3c79b63db5
- Astro 6 + React + Tailwind v4 Projekt-Skelett mit allen Marketing-Seiten (Home, Module, Tester, Souveränität, Roadmap, Kontakt, Impressum, Datenschutz) - Self-hosted Outfit + JetBrains Mono Fonts (DSGVO) - Marketing-Komponenten gemäss CLAUDE.md §5.6 (NumberedItem, ModuleCard, StatusDot, TechStrip, SovereigntyBlock, RoadmapTimeline, etc.) - Module-Daten in src/content/module.ts als Single Source of Truth - E2E Smoke-Tests via Playwright - OG-Image-Generator - Forgejo Workflow .forgejo/workflows/deploy.yml für Tier-2 Static Deploy - Infra-as-Code Snapshot in infra/marketing-vps/ - Brand-System Submodule auf Forgejo umgezogen (war GitHub) - Deployment- und Handoff-Dokumentation - .DS_Store aus Tracking entfernt, .gitignore um Test-Artefakte ergaenzt
117 lines
3.4 KiB
YAML
117 lines
3.4 KiB
YAML
name: Deploy Marketing-Site
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
workflow_dispatch:
|
|
|
|
concurrency:
|
|
group: deploy-marketing
|
|
cancel-in-progress: false
|
|
|
|
jobs:
|
|
test:
|
|
name: Lint + Smoke-Tests
|
|
runs-on: docker
|
|
container:
|
|
image: node:22-bookworm
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: pnpm aktivieren
|
|
run: |
|
|
corepack enable
|
|
corepack prepare pnpm@latest --activate
|
|
|
|
- name: Dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Production-Build
|
|
run: pnpm build
|
|
|
|
- name: Playwright-Browser
|
|
run: pnpm exec playwright install --with-deps chromium
|
|
|
|
- name: Smoke-Tests gegen Production-Build
|
|
run: pnpm exec playwright test
|
|
env:
|
|
CI: '1'
|
|
|
|
- name: Build-Artefakt aufheben
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: dist
|
|
path: dist/
|
|
retention-days: 3
|
|
|
|
deploy:
|
|
name: Deploy auf Marketing-VPS
|
|
runs-on: docker
|
|
container:
|
|
image: alpine:3.20
|
|
needs: test
|
|
if: github.ref == 'refs/heads/main'
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Tools installieren
|
|
run: |
|
|
apk add --no-cache rsync openssh-client
|
|
|
|
- name: Build-Artefakt holen
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: dist
|
|
path: dist/
|
|
|
|
- name: SSH-Key setzen
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
echo "${{ secrets.MARKETING_SSH_KEY }}" > ~/.ssh/marketing
|
|
chmod 600 ~/.ssh/marketing
|
|
ssh-keyscan -H "${{ secrets.MARKETING_HOST }}" >> ~/.ssh/known_hosts
|
|
|
|
- name: Rsync zu Marketing-VPS
|
|
run: |
|
|
rsync -avz --delete \
|
|
-e "ssh -i ~/.ssh/marketing -o StrictHostKeyChecking=yes" \
|
|
dist/ \
|
|
"${{ secrets.MARKETING_USER }}@${{ secrets.MARKETING_HOST }}:slimcore.io/"
|
|
|
|
- name: Deploy-Verifikation
|
|
run: |
|
|
# Caddy braucht keine Reload — file_server liest live aus dem Verzeichnis
|
|
# Stattdessen: HTTPS-Check, dass die neue Version live ist
|
|
sleep 3
|
|
STATUS=$(wget -qO- --server-response https://slimcore.io/ 2>&1 | awk '/HTTP\//{print $2}' | head -1)
|
|
if [ "$STATUS" != "200" ]; then
|
|
echo "Production-Site liefert HTTP $STATUS, erwartet 200"
|
|
exit 1
|
|
fi
|
|
echo "✓ slimcore.io antwortet mit 200"
|
|
|
|
notify:
|
|
name: Deploy-Notification
|
|
runs-on: docker
|
|
container:
|
|
image: alpine:3.20
|
|
needs: deploy
|
|
if: always()
|
|
steps:
|
|
- name: Status-Mail an Pascal
|
|
if: ${{ secrets.BREVO_API_KEY != '' }}
|
|
run: |
|
|
apk add --no-cache curl
|
|
STATUS="${{ needs.deploy.result }}"
|
|
SUBJECT="[slimcore.io] Deploy ${STATUS}"
|
|
BODY="Deploy von ${{ github.sha }} auf slimcore.io: ${STATUS}\n\nCommit: ${{ github.event.head_commit.message }}\nWorkflow: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
|
|
curl -X POST https://api.brevo.com/v3/smtp/email \
|
|
-H "api-key: ${{ secrets.BREVO_API_KEY }}" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"sender\": {\"email\": \"deploy@digiformer.net\", \"name\": \"Forgejo Deploy\"},
|
|
\"to\": [{\"email\": \"pascal.oelmann@digiformer.net\"}],
|
|
\"subject\": \"$SUBJECT\",
|
|
\"textContent\": \"$BODY\"
|
|
}"
|