webmaster/merchbay_admin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
73b178fa2cef46fd44231eb406174b59f8683c47
merchbay_admin/.gitea/workflows/deploy-dev.yml
Frank John Begornia 73b178fa2c
Some checks failed
Deploy Development / deploy (push) Failing after 41s
Details
Enhance deployment workflow by adding SSH setup and secret validation checks for improved security and reliability
2025-12-16 14:24:11 +08:00

137 lines
3.9 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: Deploy Development
on:
push:
branches:
- dev
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
container:
image: catthehacker/ubuntu:act-latest
steps:
- name: Checkout code
shell: sh
run: |
git clone $GITHUB_SERVER_URL/$GITHUB_REPOSITORY.git /workspace/repo
cd /workspace/repo
git checkout $GITHUB_REF_NAME
git pull origin $GITHUB_REF_NAME
- name: Build Docker Image
shell: sh
run: |
cd /workspace/repo
docker build -t merchbay_admin:dev .
docker save merchbay_admin:dev | gzip > merchbay_admin_dev.tar.gz
# 🔍 SAFE SECRET DEBUG (TEMPORARY REMOVE LATER)
- name: Debug secrets (safe)
shell: sh
run: |
echo "== Secrets presence check =="
if [ -z "${DEPLOY_SSH_KEY}" ]; then
echo "❌ DEPLOY_SSH_KEY is EMPTY or NOT SET"
exit 1
else
echo "✅ DEPLOY_SSH_KEY is SET"
echo "Length: ${#DEPLOY_SSH_KEY}"
echo "${DEPLOY_SSH_KEY}" | head -n 1
echo "${DEPLOY_SSH_KEY}" | tail -n 1
fi
[ -z "${DEPLOY_USER}" ] && echo "❌ DEPLOY_USER EMPTY" && exit 1
[ -z "${DEPLOY_HOST}" ] && echo "❌ DEPLOY_HOST EMPTY" && exit 1
echo "DEPLOY_USER=${DEPLOY_USER}"
echo "DEPLOY_HOST=${DEPLOY_HOST}"
env:
DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
DEPLOY_USER: ${{ secrets.DEPLOY_USER }}
DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
# 🔐 REQUIRED STEP (THIS WAS MISSING)
- name: Setup SSH
shell: sh
run: |
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "${DEPLOY_SSH_KEY}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
ssh-keyscan -H ${DEPLOY_HOST} >> ~/.ssh/known_hosts
echo "SSH files:"
ls -l ~/.ssh
env:
DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
# 🧪 OPTIONAL BUT HIGHLY RECOMMENDED (run once)
- name: SSH sanity check
shell: sh
run: |
ssh -i ~/.ssh/id_ed25519 ${DEPLOY_USER}@${DEPLOY_HOST} "whoami"
env:
DEPLOY_USER: ${{ secrets.DEPLOY_USER }}
DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
# 🚀 DEPLOY
- name: Deploy to Server
shell: sh
run: |
cd /workspace/repo
scp -i ~/.ssh/id_ed25519 \
merchbay_admin_dev.tar.gz docker-compose.yml \
${DEPLOY_USER}@${DEPLOY_HOST}:/tmp/
ssh -i ~/.ssh/id_ed25519 ${DEPLOY_USER}@${DEPLOY_HOST} << 'EOF'
set -e
DEPLOY_DIR="/var/www/merchbay_admin_dev"
mkdir -p $DEPLOY_DIR
cd /tmp
docker load < merchbay_admin_dev.tar.gz
cp docker-compose.yml $DEPLOY_DIR/
cd $DEPLOY_DIR
docker compose down || true
docker image prune -f
docker network inspect traefik-public >/dev/null 2>&1 || \
docker network create traefik-public
export DOMAIN=dev-admin.merchbay.app
export APP_URL=https://dev-admin.merchbay.app
docker compose up -d
sleep 10
docker compose exec -T app php artisan migrate --force
docker compose exec -T app php artisan config:cache
docker compose exec -T app php artisan route:cache
docker compose exec -T app php artisan view:cache
rm -f /tmp/merchbay_admin_dev.tar.gz /tmp/docker-compose.yml
echo "✅ Development deployment completed"
EOF
env:
DEPLOY_USER: ${{ secrets.DEPLOY_USER }}
DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
- name: Health Check
shell: sh
run: |
sleep 10
curl -f https://dev-admin.merchbay.app
Reference in New Issue View Git Blame Copy Permalink