f275260b0d
- Dockerfile + entrypoint (alembic + uvicorn), compose с healthcheck - .gitea/workflows: ci (pytest), deploy (SSH + compose по тегу v*) - docs/CICD.md: секреты, pvestandt9, ручной откат через workflow_dispatch Made-with: Cursor
49 lines
1.6 KiB
YAML
49 lines
1.6 KiB
YAML
# Деплой на сервер по SSH после пуша тега v* или вручную (в т.ч. откат на старый тег).
|
|
name: Deploy
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- "v*"
|
|
workflow_dispatch:
|
|
inputs:
|
|
ref:
|
|
description: "Git ref (тег для релиза или отката, напр. v1.5.0 или v1.4.1)"
|
|
required: true
|
|
default: "main"
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Определить ревизию
|
|
id: pick
|
|
run: |
|
|
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
|
|
echo "ref=${{ inputs.ref }}" >> "$GITHUB_OUTPUT"
|
|
else
|
|
echo "ref=${{ github.ref_name }}" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
- name: SSH — fetch, checkout, docker compose
|
|
uses: appleboy/ssh-action@v1.2.0
|
|
with:
|
|
host: ${{ secrets.DEPLOY_HOST }}
|
|
username: ${{ secrets.DEPLOY_USER }}
|
|
key: ${{ secrets.DEPLOY_SSH_KEY }}
|
|
script_stop: true
|
|
command_timeout: 20m
|
|
script: |
|
|
set -euo pipefail
|
|
cd "${{ secrets.DEPLOY_PATH }}"
|
|
git fetch origin --tags --prune
|
|
git checkout "${{ steps.pick.outputs.ref }}"
|
|
if git show-ref --verify --quiet "refs/remotes/origin/${{ steps.pick.outputs.ref }}"; then
|
|
git reset --hard "origin/${{ steps.pick.outputs.ref }}"
|
|
else
|
|
git reset --hard "${{ steps.pick.outputs.ref }}"
|
|
fi
|
|
docker compose build
|
|
docker compose up -d
|
|
docker compose ps
|