Julian
/
florale-emotion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
florale-emotion/.gitea/workflows/deploy.yml

462 lines
18 KiB
YAML
Raw Blame History

name: Build, Push and Deploy Florale Emotion Website
on:
push:
branches: [ 'feature/*', 'main', 'master' ]
pull_request:
branches: [ main, master ]
env:
HARBOR_REGISTRY: registry.julianvollmer.de
PROJECT_NAME: florale-emotion
jobs:
feature-branch:
runs-on: ubuntu-latest
timeout-minutes: 60
if: startsWith(github.ref, 'refs/heads/feature/')
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: |
image=moby/buildkit:v0.12.0
buildkitd-flags: --debug
- name: Extract metadata
id: meta
run: |
BRANCH_CLEAN=$(echo "${{ github.ref_name }}" | sed 's/[^a-zA-Z0-9._-]/-/g')
SHORT_SHA="${{ github.sha }}"
SHORT_SHA="${SHORT_SHA:0:8}"
TAG="${BRANCH_CLEAN}-${SHORT_SHA}"
echo "tag=${TAG}" >> $GITHUB_OUTPUT
echo "frontend_image=${{ env.HARBOR_REGISTRY }}/${{ env.PROJECT_NAME }}/florale-emotion-frontend:${TAG}" >> $GITHUB_OUTPUT
echo "backend_image=${{ env.HARBOR_REGISTRY }}/${{ env.PROJECT_NAME }}/florale-emotion-backend:${TAG}" >> $GITHUB_OUTPUT
echo "bot_image=${{ env.HARBOR_REGISTRY }}/${{ env.PROJECT_NAME }}/florale-emotion-bot:${TAG}" >> $GITHUB_OUTPUT
- name: Login to Harbor Registry
run: |
echo "Harbor12345" | docker login ${{ env.HARBOR_REGISTRY }} -u admin --password-stdin
- name: Build and Push Frontend (Feature)
working-directory: ./website
run: |
IMAGE_NAME=${{ steps.meta.outputs.frontend_image }}
for attempt in 1 2 3; do
echo "Build attempt $attempt for feature frontend..."
docker build --no-cache --progress=plain -t "${IMAGE_NAME}" . || {
echo "Build failed on attempt $attempt"
if [ $attempt -eq 3 ]; then
echo "All build attempts failed"
exit 1
fi
sleep 10
continue
}
for push_attempt in 1 2 3; do
echo "Push attempt $push_attempt for feature frontend..."
docker push "${IMAGE_NAME}" && {
echo "Feature frontend push successful on attempt $push_attempt"
break
} || {
echo "Push failed on attempt $push_attempt"
if [ $push_attempt -eq 3 ]; then
echo "All push attempts failed"
exit 1
fi
sleep 30
}
done
break
done
echo "✅ Feature frontend build and push completed successfully!"
echo "🏷️ Tag: ${TAG}"
echo "📦 Image: ${IMAGE_NAME}"
- name: Build and Push Backend (Feature)
working-directory: ./website/backend
env:
IMAGE_NAME: ${{ steps.meta.outputs.backend_image }}
TAG: ${{ steps.meta.outputs.tag }}
run: |
echo "Building backend image: ${IMAGE_NAME}"
docker build --no-cache --progress=plain -t "${IMAGE_NAME}" .
echo "Pushing backend image: ${IMAGE_NAME}"
docker push "${IMAGE_NAME}"
echo "✅ Feature backend build and push completed successfully!"
echo "🏷️ Tag: ${TAG}"
echo "📦 Image: ${IMAGE_NAME}"
- name: Build and Push Social Media Bot (Feature)
working-directory: ./website/social-media-bot
env:
IMAGE_NAME: ${{ steps.meta.outputs.bot_image }}
TAG: ${{ steps.meta.outputs.tag }}
run: |
echo "Building social media bot image: ${IMAGE_NAME}"
docker build --no-cache --progress=plain -t "${IMAGE_NAME}" .
echo "Pushing social media bot image: ${IMAGE_NAME}"
docker push "${IMAGE_NAME}"
echo "✅ Feature social media bot build and push completed successfully!"
echo "🏷️ Tag: ${TAG}"
echo "📦 Image: ${IMAGE_NAME}"
- name: Setup kubectl
run: |
# Download kubectl directly to avoid permission issues
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin/
kubectl version --client
- name: Configure kubectl
env:
KUBECTLSECRET: ${{ secrets.KUBECTLSECRET }}
run: |
mkdir -p ~/.kube
echo "🔍 Debugging KUBECTLSECRET..."
SECRET_LENGTH=${#KUBECTLSECRET}
echo "Secret length: $SECRET_LENGTH"
# Check if secret is empty
if [ "$SECRET_LENGTH" -eq 0 ]; then
echo "❌ ERROR: KUBECTLSECRET is empty!"
echo "Please configure the KUBECTLSECRET in Gitea repository secrets."
echo "Steps:"
echo "1. Run: cat ~/.kube/config | base64 -w 0"
echo "2. Copy the output"
echo "3. Add it as 'KUBECTLSECRET' secret in Gitea"
exit 1
fi
# Try to decode as base64 first, if that fails, use as plain text
if echo "$KUBECTLSECRET" | base64 -d > ~/.kube/config 2>/dev/null; then
echo "✅ KUBECTLSECRET decoded as base64"
else
echo "⚠️ KUBECTLSECRET is not base64, using as plain text"
echo "$KUBECTLSECRET" > ~/.kube/config
fi
echo "📁 kubeconfig created at ~/.kube/config"
chmod 600 ~/.kube/config
# Validate kubeconfig
if [ ! -s ~/.kube/config ]; then
echo "❌ ERROR: kubeconfig file is empty!"
exit 1
fi
# Add insecure-skip-tls-verify to handle self-signed certificates
echo "🔧 Configuring TLS settings for self-signed certificates..."
CURRENT_CONTEXT=$(kubectl config current-context)
CLUSTER_NAME=$(kubectl config view -o jsonpath="{.contexts[?(@.name=='$CURRENT_CONTEXT')].context.cluster}")
kubectl config set-cluster "$CLUSTER_NAME" --insecure-skip-tls-verify=true
echo "✅ kubeconfig validation and TLS configuration completed"
- name: Test kubectl connection
run: |
kubectl version --client
echo "Testing cluster connection..."
kubectl cluster-info
echo "Testing node access..."
kubectl get nodes
- name: Deploy Feature Branch
env:
FRONTEND_IMAGE: ${{ steps.meta.outputs.frontend_image }}
BACKEND_IMAGE: ${{ steps.meta.outputs.backend_image }}
BOT_IMAGE: ${{ steps.meta.outputs.bot_image }}
BRANCH_NAME: ${{ github.ref_name }}
run: |
echo "🚀 Deploying feature branch: $BRANCH_NAME"
echo "Frontend image: $FRONTEND_IMAGE"
echo "Backend image: $BACKEND_IMAGE"
echo "Bot image: $BOT_IMAGE"
# Ensure namespace exists
kubectl create namespace florale-emotion --dry-run=client -o yaml | kubectl apply -f -
# Ensure Harbor registry secret exists
kubectl create secret docker-registry harbor-registry-secret \
--docker-server=${{ env.HARBOR_REGISTRY }} \
--docker-username=admin \
--docker-password=Harbor12345 \
--namespace=florale-emotion \
--dry-run=client -o yaml | kubectl apply -f -
# Apply frontend deployment und ersetze das Image-Tag dynamisch (kein latest in Features)
sed "s|__IMAGE_TAG__|${{ steps.meta.outputs.tag }}|g" website/k8s/frontend.yaml | kubectl apply -n florale-emotion -f -
# Apply backend deployment mit Tag-Ersetzung
sed "s|__IMAGE_TAG__|${{ steps.meta.outputs.tag }}|g" website/k8s/backend.yaml | kubectl apply -n florale-emotion -f -
# Apply social media bot deployment mit Tag-Ersetzung
sed "s|__IMAGE_TAG__|${{ steps.meta.outputs.tag }}|g" website/k8s/bot.yaml | kubectl apply -n florale-emotion -f -
# Apply feature branch ingress (using dev subdomain)
kubectl apply -f website/k8s/ingress-dev.yaml -n florale-emotion
# Wait for rollout
echo "⏳ Waiting for rollout to finish..."
kubectl rollout status deployment/florale-emotion-frontend -n florale-emotion --timeout=300s
echo "✅ Feature branch deployment complete!"
echo "🌐 Dev URL: https://dev.florale-emotion.de"
echo "📦 Harbor Registry: https://registry.julianvollmer.de"
production-branch:
runs-on: ubuntu-latest
timeout-minutes: 60
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: |
image=moby/buildkit:v0.12.0
buildkitd-flags: --debug
- name: Extract metadata
id: meta
run: |
BRANCH_CLEAN=$(echo "${{ github.ref_name }}" | sed 's/[^a-zA-Z0-9._-]/-/g')
SHORT_SHA="${{ github.sha }}"
SHORT_SHA="${SHORT_SHA:0:8}"
TAG="${BRANCH_CLEAN}-${SHORT_SHA}"
# Für Master-Branches zusätzlich latest Tag erstellen
echo "Master branch detected, will create latest tags"
echo "tag=${TAG}" >> $GITHUB_OUTPUT
echo "frontend_image=${{ env.HARBOR_REGISTRY }}/${{ env.PROJECT_NAME }}/florale-emotion-frontend:${TAG}" >> $GITHUB_OUTPUT
echo "backend_image=${{ env.HARBOR_REGISTRY }}/${{ env.PROJECT_NAME }}/florale-emotion-backend:${TAG}" >> $GITHUB_OUTPUT
echo "bot_image=${{ env.HARBOR_REGISTRY }}/${{ env.PROJECT_NAME }}/florale-emotion-bot:${TAG}" >> $GITHUB_OUTPUT
- name: Login to Harbor Registry
run: |
echo "Harbor12345" | docker login ${{ env.HARBOR_REGISTRY }} -u admin --password-stdin
- name: Build and Push Frontend (Production + Latest)
working-directory: ./website
run: |
IMAGE_NAME=${{ steps.meta.outputs.frontend_image }}
LATEST_IMAGE="${{ env.HARBOR_REGISTRY }}/${{ env.PROJECT_NAME }}/florale-emotion-frontend:latest"
for attempt in 1 2 3; do
echo "Build attempt $attempt for production frontend..."
docker build --no-cache --progress=plain -t "${IMAGE_NAME}" . || {
echo "Build failed on attempt $attempt"
if [ $attempt -eq 3 ]; then
echo "All build attempts failed"
exit 1
fi
sleep 10
continue
}
# Push versioned image
for push_attempt in 1 2 3; do
echo "Push attempt $push_attempt for production frontend..."
docker push "${IMAGE_NAME}" && {
echo "Production frontend push successful on attempt $push_attempt"
break
} || {
echo "Push failed on attempt $push_attempt"
if [ $push_attempt -eq 3 ]; then
echo "All push attempts failed"
exit 1
fi
sleep 30
}
done
# Create and push latest tag
echo "Creating latest tag for production..."
docker tag "${IMAGE_NAME}" "${LATEST_IMAGE}"
for push_attempt in 1 2 3; do
echo "Push attempt $push_attempt for latest tag..."
docker push "${LATEST_IMAGE}" && {
echo "Latest tag push successful on attempt $push_attempt"
break
} || {
echo "Latest push failed on attempt $push_attempt"
if [ $push_attempt -eq 3 ]; then
echo "Latest push attempts failed"
exit 1
fi
sleep 30
}
done
break
done
echo "✅ Production frontend build and push completed successfully!"
echo "🏷️ Tag: ${TAG}"
echo "📦 Image: ${IMAGE_NAME}"
echo "📦 Latest: ${LATEST_IMAGE}"
- name: Build and Push Backend (Production + Latest)
working-directory: ./website/backend
env:
IMAGE_NAME: ${{ steps.meta.outputs.backend_image }}
TAG: ${{ steps.meta.outputs.tag }}
run: |
echo "Building backend image: ${IMAGE_NAME}"
docker build --no-cache --progress=plain -t "${IMAGE_NAME}" .
echo "Pushing backend image: ${IMAGE_NAME}"
docker push "${IMAGE_NAME}"
LATEST_IMAGE="${IMAGE_NAME%:*}:latest"
echo "Tagging backend as latest: ${LATEST_IMAGE}"
docker tag "${IMAGE_NAME}" "${LATEST_IMAGE}"
docker push "${LATEST_IMAGE}"
echo "✅ Production backend build and push completed successfully!"
echo "🏷️ Tag: ${TAG}"
echo "📦 Image: ${IMAGE_NAME}"
echo "📦 Latest: ${LATEST_IMAGE}"
- name: Build and Push Social Media Bot (Production + Latest)
working-directory: ./website/social-media-bot
env:
IMAGE_NAME: ${{ steps.meta.outputs.bot_image }}
TAG: ${{ steps.meta.outputs.tag }}
run: |
echo "Building social media bot image: ${IMAGE_NAME}"
docker build --no-cache --progress=plain -t "${IMAGE_NAME}" .
echo "Pushing social media bot image: ${IMAGE_NAME}"
docker push "${IMAGE_NAME}"
LATEST_IMAGE="${IMAGE_NAME%:*}:latest"
echo "Tagging social media bot as latest: ${LATEST_IMAGE}"
docker tag "${IMAGE_NAME}" "${LATEST_IMAGE}"
docker push "${LATEST_IMAGE}"
echo "✅ Production social media bot build and push completed successfully!"
echo "🏷️ Tag: ${TAG}"
echo "📦 Image: ${IMAGE_NAME}"
echo "📦 Latest: ${LATEST_IMAGE}"
- name: Setup kubectl
run: |
# Download kubectl directly to avoid permission issues
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin/
kubectl version --client
- name: Configure kubectl
env:
KUBECTLSECRET: ${{ secrets.KUBECTLSECRET }}
run: |
mkdir -p ~/.kube
echo "🔍 Debugging KUBECTLSECRET..."
SECRET_LENGTH=${#KUBECTLSECRET}
echo "Secret length: $SECRET_LENGTH"
# Check if secret is empty
if [ "$SECRET_LENGTH" -eq 0 ]; then
echo "❌ ERROR: KUBECTLSECRET is empty!"
echo "Please configure the KUBECTLSECRET in Gitea repository secrets."
echo "Steps:"
echo "1. Run: cat ~/.kube/config | base64 -w 0"
echo "2. Copy the output"
echo "3. Add it as 'KUBECTLSECRET' secret in Gitea"
exit 1
fi
# Try to decode as base64 first, if that fails, use as plain text
if echo "$KUBECTLSECRET" | base64 -d > ~/.kube/config 2>/dev/null; then
echo "✅ KUBECTLSECRET decoded as base64"
else
echo "⚠️ KUBECTLSECRET is not base64, using as plain text"
echo "$KUBECTLSECRET" > ~/.kube/config
fi
echo "📁 kubeconfig created at ~/.kube/config"
chmod 600 ~/.kube/config
# Validate kubeconfig
if [ ! -s ~/.kube/config ]; then
echo "❌ ERROR: kubeconfig file is empty!"
exit 1
fi
# Add insecure-skip-tls-verify to handle self-signed certificates
echo "🔧 Configuring TLS settings for self-signed certificates..."
CURRENT_CONTEXT=$(kubectl config current-context)
CLUSTER_NAME=$(kubectl config view -o jsonpath="{.contexts[?(@.name=='$CURRENT_CONTEXT')].context.cluster}")
kubectl config set-cluster "$CLUSTER_NAME" --insecure-skip-tls-verify=true
echo "✅ kubeconfig validation and TLS configuration completed"
- name: Test kubectl connection
run: |
kubectl version --client
echo "Testing cluster connection..."
kubectl cluster-info
echo "Testing node access..."
kubectl get nodes
- name: Deploy to Production
env:
FRONTEND_IMAGE: ${{ steps.meta.outputs.frontend_image }}
BACKEND_IMAGE: ${{ steps.meta.outputs.backend_image }}
BOT_IMAGE: ${{ steps.meta.outputs.bot_image }}
run: |
echo "🚀 Deploying to production..."
echo "Frontend image: $FRONTEND_IMAGE"
echo "Backend image: $BACKEND_IMAGE"
echo "Bot image: $BOT_IMAGE"
# Ensure namespace exists
kubectl create namespace florale-emotion --dry-run=client -o yaml | kubectl apply -f -
# Ensure Harbor registry secret exists
kubectl create secret docker-registry harbor-registry-secret \
--docker-server=${{ env.HARBOR_REGISTRY }} \
--docker-username=admin \
--docker-password=Harbor12345 \
--namespace=florale-emotion \
--dry-run=client -o yaml | kubectl apply -f -
# Apply frontend deployment und ersetze das Image-Tag mit latest
sed "s|__IMAGE_TAG__|latest|g" website/k8s/frontend.yaml | kubectl apply -n florale-emotion -f -
# Apply backend deployment mit latest Tag
sed "s|__IMAGE_TAG__|latest|g" website/k8s/backend.yaml | kubectl apply -n florale-emotion -f -
# Apply social media bot deployment mit latest Tag
sed "s|__IMAGE_TAG__|latest|g" website/k8s/bot.yaml | kubectl apply -n florale-emotion -f -
# Apply production ingress
kubectl apply -f website/k8s/ingress.yaml -n florale-emotion
# Wait for rollout
echo "⏳ Waiting for rollout to finish..."
kubectl rollout status deployment/florale-emotion-frontend -n florale-emotion --timeout=300s
echo "✅ Production deployment complete!"
echo "🌐 Website: https://florale-emotion.de"
echo "🌐 WWW: https://www.florale-emotion.de"
echo "🔧 Backend API: https://api.florale-emotion.de"
# Hinweise:
# - Angepasst für florale-emotion Projekt
# - Namespace: florale-emotion
# - Dev-Deployment unter dev.florale-emotion.de
# - Production unter florale-emotion.de
# - Unterstützt Frontend, Backend und Social Media Bot
# - Robuste Retry-Mechanismen für Build und Push
# - Eindeutige Tags für bessere Nachverfolgung
# - Timeout-Schutz für alle Deployments
Reference in New Issue View Git Blame Copy Permalink