added deployment check
Some checks failed
Build and Deploy Container / build_and_deploy (push) Failing after 1m20s
Some checks failed
Build and Deploy Container / build_and_deploy (push) Failing after 1m20s
This commit is contained in:
Clemens Hering
@@ -1,102 +0,0 @@
|
||||
name: Build and Deploy Container
|
||||
|
||||
env:
|
||||
TARGET_HOST: host.containers.internal
|
||||
#TARGET_HOST: www.valtrix.systems
|
||||
TARGET_USER: traefik
|
||||
APP_DIR: /home/traefik/valtrix-website
|
||||
CONTAINER_NAME: valtrix-website
|
||||
QUADLET_FILE: ./deploy/valtrix-website.container
|
||||
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
|
||||
SSH_KNOWN_HOSTS: ${{ secrets.SSH_KNOWN_HOSTS }}
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
- develop
|
||||
|
||||
jobs:
|
||||
build_and_deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Pre-clean Git global config (avoid https→ssh rewrite)
|
||||
shell: bash
|
||||
run: |
|
||||
set -euo pipefail
|
||||
git --version || true
|
||||
echo "Global git config before:" || true
|
||||
git config --global --list || true
|
||||
# Remove any url.*.insteadof rules that force SSH for gitea.smb-corp.de
|
||||
for key in $(git config --global --get-regexp '^url\\..*\\.insteadof$' 2>/dev/null | awk '{print $1}'); do
|
||||
if echo "$key" | grep -qi 'gitea\\.smb-corp\\.de'; then
|
||||
echo "Removing global mapping: $key"
|
||||
git config --global --unset-all "$key" || true
|
||||
fi
|
||||
done
|
||||
# Ensure no global sshCommand forces SSH
|
||||
git config --global --unset-all core.sshCommand || true
|
||||
echo "Global git config after:" || true
|
||||
git config --global --list || true
|
||||
- name: Setup SSH for git/scp
|
||||
shell: bash
|
||||
run: |
|
||||
install -m 700 -d ~/.ssh
|
||||
printf "%s\n" "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519
|
||||
chmod 600 ~/.ssh/id_ed25519
|
||||
printf "%s\n" "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts || true
|
||||
chmod 644 ~/.ssh/known_hosts
|
||||
# Ensure host keys are present to avoid interactive prompts
|
||||
(ssh-keygen -F "$TARGET_HOST" >/dev/null || ssh-keyscan -H "$TARGET_HOST" >> ~/.ssh/known_hosts) || true
|
||||
(ssh-keygen -F gitea.smb-corp.de >/dev/null || ssh-keyscan -H gitea.smb-corp.de >> ~/.ssh/known_hosts) || true
|
||||
|
||||
- name: Checkout Repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Copy entire repository to target host (scp -> atomic replace)
|
||||
shell: bash
|
||||
run: |
|
||||
set -euo pipefail
|
||||
# Work in a temp directory to avoid partial updates and handle ownership issues more clearly
|
||||
TMP_DIR="$APP_DIR.tmp.$(date +%s)"
|
||||
echo "Creating remote temp dir $TMP_DIR"
|
||||
ssh -o BatchMode=yes -i ~/.ssh/id_ed25519 $TARGET_USER@$TARGET_HOST "mkdir -p '$TMP_DIR'"
|
||||
|
||||
echo "Copying repository files to $TARGET_HOST:$TMP_DIR via scp (includes hidden files)"
|
||||
# Enable dotglob so hidden files are included in the glob
|
||||
shopt -s dotglob || true
|
||||
# Copy all files and directories in the repo root to the remote temp dir
|
||||
scp -r -o BatchMode=yes -i ~/.ssh/id_ed25519 ./* $TARGET_USER@$TARGET_HOST:$TMP_DIR/
|
||||
|
||||
echo "Attempting atomic replacement of $APP_DIR with $TMP_DIR"
|
||||
# Try to remove existing dir and move temp into place. If removal fails due to permissions, leave temp and error.
|
||||
ssh -o BatchMode=yes -i ~/.ssh/id_ed25519 $TARGET_USER@$TARGET_HOST "set -euo pipefail; if [ -d '$APP_DIR' ]; then rm -rf '$APP_DIR' || { echo 'ERROR: cannot remove existing $APP_DIR (permissions)'; exit 2; } fi; mv '$TMP_DIR' '$APP_DIR'"
|
||||
echo "Copy and replace finished"
|
||||
|
||||
- name: Build container on target host
|
||||
run: |
|
||||
# Expand $APP_DIR locally so the remote shell receives the concrete path
|
||||
ssh $TARGET_USER@$TARGET_HOST "set -euo pipefail; echo -e \"$APP_DIR \n\n\"; cd '$APP_DIR' && echo 'PWD:' \$(pwd) && ls -la . && podman build -t $CONTAINER_NAME:latest ."
|
||||
|
||||
- name: Backup Quadlet file
|
||||
run: |
|
||||
ssh $TARGET_USER@$TARGET_HOST "
|
||||
test -f ~/.config/containers/systemd/$CONTAINER_NAME.container && \
|
||||
cp ~/.config/containers/systemd/$CONTAINER_NAME.container ~/.config/containers/systemd/$CONTAINER_NAME.container.bak || true
|
||||
"
|
||||
|
||||
- name: Replace Quadlet file
|
||||
run: |
|
||||
scp ./$QUADLET_FILE $TARGET_USER@$TARGET_HOST:~/.config/containers/systemd/
|
||||
ssh $TARGET_USER@$TARGET_HOST '
|
||||
systemctl --user daemon-reload && echo "Reloaded user systemd daemon" && \
|
||||
systemctl --user restart valtrix-website.service
|
||||
'
|
||||
|
||||
- name: Verify deployment
|
||||
run: |
|
||||
ssh $TARGET_USER@$TARGET_HOST '
|
||||
podman ps --filter "name=valtrix" --format "table {{.Names}}\t{{.Image}}\t{{.Status}}" || echo "No running container named $CONTAINER_NAME"
|
||||
echo "Container logs of $CONTAINER_NAME:"
|
||||
podman logs valtrix-website
|
||||
podman logs $CONTAINER_NAME --tail 20
|
||||
'
|
||||
Reference in New Issue
Block a user