From 0cb52d7df8e5955a0ac417b0179508cf943597f6 Mon Sep 17 00:00:00 2001 From: Marc Mintel Date: Tue, 10 Feb 2026 22:55:44 +0100 Subject: [PATCH] ci: split deploy job into steps to avoid OOM kills --- .gitea/workflows/deploy.yml | 41 +++++++++++++++++-------------------- 1 file changed, 19 insertions(+), 22 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 69bf7e29..69f7ade1 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -208,17 +208,11 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - - name: 🚀 SSH Deploy + - name: 📝 Generate Environment shell: bash env: - ENV_FILE: ${{ needs.prepare.outputs.env_file }} TRAEFIK_RULE: ${{ needs.prepare.outputs.traefik_rule }} run: | - mkdir -p ~/.ssh - echo "${{ secrets.ALPHA_SSH_KEY }}" > ~/.ssh/id_ed25519 - chmod 600 ~/.ssh/id_ed25519 - ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts 2>/dev/null - # Generate Environment File LOG_LEVEL=$( [[ "$TARGET" == "testing" || "$TARGET" == "development" ]] && echo "debug" || echo "info" ) COOKIE_DOMAIN=.$(echo $NEXT_PUBLIC_BASE_URL | sed 's|https://||') @@ -263,6 +257,16 @@ jobs: # AUTH_MIDDLEWARE logic printf "AUTH_MIDDLEWARE=%s\n" "$( [[ "$TARGET" == "production" ]] && echo "${PROJECT_NAME}-compress" || echo "${PROJECT_NAME}-auth,${PROJECT_NAME}-compress" )" >> .env.deploy + - name: 🚀 SSH Deploy + shell: bash + env: + ENV_FILE: ${{ needs.prepare.outputs.env_file }} + run: | + mkdir -p ~/.ssh + echo "${{ secrets.ALPHA_SSH_KEY }}" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts 2>/dev/null + # Transfer and Restart SITE_DIR="/home/deploy/sites/klz-cables.com" ssh root@alpha.mintel.me "mkdir -p $SITE_DIR/directus/schema $SITE_DIR/directus/uploads $SITE_DIR/directus/extensions" @@ -271,21 +275,14 @@ jobs: scp docker-compose.yml root@alpha.mintel.me:$SITE_DIR/docker-compose.yml scp -r directus/schema root@alpha.mintel.me:$SITE_DIR/directus/ - ssh root@alpha.mintel.me bash << EOF - set -e - cd /home/deploy/sites/klz-cables.com - echo '${{ secrets.REGISTRY_PASS }}' | docker login registry.infra.mintel.me -u '${{ secrets.REGISTRY_USER }}' --password-stdin - docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '${{ needs.prepare.outputs.env_file }}' pull - docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '${{ needs.prepare.outputs.env_file }}' up -d --remove-orphans - - # Apply Directus Schema Snapshot if available - if docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '${{ needs.prepare.outputs.env_file }}' exec -T directus ls /directus/schema/snapshot.yaml >/dev/null 2>&1; then - echo "→ Applying Directus Schema Snapshot..." - docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '${{ needs.prepare.outputs.env_file }}' exec -T directus npx directus schema apply /directus/schema/snapshot.yaml --yes - fi - - docker system prune -f --filter "until=24h" - EOF + ssh root@alpha.mintel.me "cd $SITE_DIR && echo '${{ secrets.REGISTRY_PASS }}' | docker login registry.infra.mintel.me -u '${{ secrets.REGISTRY_USER }}' --password-stdin" + ssh root@alpha.mintel.me "cd $SITE_DIR && docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' pull" + ssh root@alpha.mintel.me "cd $SITE_DIR && docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' up -d --remove-orphans" + + # Apply Directus Schema Snapshot if available + ssh root@alpha.mintel.me "cd $SITE_DIR && if docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' exec -T directus ls /directus/schema/snapshot.yaml >/dev/null 2>&1; then echo '→ Applying Directus Schema Snapshot...' && docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' exec -T directus npx directus schema apply /directus/schema/snapshot.yaml --yes; fi" + + ssh root@alpha.mintel.me "docker system prune -f --filter 'until=24h'" # ────────────────────────────────────────────────────────────────────────────── # JOB 5: Notifications