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
docker buildx build \
--push \
--build-arg APP_VERSION=dev-${SHA_TAG} \
--build-arg BUILD_DATE=${BUILD_DATE} \
--build-arg GIT_COMMIT=${SHA_TAG} \
--build-arg GIT_BRANCH=dev \
-t ${REGISTRY_URL}/${IMAGE_NAME}:${QA_TAG} \
-t ${REGISTRY_URL}/${IMAGE_NAME}:sha-${SHA_TAG} \
.
echo "image_tag=${QA_TAG}" >> $GITEA_OUTPUT
echo "::notice::Image pushed: ${REGISTRY_URL}/${IMAGE_NAME}:${QA_TAG}"
deploy:
name: Deploy to QA
runs-on: ubuntu-latest
needs: build-and-push
steps:
- name: Deploy via SSH
run: |
set -euo pipefail
IMAGE_TAG="${{ needs.build-and-push.outputs.image_tag }}"
eval $(ssh-agent -s)
echo "${{ secrets.DEPLOY_SSH_KEY }}" | ssh-add -
mkdir -p ~/.ssh
ssh-keyscan -H ${{ secrets.DEPLOY_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
# 1. Pasamos las variables como argumentos en el mismo orden
ssh ${{ secrets.DEPLOY_USERNAME }}@${{ secrets.DEPLOY_HOST }} bash -s \
"${{ env.REGISTRY_URL }}" \
"${{ env.IMAGE_NAME }}" \
"${IMAGE_TAG}" \
"${{ gitea.sha }}" \
"${{ gitea.actor }}" \
"${{ gitea.run_id }}" \
"${{ secrets.TOKEN }}" << 'EOF'
set -euo pipefail
# 2. Las recibimos dentro de la sesión remota
REGISTRY_URL=$1
IMAGE_NAME=$2
IMAGE_TAG=$3
GIT_SHA=$4
GITEA_ACTOR=$5
BUILD_NUMBER=$6
TOKEN=$7
# Variables locales del script
GIT_BRANCH="dev"
BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
echo "Pulling image..."
echo "$TOKEN" | docker login $REGISTRY_URL -u $GITEA_ACTOR --password-stdin
docker pull $REGISTRY_URL/$IMAGE_NAME:$IMAGE_TAG
echo "Stopping existing container..."
docker stop cicd-qa 2>/dev/null || true
docker rm cicd-qa 2>/dev/null || true
echo "Starting new container..."
docker run -d --name cicd-qa --restart unless-stopped -p 8081:80 \
-e APP_ENV=qa \
-e APP_VERSION=dev-${GIT_SHA} \
-e GIT_COMMIT=${GIT_SHA} \
-e GIT_BRANCH=${GIT_BRANCH} \
-e BUILD_DATE=${BUILD_DATE} \
-e DEPLOY_TIME=${BUILD_DATE} \
-e BUILD_NUMBER=${BUILD_NUMBER} \
$REGISTRY_URL/$IMAGE_NAME:$IMAGE_TAG
echo "Waiting for health check..."
for i in $(seq 1 12); do
if curl -sf http://localhost:8081/health > /dev/null 2>&1; then
echo "::notice::QA deployment healthy"
exit 0
fi
sleep 5
done
echo "::error::QA health check failed"
exit 1
EOF
Reference in New Issue View Git Blame Copy Permalink