115 lines
3.6 KiB
YAML
115 lines
3.6 KiB
YAML
name: Build, Test and Deploy
|
|
|
|
on:
|
|
push:
|
|
branches: [main, int, dev]
|
|
|
|
concurrency:
|
|
group: print-calculator-${{ gitea.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
test-backend:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
# Evito actions/setup-python (spesso fragile su act_runner)
|
|
- name: Install Python deps + run tests
|
|
shell: bash
|
|
run: |
|
|
apt-get update
|
|
apt-get install -y --no-install-recommends python3 python3-pip
|
|
python3 -m pip install --upgrade pip
|
|
python3 -m pip install -r backend/requirements.txt
|
|
python3 -m pip install pytest httpx
|
|
export PYTHONPATH="${PYTHONPATH}:$(pwd)/backend"
|
|
pytest backend/tests
|
|
|
|
build-and-push:
|
|
needs: test-backend
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set TAG + OWNER lowercase
|
|
shell: bash
|
|
run: |
|
|
if [[ "${{ gitea.ref }}" == "refs/heads/main" ]]; then
|
|
echo "TAG=prod" >> "$GITHUB_ENV"
|
|
elif [[ "${{ gitea.ref }}" == "refs/heads/int" ]]; then
|
|
echo "TAG=int" >> "$GITHUB_ENV"
|
|
else
|
|
echo "TAG=dev" >> "$GITHUB_ENV"
|
|
fi
|
|
|
|
echo "OWNER_LOWER=$(echo '${{ gitea.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_ENV"
|
|
|
|
- name: Ensure docker CLI exists
|
|
shell: bash
|
|
run: |
|
|
if ! command -v docker >/dev/null 2>&1; then
|
|
apt-get update
|
|
apt-get install -y --no-install-recommends docker.io
|
|
fi
|
|
docker version
|
|
|
|
- name: Login to Gitea Registry
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
printf '%s' "${{ secrets.REGISTRY_TOKEN }}" | docker login "${{ secrets.REGISTRY_URL }}" \
|
|
-u "${{ secrets.REGISTRY_USER }}" --password-stdin
|
|
|
|
- name: Build & Push Backend
|
|
shell: bash
|
|
run: |
|
|
BACKEND_IMAGE="${{ secrets.REGISTRY_URL }}/${{ env.OWNER_LOWER }}/print-calculator-backend:${{ env.TAG }}"
|
|
docker build -t "$BACKEND_IMAGE" ./backend
|
|
docker push "$BACKEND_IMAGE"
|
|
|
|
- name: Build & Push Frontend
|
|
shell: bash
|
|
run: |
|
|
FRONTEND_IMAGE="${{ secrets.REGISTRY_URL }}/${{ env.OWNER_LOWER }}/print-calculator-frontend:${{ env.TAG }}"
|
|
docker build -t "$FRONTEND_IMAGE" ./frontend
|
|
docker push "$FRONTEND_IMAGE"
|
|
|
|
deploy:
|
|
needs: build-and-push
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Set ENV
|
|
shell: bash
|
|
run: |
|
|
if [[ "${{ gitea.ref }}" == "refs/heads/main" ]]; then
|
|
echo "ENV=prod" >> "$GITHUB_ENV"
|
|
elif [[ "${{ gitea.ref }}" == "refs/heads/int" ]]; then
|
|
echo "ENV=int" >> "$GITHUB_ENV"
|
|
else
|
|
echo "ENV=dev" >> "$GITHUB_ENV"
|
|
fi
|
|
|
|
- name: Trigger deploy on Unraid (forced command key)
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
apt-get update
|
|
apt-get install -y --no-install-recommends openssh-client ca-certificates
|
|
|
|
mkdir -p ~/.ssh
|
|
chmod 700 ~/.ssh
|
|
|
|
printf '%s' "${{ secrets.SSH_PRIVATE_KEY_B64 }}" | base64 -d > ~/.ssh/id_ed25519
|
|
chmod 600 ~/.ssh/id_ed25519
|
|
|
|
# Debug sicuro: stampa solo la prima riga (non rivela la chiave)
|
|
head -n 1 ~/.ssh/id_ed25519
|
|
|
|
ssh-keyscan -H "${{ secrets.SERVER_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null
|
|
|
|
ssh -i ~/.ssh/id_ed25519 -o BatchMode=yes "${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}" "${{ env.ENV }}"
|