Retry 1151

.gitea/workflows/deploy.yml

@@ -7,34 +7,57 @@ on:
 
 jobs:
   # ===================================================================
-  # JOB 1: CONSTRUIR Y SUBIR LAS IMÁGENES
+  # JOB 1: CONSTRUIR Y GUARDAR LAS IMÁGENES COMO ARTEFACTOS
   # ===================================================================
-  build-and-push:
+  build-and-save:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
 
-      - name: Create Kaniko config file
-        run: echo '{"auths":{"${{ secrets.REGISTRY_URL }}":{"username":"${{ secrets.REGISTRY_USER }}","password":"${{ secrets.ACTIONS_PAT }}"}}}' > ${{ gitea.workspace }}/config.json
-
-      - name: Build and Push Backend & Frontend
+      - name: Build Backend Image and Save as Tar
+        # Ya no necesitamos credenciales, Kaniko no hará push
         run: |
-          docker run --rm -v ${{ gitea.workspace }}:/workspace -v ${{ gitea.workspace }}/config.json:/kaniko/.docker/config.json gcr.io/kaniko-project/executor:v1.9.0 --context=/workspace --dockerfile=/workspace/Backend/GestionIntegral.Api/Dockerfile --destination=${{ secrets.REGISTRY_URL }}/${{ gitea.actor }}/${{ toLower(gitea.repository_name) }}-backend:latest --destination=${{ secrets.REGISTRY_URL }}/${{ gitea.actor }}/${{ toLower(gitea.repository_name) }}-backend:${{ gitea.sha_short }} --insecure
-          docker run --rm -v ${{ gitea.workspace }}:/workspace -v ${{ gitea.workspace }}/config.json:/kaniko/.docker/config.json gcr.io/kaniko-project/executor:v1.9.0 --context=/workspace --dockerfile=/workspace/Frontend/Dockerfile --destination=${{ secrets.REGISTRY_URL }}/${{ gitea.actor }}/${{ toLower(gitea.repository_name) }}-frontend:latest --destination=${{ secrets.REGISTRY_URL }}/${{ gitea.actor }}/${{ toLower(gitea.repository_name) }}-frontend:${{ gitea.sha_short }} --insecure
+          docker run --rm -v ${{ gitea.workspace }}:/workspace gcr.io/kaniko-project/executor:v1.9.0 \
+            --context=/workspace \
+            --dockerfile=/workspace/Backend/GestionIntegral.Api/Dockerfile \
+            --no-push \
+            --destination=${{ gitea.actor }}/${{ toLower(gitea.repository_name) }}-backend:latest \
+            --tarPath=/workspace/backend.tar
+
+      - name: Build Frontend Image and Save as Tar
+        run: |
+          docker run --rm -v ${{ gitea.workspace }}:/workspace gcr.io/kaniko-project/executor:v1.9.0 \
+            --context=/workspace \
+            --dockerfile=/workspace/Frontend/Dockerfile \
+            --no-push \
+            --destination=${{ gitea.actor }}/${{ toLower(gitea.repository_name) }}-frontend:latest \
+            --tarPath=/workspace/frontend.tar
+
+      - name: Upload Image Artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: docker-images
+          path: |
+            ${{ gitea.workspace }}/backend.tar
+            ${{ gitea.workspace }}/frontend.tar
 
   # ===================================================================
-  # JOB 2: DESPLEGAR LA APLICACIÓN
+  # JOB 2: DESCARGAR ARTEFACTOS, CARGAR IMÁGENES Y DESPLEGAR
   # ===================================================================
   deploy:
     runs-on: ubuntu-latest
-    needs: build-and-push
+    needs: build-and-save
     
     steps:
-      - name: Deploy to Production via SSH
-        run: |
-          set -e # Fallar inmediatamente si algo sale mal
+      - name: Download Image Artifacts
+        uses: actions/download-artifact@v3
+        with:
+          name: docker-images
           
+      - name: Deploy to Production via SCP and SSH
+        run: |
+          set -e
           echo "Preparing SSH client..."
           apt-get update && apt-get install -y openssh-client
           mkdir -p ~/.ssh
@@ -42,22 +65,26 @@ jobs:
           chmod 600 ~/.ssh/id_rsa
           ssh-keyscan -H ${{ secrets.PROD_SERVER_HOST }} >> ~/.ssh/known_hosts
           
-          echo "Connecting to host to execute deployment..."
-          ssh ${{ secrets.PROD_SERVER_USER }}@${{ secrets.PROD_SERVER_HOST }} << 'EOF'
-            set -e # También aquí, para fallar en la sesión remota
+          echo "Copying image files to production server..."
+          scp backend.tar frontend.tar ${{ secrets.PROD_SERVER_USER }}@${{ secrets.PROD_SERVER_HOST }}:/opt/gestion-integral/
 
+          echo "Connecting to host to load images and deploy..."
+          ssh ${{ secrets.PROD_SERVER_USER }}@${{ secrets.PROD_SERVER_HOST }} << 'EOF'
+            set -e
             echo "--- CONECTADO AL SERVIDOR DE PRODUCCIÓN ---"
             cd /opt/gestion-integral
             
+            echo "Loading images into Docker..."
+            docker load < backend.tar
+            docker load < frontend.tar
+            
+            echo "Starting application stack..."
             export DB_SA_PASSWORD="${{ secrets.DB_SA_PASSWORD_SECRET }}"
             export JWT_KEY="${{ secrets.JWT_KEY_SECRET }}"
-            
-            # La clave: El host se conecta a sí mismo usando la dirección de loopback.
-            # Gracias al MTU en daemon.json, esta conexión ahora será estable.
-            echo "${{ secrets.ACTIONS_PAT }}" | docker login 127.0.0.1:5000 -u ${{ secrets.REGISTRY_USER }} --password-stdin
-            
-            docker compose pull
             docker compose up -d
+
+            echo "Cleaning up tar files and old images..."
+            rm backend.tar frontend.tar
             docker image prune -af
             
             echo "--- ¡¡DESPLIEGUE COMPLETADO Y VERIFICADO!! ---"