From 4fdbc0f5cfd2ed2cc1dcba4910ac14670724f54b Mon Sep 17 00:00:00 2001 From: Marc Mintel Date: Sun, 25 Jan 2026 18:07:19 +0100 Subject: [PATCH] deploy --- .gitea/workflows/deploy.yml | 58 +++++++++++++++++++++++-------------- 1 file changed, 37 insertions(+), 21 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 422d4f16..d80d1583 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -5,39 +5,55 @@ on: branches: [main] jobs: - deploy: - runs-on: docker + build-and-deploy: + # ──────────────────────────────────────────────── + # WICHTIG: Kein "docker" mehr – sondern eines der neuen Labels + runs-on: ubuntu-22.04 + # Alternativen: ubuntu-latest, node:20, node:18 steps: - - uses: actions/checkout@v4 + - name: Checkout repository + uses: actions/checkout@v4 - - name: Login registry + - name: Login to private registry run: | echo "${{ secrets.REGISTRY_PASS }}" | \ - docker login registry.infra.mintel.me -u "${{ secrets.REGISTRY_USER }}" --password-stdin + docker login registry.infra.mintel.me \ + -u "${{ secrets.REGISTRY_USER }}" --password-stdin - - name: Build image + - name: Build Docker image run: | - docker build \ + docker buildx create --use --driver docker-container || true + docker buildx build \ --pull \ - --build-arg NEXT_PUBLIC_UMAMI_WEBSITE_ID=${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }} \ - --build-arg NEXT_PUBLIC_UMAMI_SCRIPT_URL=${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }} \ - --build-arg NEXT_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }} \ - -t registry.infra.mintel.me/mintel/klz-cables.com:latest . + --build-arg NEXT_PUBLIC_UMAMI_WEBSITE_ID="${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}" \ + --build-arg NEXT_PUBLIC_UMAMI_SCRIPT_URL="${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }}" \ + --build-arg NEXT_PUBLIC_SENTRY_DSN="${{ secrets.SENTRY_DSN }}" \ + -t registry.infra.mintel.me/mintel/klz-cables.com:latest \ + --push . - - name: Push image - run: | - docker push registry.infra.mintel.me/mintel/klz-cables.com:latest + # Alternative ohne Buildx (wenn du kein Multi-Platform brauchst): + # docker build \ + # --pull \ + # --build-arg ... \ + # -t registry.infra.mintel.me/mintel/klz-cables.com:latest . + # docker push registry.infra.mintel.me/mintel/klz-cables.com:latest - - name: Deploy + - name: Deploy to production server run: | mkdir -p ~/.ssh - printf "%s\n" "${{ secrets.ALPHA_SSH_KEY }}" > ~/.ssh/id_ed25519 + echo "${{ secrets.ALPHA_SSH_KEY }}" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 - ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts + + ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts 2>/dev/null - ssh deploy@alpha.mintel.me ' - docker pull registry.infra.mintel.me/mintel/klz-cables.com:latest + ssh -o StrictHostKeyChecking=accept-new deploy@alpha.mintel.me << 'EOF' + docker login registry.infra.mintel.me \ + -u "${{ secrets.REGISTRY_USER }}" \ + -p "${{ secrets.REGISTRY_PASS }}" + cd /home/deploy/sites/klz-cables.com - docker compose up -d --force-recreate - ' \ No newline at end of file + docker compose pull + docker compose up -d --force-recreate --remove-orphans + docker image prune -f + EOF \ No newline at end of file