From d58a7fafba923679f2cb4a9af4e968735931f4e6 Mon Sep 17 00:00:00 2001 From: Pascal Oelmann Date: Tue, 5 May 2026 02:08:04 +0200 Subject: [PATCH] Vereinfache Deploy-Workflow: ein Job, Submodule recursive, v3-Actions entfernt --- .forgejo/workflows/deploy.yml | 80 +++++++++-------------------------- 1 file changed, 20 insertions(+), 60 deletions(-) diff --git a/.forgejo/workflows/deploy.yml b/.forgejo/workflows/deploy.yml index 839e694..47bc738 100644 --- a/.forgejo/workflows/deploy.yml +++ b/.forgejo/workflows/deploy.yml @@ -11,13 +11,17 @@ concurrency: cancel-in-progress: false jobs: - test: - name: Lint + Smoke-Tests + build-and-deploy: + name: Build, Test und Deploy runs-on: docker container: image: node:22-bookworm steps: - - uses: actions/checkout@v4 + - name: Checkout (inkl. Submodule brand-system) + uses: actions/checkout@v4 + with: + submodules: recursive + fetch-depth: 1 - name: pnpm aktivieren run: | @@ -38,41 +42,23 @@ jobs: env: CI: '1' - - name: Build-Artefakt aufheben - uses: actions/upload-artifact@v3 - with: - name: dist - path: dist/ - retention-days: 3 - - deploy: - name: Deploy auf Marketing-VPS - runs-on: docker - container: - image: alpine:3.20 - needs: test - if: github.ref == 'refs/heads/main' - steps: - - uses: actions/checkout@v4 - - - name: Tools installieren - run: | - apk add --no-cache rsync openssh-client - - - name: Build-Artefakt holen - uses: actions/download-artifact@v3 - with: - name: dist - path: dist/ + - name: rsync + ssh installieren + run: apt-get update && apt-get install -y --no-install-recommends rsync openssh-client - name: SSH-Key setzen + if: github.ref == 'refs/heads/main' + env: + SSH_KEY: ${{ secrets.MARKETING_SSH_KEY }} + HOST: ${{ secrets.MARKETING_HOST }} run: | mkdir -p ~/.ssh - echo "${{ secrets.MARKETING_SSH_KEY }}" > ~/.ssh/marketing + chmod 700 ~/.ssh + echo "$SSH_KEY" > ~/.ssh/marketing chmod 600 ~/.ssh/marketing - ssh-keyscan -H "${{ secrets.MARKETING_HOST }}" >> ~/.ssh/known_hosts + ssh-keyscan -H "$HOST" >> ~/.ssh/known_hosts 2>/dev/null - name: Rsync zu Marketing-VPS + if: github.ref == 'refs/heads/main' run: | rsync -avz --delete \ -e "ssh -i ~/.ssh/marketing -o StrictHostKeyChecking=yes" \ @@ -80,38 +66,12 @@ jobs: "${{ secrets.MARKETING_USER }}@${{ secrets.MARKETING_HOST }}:slimcore.io/" - name: Deploy-Verifikation + if: github.ref == 'refs/heads/main' run: | - # Caddy braucht keine Reload — file_server liest live aus dem Verzeichnis - # Stattdessen: HTTPS-Check, dass die neue Version live ist sleep 3 - STATUS=$(wget -qO- --server-response https://slimcore.io/ 2>&1 | awk '/HTTP\//{print $2}' | head -1) + STATUS=$(curl -sI https://slimcore.io/ | awk '/HTTP\//{print $2; exit}') if [ "$STATUS" != "200" ]; then - echo "Production-Site liefert HTTP $STATUS, erwartet 200" + echo "slimcore.io liefert HTTP $STATUS, erwartet 200" exit 1 fi echo "✓ slimcore.io antwortet mit 200" - - notify: - name: Deploy-Notification - runs-on: docker - container: - image: alpine:3.20 - needs: deploy - if: always() - steps: - - name: Status-Mail an Pascal - if: ${{ secrets.BREVO_API_KEY != '' }} - run: | - apk add --no-cache curl - STATUS="${{ needs.deploy.result }}" - SUBJECT="[slimcore.io] Deploy ${STATUS}" - BODY="Deploy von ${{ github.sha }} auf slimcore.io: ${STATUS}\n\nCommit: ${{ github.event.head_commit.message }}\nWorkflow: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" - curl -X POST https://api.brevo.com/v3/smtp/email \ - -H "api-key: ${{ secrets.BREVO_API_KEY }}" \ - -H "Content-Type: application/json" \ - -d "{ - \"sender\": {\"email\": \"deploy@digiformer.net\", \"name\": \"Forgejo Deploy\"}, - \"to\": [{\"email\": \"pascal.oelmann@digiformer.net\"}], - \"subject\": \"$SUBJECT\", - \"textContent\": \"$BODY\" - }"