This commit is contained in:
@@ -5,39 +5,55 @@ on:
|
|||||||
branches: [main]
|
branches: [main]
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
deploy:
|
build-and-deploy:
|
||||||
runs-on: docker
|
# ────────────────────────────────────────────────
|
||||||
|
# WICHTIG: Kein "docker" mehr – sondern eines der neuen Labels
|
||||||
|
runs-on: ubuntu-22.04
|
||||||
|
# Alternativen: ubuntu-latest, node:20, node:18
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Login registry
|
- name: Login to private registry
|
||||||
run: |
|
run: |
|
||||||
echo "${{ secrets.REGISTRY_PASS }}" | \
|
echo "${{ secrets.REGISTRY_PASS }}" | \
|
||||||
docker login registry.infra.mintel.me -u "${{ secrets.REGISTRY_USER }}" --password-stdin
|
docker login registry.infra.mintel.me \
|
||||||
|
-u "${{ secrets.REGISTRY_USER }}" --password-stdin
|
||||||
|
|
||||||
- name: Build image
|
- name: Build Docker image
|
||||||
run: |
|
run: |
|
||||||
docker build \
|
docker buildx create --use --driver docker-container || true
|
||||||
|
docker buildx build \
|
||||||
--pull \
|
--pull \
|
||||||
--build-arg NEXT_PUBLIC_UMAMI_WEBSITE_ID=${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }} \
|
--build-arg NEXT_PUBLIC_UMAMI_WEBSITE_ID="${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}" \
|
||||||
--build-arg NEXT_PUBLIC_UMAMI_SCRIPT_URL=${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }} \
|
--build-arg NEXT_PUBLIC_UMAMI_SCRIPT_URL="${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL }}" \
|
||||||
--build-arg NEXT_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }} \
|
--build-arg NEXT_PUBLIC_SENTRY_DSN="${{ secrets.SENTRY_DSN }}" \
|
||||||
-t registry.infra.mintel.me/mintel/klz-cables.com:latest .
|
-t registry.infra.mintel.me/mintel/klz-cables.com:latest \
|
||||||
|
--push .
|
||||||
|
|
||||||
- name: Push image
|
# Alternative ohne Buildx (wenn du kein Multi-Platform brauchst):
|
||||||
run: |
|
# docker build \
|
||||||
docker push registry.infra.mintel.me/mintel/klz-cables.com:latest
|
# --pull \
|
||||||
|
# --build-arg ... \
|
||||||
|
# -t registry.infra.mintel.me/mintel/klz-cables.com:latest .
|
||||||
|
# docker push registry.infra.mintel.me/mintel/klz-cables.com:latest
|
||||||
|
|
||||||
- name: Deploy
|
- name: Deploy to production server
|
||||||
run: |
|
run: |
|
||||||
mkdir -p ~/.ssh
|
mkdir -p ~/.ssh
|
||||||
printf "%s\n" "${{ secrets.ALPHA_SSH_KEY }}" > ~/.ssh/id_ed25519
|
echo "${{ secrets.ALPHA_SSH_KEY }}" > ~/.ssh/id_ed25519
|
||||||
chmod 600 ~/.ssh/id_ed25519
|
chmod 600 ~/.ssh/id_ed25519
|
||||||
ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts
|
|
||||||
|
ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts 2>/dev/null
|
||||||
|
|
||||||
ssh deploy@alpha.mintel.me '
|
ssh -o StrictHostKeyChecking=accept-new deploy@alpha.mintel.me << 'EOF'
|
||||||
docker pull registry.infra.mintel.me/mintel/klz-cables.com:latest
|
docker login registry.infra.mintel.me \
|
||||||
|
-u "${{ secrets.REGISTRY_USER }}" \
|
||||||
|
-p "${{ secrets.REGISTRY_PASS }}"
|
||||||
|
|
||||||
cd /home/deploy/sites/klz-cables.com
|
cd /home/deploy/sites/klz-cables.com
|
||||||
docker compose up -d --force-recreate
|
docker compose pull
|
||||||
'
|
docker compose up -d --force-recreate --remove-orphans
|
||||||
|
docker image prune -f
|
||||||
|
EOF
|
||||||
Reference in New Issue
Block a user