From 9356f94047a179caddb5bb2b0829226fc9671245 Mon Sep 17 00:00:00 2001 From: dmolinari Date: Tue, 17 Jun 2025 11:11:57 -0300 Subject: [PATCH] Retry 1111 --- .gitea/workflows/deploy.yml | 67 +++++++++++++++++-------------------- 1 file changed, 31 insertions(+), 36 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index c246a22..2691d43 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -28,44 +28,39 @@ jobs: needs: build-and-push steps: - - name: Install Docker Tools + - name: Deploy to Production via SSH run: | - # Script completo para instalar docker y docker-compose - apt-get update && apt-get install -y --no-install-recommends ca-certificates curl && install -m 0755 -d /etc/apt/keyrings && curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc && chmod a+r /etc/apt/keyrings/docker.asc && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null && apt-get update && apt-get install -y docker-ce-cli docker-compose-plugin + echo "Connecting to production server to deploy..." - - name: Deploy Application Stack - run: | - echo "Deploying application stack using internal network..." + # 1. Instalar y preparar el cliente SSH + apt-get update && apt-get install -y openssh-client + mkdir -p ~/.ssh + echo "${{ secrets.PROD_SERVER_SSH_KEY }}" > ~/.ssh/id_rsa + chmod 600 ~/.ssh/id_rsa + ssh-keyscan -H ${{ secrets.PROD_SERVER_HOST }} >> ~/.ssh/known_hosts - # Obtenemos la IP Virtual del SERVICIO de gitea. Este es el método robusto. - GITEA_IP=$(docker service inspect gitea-stack_gitea --format '{{range .Endpoint.VirtualIPs}}{{.Addr}}{{end}}' | cut -d'/' -f1) - if [ -z "$GITEA_IP" ]; then - echo "Error: Could not find Gitea service IP." - exit 1 - fi - echo "Gitea internal IP found: $GITEA_IP" + # 2. Conectarse al HOST y ejecutar los comandos de despliegue + ssh ${{ secrets.PROD_SERVER_USER }}@${{ secrets.PROD_SERVER_HOST }} << 'EOF' + set -e # <-- ¡¡IMPORTANTE!! El script se detendrá si un comando falla - # Lanzamos el despliegue desde un contenedor temporal que tiene acceso a todo lo necesario - docker run --rm \ - --network gitea-stack_gitea_net \ - --add-host=gitea:$GITEA_IP \ - -v /var/run/docker.sock:/var/run/docker.sock \ - -v /opt/gestion-integral:/app \ - -w /app \ - --env DB_SA_PASSWORD='${{ secrets.DB_SA_PASSWORD_SECRET }}' \ - --env JWT_KEY='${{ secrets.JWT_KEY_SECRET }}' \ - --env REGISTRY_USER='${{ secrets.REGISTRY_USER }}' \ - --env ACTIONS_PAT='${{ secrets.ACTIONS_PAT }}' \ - docker/compose:latest \ - sh -c "\ - echo '--- Logging in to internal registry: gitea:5000 ---' && \ - docker login gitea:5000 -u \$REGISTRY_USER -p \$ACTIONS_PAT && \ - echo '--- Pulling new images using internal registry name ---' && \ - docker compose pull && \ - echo '--- Starting application stack ---' && \ - docker compose up -d" + echo "--- CONECTADO AL SERVIDOR DE PRODUCCIÓN ---" + + # Navegar a la carpeta correcta EN EL HOST + cd /opt/gestion-integral + + # Exportar los secretos para que docker-compose los use + export DB_SA_PASSWORD="${{ secrets.DB_SA_PASSWORD_SECRET }}" + export JWT_KEY="${{ secrets.JWT_KEY_SECRET }}" + + # Autenticarse en el registro local + echo "${{ secrets.ACTIONS_PAT }}" | docker login 127.0.0.1:5000 -u ${{ secrets.REGISTRY_USER }} --password-stdin + + # Descargar las nuevas imágenes y levantar el stack + docker compose pull + docker compose up -d - - name: Cleanup dangling images - run: | - echo "Cleaning up old images on host..." - docker image prune -af \ No newline at end of file + # Limpiar imágenes viejas + docker image prune -af + + echo "--- ¡¡DESPLIEGUE COMPLETADO Y VERIFICADO!! ---" + EOF \ No newline at end of file