GestionIntegralWeb/.gitea/workflows/deploy.yml

name: Build and Deploy

on:
  push:
    branches:
      - main

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v3
<<<<<<< HEAD

      - name: Build Backend Image and Extract
        run: |
          echo "Building backend image..."
          # 1. Ejecutamos Kaniko y le damos un nombre, SIN --rm
          docker run --name kaniko-backend \
            -v ${{ gitea.workspace }}:/workspace \
            gcr.io/kaniko-project/executor:v1.9.0 \
            --context=/workspace \
            --dockerfile=/workspace/Backend/GestionIntegral.Api/Dockerfile \
            --no-push \
            --destination=${{ gitea.actor }}/${{ toLower(gitea.repository_name) }}-backend:latest \
            --tarPath=/kaniko/backend.tar # Guardamos en una ruta interna de Kaniko

          echo "Extracting backend image..."
          # 2. Copiamos el archivo desde el contenedor de Kaniko al workspace del job
          docker cp kaniko-backend:/kaniko/backend.tar ${{ gitea.workspace }}/backend.tar
          
          echo "Cleaning up backend builder..."
          # 3. Eliminamos el contenedor de Kaniko
          docker rm kaniko-backend

      - name: Build Frontend Image and Extract
        run: |
          echo "Building frontend image..."
          docker run --name kaniko-frontend \
            -v ${{ gitea.workspace }}:/workspace \
            gcr.io/kaniko-project/executor:v1.9.0 \
            --context=/workspace \
            --dockerfile=/workspace/Frontend/Dockerfile \
            --no-push \
            --destination=${{ gitea.actor }}/${{ toLower(gitea.repository_name) }}-frontend:latest \
            --tarPath=/kaniko/frontend.tar

          echo "Extracting frontend image..."
          docker cp kaniko-frontend:/kaniko/frontend.tar ${{ gitea.workspace }}/frontend.tar
          
          echo "Cleaning up frontend builder..."
          docker rm kaniko-frontend
      
      - name: Verify Artifacts
        run: |
          echo "--- Verifying contents of workspace ---"
          ls -l ${{ gitea.workspace }}

      - name: Deploy to Production via SCP and SSH
        run: |
=======

      # Ya no necesitamos crear config.json. La acción de login lo maneja.
      - name: Login to Gitea Registry
        uses: docker/login-action@v2
        with:
          registry: 127.0.0.1:5000
          username: ${{ secrets.REGISTRY_USER }}
          password: ${{ secrets.ACTIONS_PAT }}

      - name: Build and Push Backend
        uses: docker/build-push-action@v4
        with:
          context: .
          file: Backend/GestionIntegral.Api/Dockerfile
          push: true
          # La imagen se etiqueta para el registro local
          tags: 127.0.0.1:5000/dmolinari/gestionintegralweb-backend:latest,127.0.0.1:5000/dmolinari/gestionintegralweb-backend:${{ gitea.sha_short }}

      - name: Build and Push Frontend
        uses: docker/build-push-action@v4
        with:
          context: .
          file: Frontend/Dockerfile
          push: true
          tags: 127.0.0.1:5000/dmolinari/gestionintegralweb-frontend:latest,127.0.0.1:5000/dmolinari/gestionintegralweb-frontend:${{ gitea.sha_short }}

      # El despliegue ahora es un paso final en el mismo job
      - name: Deploy to Production via SSH
        run: |
>>>>>>> 2d44116 (Retry 1243)
          set -e
          echo "Preparing SSH client..."
          apt-get update && apt-get install -y openssh-client
          mkdir -p ~/.ssh
          echo "${{ secrets.PROD_SERVER_SSH_KEY }}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          ssh-keyscan -H ${{ secrets.PROD_SERVER_HOST }} >> ~/.ssh/known_hosts
          
<<<<<<< HEAD
          echo "Copying image files to production server..."
          scp ${{ gitea.workspace }}/backend.tar ${{ gitea.workspace }}/frontend.tar ${{ secrets.PROD_SERVER_USER }}@${{ secrets.PROD_SERVER_HOST }}:/opt/gestion-integral/

          echo "Connecting to host to load images and deploy..."
=======
          echo "Connecting to host to deploy..."
>>>>>>> 2d44116 (Retry 1243)
          ssh ${{ secrets.PROD_SERVER_USER }}@${{ secrets.PROD_SERVER_HOST }} << 'EOF'
            set -e
            echo "--- CONECTADO AL SERVIDOR DE PRODUCCIÓN ---"
            cd /opt/gestion-integral
            
            echo "Loading images into Docker..."
            docker load < backend.tar
            docker load < frontend.tar
            
            echo "Starting application stack..."
            export DB_SA_PASSWORD="${{ secrets.DB_SA_PASSWORD_SECRET }}"
            export JWT_KEY="${{ secrets.JWT_KEY_SECRET }}"
<<<<<<< HEAD
=======
            
            # El login ya no es necesario aquí, el demonio ya tiene la sesión
            # del paso anterior del pipeline. Pero lo dejamos por robustez.
            echo "${{ secrets.ACTIONS_PAT }}" | docker login 127.0.0.1:5000 -u ${{ secrets.REGISTRY_USER }} --password-stdin

            docker compose pull
>>>>>>> 2d44116 (Retry 1243)
            docker compose up -d

            echo "Cleaning up tar files and old images..."
            rm backend.tar frontend.tar
            docker image prune -af
            
            echo "--- ¡¡DESPLIEGUE COMPLETADO Y VERIFICADO!! ---"
          EOF