From 8cab51d59032bae394191459b51b0b7c28253712 Mon Sep 17 00:00:00 2001 From: striker Date: Thu, 21 May 2026 02:53:52 +0300 Subject: [PATCH] =?UTF-8?q?ci:=20workflow=20=D0=BF=D0=BE=20=D1=81=D1=82?= =?UTF-8?q?=D0=B0=D0=BD=D0=B4=D0=B0=D1=80=D1=82=D0=BD=D0=BE=D0=BC=D1=83=20?= =?UTF-8?q?=D1=88=D0=B0=D0=B1=D0=BB=D0=BE=D0=BD=D1=83=20Gitea=20Actions?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Workflow приведён к шаблону из memory/reference_gitea_actions.md: - runs-on: ubuntu-latest (act_runner на str-u-01 даёт node:20-bookworm) - apt-get install openssh-client (нет в node:20 by default) - secrets: SSH_DEPLOY_KEY (raw private key, не base64) + SSH_KNOWN_HOSTS - ssh ... bash -s <<'REMOTE' с git clone/pull, docker compose build+up, health-check curl, docker image prune retention 7d --- .gitea/workflows/deploy.yml | 58 +++++++++++++++++++++---------------- 1 file changed, 33 insertions(+), 25 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 28b1207..ba1c3f0 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -1,4 +1,4 @@ -name: Deploy to web.hhivp.com +name: deploy on: push: @@ -9,34 +9,42 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - name: Set up SSH key + - name: Install SSH client run: | - mkdir -p ~/.ssh - echo "${{ secrets.SSH_PRIVATE_KEY }}" | base64 -d > ~/.ssh/deploy_key - chmod 600 ~/.ssh/deploy_key - cat >> ~/.ssh/config < ~/.ssh/id_deploy + chmod 600 ~/.ssh/id_deploy + printf '%s\n' "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts + chmod 644 ~/.ssh/known_hosts + + - name: Deploy to web.hhivp.com + run: | + ssh -i ~/.ssh/id_deploy striker@web.hhivp.com bash -s <<'REMOTE' set -euo pipefail - cd /opt/docker/sites/anotherreflections-ru-v2 - git fetch --prune origin - git reset --hard origin/main - docker compose build --pull + REPO_URL="ssh://git@git.striker.su:2222/striker/anotherreflections-website-v2.git" + DEPLOY_PATH="/opt/docker/sites/anotherreflections-ru-v2" + HEALTH_URL="http://127.0.0.1:4084/" + + if [ ! -d "$DEPLOY_PATH/.git" ]; then + mkdir -p "$DEPLOY_PATH" + git clone --branch main "$REPO_URL" "$DEPLOY_PATH" + else + cd "$DEPLOY_PATH" + git remote set-url origin "$REPO_URL" + git fetch origin main + git reset --hard origin/main + fi + + cd "$DEPLOY_PATH" + docker compose build docker compose up -d - # Чистка старых образов (CI/CD retention >7d по правилу проекта) + sleep 5 + docker compose ps + curl -fsS -o /dev/null -w "HEALTH HTTP %{http_code}\n" "$HEALTH_URL" docker image prune -af --filter "until=168h" >/dev/null 2>&1 || true REMOTE - - - name: Verify - run: | - ssh web 'curl -sf -H "Host: anotherreflections.ru" http://127.0.0.1:4084/ -o /dev/null -w "HTTP %{http_code} | %{size_download} bytes\n"'