openclawd/config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
config/projects/business/src/pdf-api/.forgejo/workflows/deploy.yml
Hoid 3e37a420f6 memory: 2026-02-17 daily log
2026-02-17 21:49:00 +00:00

93 lines
3.5 KiB
YAML
Raw Blame History

name: Deploy to Production
on:
push:
branches: [ main ]
jobs:
deploy:
name: Deploy to Server
runs-on: ubuntu-latest
steps:
- name: Write secrets and deploy
uses: appleboy/ssh-action@v1.1.0
with:
host: ${{ secrets.SERVER_HOST }}
username: ${{ secrets.SERVER_USER }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
envs: STRIPE_SECRET_KEY,STRIPE_WEBHOOK_SECRET,DATABASE_PASSWORD
script: |
set -e
echo "🚀 Starting deployment..."
cd /root/docfast
# Write .env from CI secrets
echo "📝 Writing .env from CI secrets..."
printf "STRIPE_SECRET_KEY=%s\nSTRIPE_WEBHOOK_SECRET=%s\nDATABASE_PASSWORD=%s\n" "$STRIPE_SECRET_KEY" "$STRIPE_WEBHOOK_SECRET" "$DATABASE_PASSWORD" > .env
# Verify .env has non-empty values
if grep -q '=$' .env; then
echo "❌ ERROR: .env has empty values - secrets not configured in Forgejo!"
echo "Add STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET, DATABASE_PASSWORD in Forgejo repo settings."
exit 1
fi
echo "✅ .env written with $(wc -l < .env) vars"
git status --short || true
echo "📥 Pulling latest changes..."
git fetch origin
git pull origin main
TIMESTAMP=$(date +%Y%m%d-%H%M%S)
docker tag docfast-docfast:latest docfast-docfast:rollback-$TIMESTAMP || echo "No existing image to tag"
echo "🔨 Building new Docker image..."
docker compose build --no-cache
echo "⏹️ Stopping services..."
docker compose down --timeout 30
echo "▶️ Starting services..."
docker compose up -d
echo "⏱️ Waiting for service to be ready..."
for i in $(seq 1 30); do
if curl -f -s http://127.0.0.1:3100/health > /dev/null; then
echo "✅ Service is healthy!"
break
fi
if [ $i -eq 30 ]; then
echo "❌ Service failed to start - initiating rollback..."
docker compose down
ROLLBACK_IMAGE=$(docker images --format "table {{.Repository}}:{{.Tag}}" | grep "docfast-docfast:rollback-" | head -n1 | tr -s ' ' | cut -d' ' -f1)
if [ ! -z "$ROLLBACK_IMAGE" ]; then
echo "🔄 Rolling back to $ROLLBACK_IMAGE"
docker tag $ROLLBACK_IMAGE docfast-docfast:latest
docker compose up -d
sleep 10
if curl -f -s http://127.0.0.1:3100/health > /dev/null; then
echo "✅ Rollback successful"
else
echo "❌ Rollback failed - manual intervention required"
fi
fi
exit 1
fi
echo "⏳ Attempt $i/30 - waiting 5 seconds..."
sleep 5
done
echo "🔍 Running post-deploy verification..."
bash scripts/verify-deploy.sh
echo "🧹 Cleaning up old rollback images..."
docker images --format "table {{.Repository}}:{{.Tag}}" | grep "docfast-docfast:rollback-" | tail -n +6 | awk '{print $1}' | xargs -r docker rmi || true
echo "🎉 Deployment completed successfully!"
env:
STRIPE_SECRET_KEY: ${{ secrets.STRIPE_SECRET_KEY }}
STRIPE_WEBHOOK_SECRET: ${{ secrets.STRIPE_WEBHOOK_SECRET }}
DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
Reference in a new issue View git blame Copy permalink