merchbay_admin/.gitea/workflows/deploy.yml

name: Deploy Production

on:
  push:
    branches:
      - main
      - master
  workflow_dispatch:

jobs:
  deploy:
    runs-on: ubuntu-latest
    # If using self-hosted runner, change to:
    # runs-on: self-hosted
    
    steps:
      - name: Checkout code
        run: |
          git clone ${{ gitea.repository_url }} /workspace/repo || true
          cd /workspace/repo
          git fetch origin ${{ gitea.ref_name }}
          git checkout ${{ gitea.ref_name }}
          git pull origin ${{ gitea.ref_name }}

      - name: Build Docker Image
        run: |
          cd /workspace/repo
          docker build -t merchbay_admin:latest .
          docker save merchbay_admin:latest | gzip > merchbay_admin.tar.gz

      - name: Setup SSH Key
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.PROD_DEPLOY_SSH_KEY }}" > ~/.ssh/deploy_key
          chmod 600 ~/.ssh/deploy_key

      - name: Transfer Files to Production Server
        run: |
          cd /workspace/repo
          scp -o StrictHostKeyChecking=no -i ~/.ssh/deploy_key merchbay_admin.tar.gz docker-compose.yml ${{ secrets.PROD_DEPLOY_USER }}@${{ secrets.PROD_DEPLOY_HOST }}:/tmp/

      - name: Deploy to Production Server
        run: |
          ssh -o StrictHostKeyChecking=no -i ~/.ssh/deploy_key ${{ secrets.PROD_DEPLOY_USER }}@${{ secrets.PROD_DEPLOY_HOST }} << 'ENDSSH'
            # Set deployment directory for production
            DEPLOY_DIR="/var/www/merchbay_admin"
            
            # Create deployment directory if it doesn't exist
            mkdir -p $DEPLOY_DIR
            
            # Load the Docker image
            cd /tmp
            docker load < merchbay_admin.tar.gz
            
            # Copy docker-compose.yml to deployment directory
            cp docker-compose.yml $DEPLOY_DIR/
            
            # Navigate to deployment directory
            cd $DEPLOY_DIR
            
            # Update environment file for production
            cat > .env << EOF
            APP_ENV=production
            APP_DEBUG=false
            APP_URL=https://merchbay.com
            DB_HOST=${{ secrets.PROD_DB_HOST }}
            DB_PORT=${{ secrets.PROD_DB_PORT || 3306 }}
            DB_DATABASE=${{ secrets.PROD_DB_DATABASE }}
            DB_USERNAME=${{ secrets.PROD_DB_USERNAME }}
            DB_PASSWORD=${{ secrets.PROD_DB_PASSWORD }}
            DOMAIN=merchbay.com
            EOF
            
            # Stop existing container (disconnect from Traefik network gracefully)
            docker compose down || true
            
            # Remove old image (optional, keeps only latest)
            docker image prune -f
            
            # Ensure Traefik network exists
            docker network inspect traefik-public >/dev/null 2>&1 || docker network create traefik-public
            
            # Update docker-compose for production
            export DOMAIN=merchbay.com
            export APP_URL=https://merchbay.com
            
            # Start the application (will auto-connect to Traefik with paid SSL)
            docker compose up -d
            
            # Wait for container to be ready
            sleep 10
            
            # Run migrations
            docker compose exec -T app php artisan migrate --force
            
            # Clear and cache configuration
            docker compose exec -T app php artisan config:cache
            docker compose exec -T app php artisan route:cache
            docker compose exec -T app php artisan view:cache
            
            # Cleanup
            rm -f /tmp/merchbay_admin.tar.gz /tmp/docker-compose.yml
            
            echo "Production deployment completed successfully!"
            echo "Application available at: https://merchbay.com"
          ENDSSH

      - name: Health Check
        run: |
          sleep 10
          curl -f https://merchbay.com || exit 1