josedario87
d32b3e8db3
- Migrar de useAuth() a useAuthentik() para autenticación SSR - Actualizar componentes UserMenu, AppSidebar y profile.vue - Configurar docker-compose.yml con variables dinámicas - Agregar Gitea Actions workflow para build y deploy automático - Implementar hook de monitoreo de Gitea Actions - Configurar secrets y variables para deploy seguro - Actualizar configuración de Traefik con Authentik Forward Auth
74 lines
2.9 KiB
YAML
74 lines
2.9 KiB
YAML
name: build-and-deploy
|
||
|
||
on:
|
||
push:
|
||
branches: [ main, master ]
|
||
|
||
jobs:
|
||
#───────────────── build & push ─────────────────
|
||
build:
|
||
runs-on: docker
|
||
env:
|
||
REG: ${{ vars.REGISTRY_URL }}
|
||
APP_NAME: ${{ vars.APP_NAME }}
|
||
steps:
|
||
- uses: actions/checkout@v3
|
||
- uses: docker/setup-buildx-action@v2
|
||
- uses: docker/login-action@v2
|
||
with:
|
||
registry: ${{ vars.REGISTRY_URL }}
|
||
username: ${{ secrets.REGISTRY_USERNAME }}
|
||
password: ${{ secrets.REGISTRY_PASSWORD }}
|
||
|
||
- name: Build+push ${{ vars.APP_NAME }}
|
||
run: |
|
||
cd nuxt4-app
|
||
docker build -t $REG/${{ github.repository_owner }}/$APP_NAME:${{ github.sha }} -t $REG/${{ github.repository_owner }}/$APP_NAME:latest .
|
||
docker push $REG/${{ github.repository_owner }}/$APP_NAME:${{ github.sha }}
|
||
docker push $REG/${{ github.repository_owner }}/$APP_NAME:latest
|
||
|
||
#───────────────── deploy ─────────────────
|
||
deploy:
|
||
needs: build
|
||
runs-on: docker
|
||
env:
|
||
REG: ${{ vars.REGISTRY_URL }}
|
||
REPO_OWNER: ${{ github.repository_owner }}
|
||
APP_NAME: ${{ vars.APP_NAME }}
|
||
APP_DOMAIN: ${{ vars.APP_DOMAIN }}
|
||
# Variables sensibles de entorno desde secrets
|
||
POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
|
||
PGRST_DB_AUTHENTICATOR_PASSWORD: ${{ secrets.PGRST_DB_AUTHENTICATOR_PASSWORD }}
|
||
PGRST_JWT_SECRET: ${{ secrets.PGRST_JWT_SECRET }}
|
||
SUPABASE_URL: ${{ secrets.SUPABASE_URL }}
|
||
SUPABASE_SERVICE_ROLE_KEY: ${{ secrets.SUPABASE_SERVICE_ROLE_KEY }}
|
||
SUPABASE_ANON_KEY: ${{ secrets.SUPABASE_ANON_KEY }}
|
||
# Variables públicas desde vars
|
||
POSTGRES_USER: ${{ vars.POSTGRES_USER }}
|
||
POSTGRES_DB: ${{ vars.POSTGRES_DB }}
|
||
PGRST_DB_SCHEMA: ${{ vars.PGRST_DB_SCHEMA }}
|
||
PGRST_DB_ANON_ROLE: ${{ vars.PGRST_DB_ANON_ROLE }}
|
||
PGRST_OPENAPI_SERVER_PROXY_URI: ${{ vars.PGRST_OPENAPI_SERVER_PROXY_URI }}
|
||
NUXT_PUBLIC_POSTGREST_URL: ${{ vars.NUXT_PUBLIC_POSTGREST_URL }}
|
||
NUXT_PUBLIC_AUTHENTIK_URL: ${{ vars.NUXT_PUBLIC_AUTHENTIK_URL }}
|
||
steps:
|
||
- uses: actions/checkout@v3
|
||
- name: Login to registry
|
||
run: docker login ${{ vars.REGISTRY_URL }} -u ${{ secrets.REGISTRY_USERNAME }} -p ${{ secrets.REGISTRY_PASSWORD }}
|
||
|
||
- name: Info about environment
|
||
run: |
|
||
echo "ℹ️ Deploying ${{ vars.APP_NAME }}"
|
||
echo " Domain: ${{ vars.APP_DOMAIN }}"
|
||
echo " Image: ${{ vars.REGISTRY_URL }}/${{ github.repository_owner }}/${{ vars.APP_NAME }}:latest"
|
||
echo " Network: principal"
|
||
|
||
- name: Pull fresh images used in compose
|
||
run: docker compose pull
|
||
|
||
- name: Clean up stack
|
||
run: docker compose --project-name $APP_NAME down
|
||
|
||
- name: Update stack
|
||
run: docker compose --project-name $APP_NAME up -d --remove-orphans --wait
|