soroush.asadi
dd5afde5df
Without this flag, the deploy fails with "container name already in use" when a container with the same name exists from a previous run. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
121 lines
4.3 KiB
YAML
121 lines
4.3 KiB
YAML
name: CI/CD
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
branches: [main]
|
|
|
|
concurrency:
|
|
group: drsousan-cicd-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
# ─────────────────────────────────────────────────────────────────────────────
|
|
# HOW THIS WORKS
|
|
# ─────────────────────────────────────────────────────────────────────────────
|
|
# Runner labels:
|
|
# ubuntu-latest → container runner ← CI dotnet build runs here
|
|
# self-hosted → host runner ← docker build/push/deploy runs here
|
|
#
|
|
# Local Nexus:
|
|
# Docker registry → mirror.soroushasadi.com (group: pull | host: push)
|
|
# NuGet → 171.22.25.73:8081/repository/nuget-group/
|
|
#
|
|
# Required Gitea secrets:
|
|
# ENV_FILE → contents of .env
|
|
# ─────────────────────────────────────────────────────────────────────────────
|
|
|
|
jobs:
|
|
|
|
# ── CI: compile-check (runs on every push / PR) ──────────────────────────────
|
|
ci:
|
|
name: "CI · dotnet build"
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: mirror.soroushasadi.com/dotnet/sdk:10.0
|
|
options: --add-host=gitea:host-gateway
|
|
steps:
|
|
- name: Checkout
|
|
env:
|
|
TOKEN: ${{ github.token }}
|
|
REF: ${{ github.ref }}
|
|
run: |
|
|
git init
|
|
git remote add origin "${{ github.server_url }}/${{ github.repository }}.git"
|
|
git config http.extraheader "Authorization: Bearer ${TOKEN}"
|
|
git fetch --depth=1 origin "${REF}"
|
|
git checkout FETCH_HEAD
|
|
|
|
- name: Restore
|
|
working-directory: DrSousan.Api
|
|
env:
|
|
DOTNET_CLI_TELEMETRY_OPTOUT: 1
|
|
run: dotnet restore DrSousan.Api.csproj
|
|
|
|
- name: Build
|
|
working-directory: DrSousan.Api
|
|
run: dotnet build DrSousan.Api.csproj --no-restore -c Release
|
|
|
|
# ── CD: build image → deploy locally (push to main only) ───────────────────
|
|
deploy:
|
|
name: "Deploy · drsousan"
|
|
runs-on: self-hosted
|
|
env:
|
|
PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
|
|
REGISTRY: mirror.soroushasadi.com
|
|
IMAGE: mirror.soroushasadi.com/drsousan/api
|
|
needs: [ci]
|
|
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
|
timeout-minutes: 20
|
|
|
|
steps:
|
|
- name: Checkout
|
|
env:
|
|
TOKEN: ${{ github.token }}
|
|
REF: ${{ github.ref }}
|
|
run: |
|
|
git init
|
|
git remote add origin "${{ github.server_url }}/${{ github.repository }}.git"
|
|
git config http.extraheader "Authorization: Bearer ${TOKEN}"
|
|
git fetch --depth=1 origin "${REF}"
|
|
git checkout FETCH_HEAD
|
|
|
|
- name: Write .env
|
|
run: printf '%s' "$ENV_FILE" > .env
|
|
env:
|
|
ENV_FILE: ${{ secrets.ENV_FILE }}
|
|
|
|
- name: Build image
|
|
run: docker compose build api
|
|
env:
|
|
DOCKER_BUILDKIT: 1
|
|
|
|
- name: Deploy
|
|
run: docker compose up -d --no-deps --force-recreate api
|
|
|
|
- name: Wait for healthy
|
|
run: |
|
|
for i in $(seq 1 24); do
|
|
STATUS=$(docker inspect --format='{{.State.Health.Status}}' drsousan_api 2>/dev/null || echo "missing")
|
|
echo " [$i/24] $STATUS"
|
|
[ "$STATUS" = "healthy" ] && echo "✅ drsousan_api healthy" && exit 0
|
|
sleep 5
|
|
done
|
|
echo "❌ timed out"
|
|
docker compose logs --tail=60 api
|
|
exit 1
|
|
|
|
- name: Show containers
|
|
if: always()
|
|
run: docker compose ps
|
|
|
|
- name: Prune old drsousan images
|
|
if: success()
|
|
# Only remove untagged (dangling) drsousan images — never touches other projects
|
|
run: |
|
|
docker images --format '{{.Repository}}:{{.Tag}} {{.ID}}' \
|
|
| grep '^mirror\.soroushasadi\.com/drsousan/' \
|
|
| grep '<none>' \
|
|
| awk '{print $2}' \
|
|
| xargs -r docker rmi || true
|