nucleo000/radiusNucleo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Modernizar workflow y docker-compose con variables
Some checks failed
build-and-deploy / build-and-deploy (push) Failing after 9s
Details

Browse Source 
- Convertir imágenes hardcodeadas a variables (REG, REPO_OWNER)
- Agregar variables APP_NAME y APP_DOMAIN al workflow
- Agregar flag --wait al despliegue para esperar contenedores listos
- Pasar variables de entorno (RADIUS_*) explícitamente en cada paso
- Agregar paso informativo sobre el deployment
- Simplificar comandos docker compose (sin -f innecesario)
- Corregir indentación del docker-compose.yml
- Eliminar paso redundante "Show service status"

Estos cambios hacen que el workflow sea más robusto y consistente
con el patrón usado en analiticaNucleo.
This commit is contained in:
josedario87
2025-10-28 10:25:07 -06:00
parent 732edadcb6
commit 67e2e4cb0f
2 changed files with 51 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
.gitea/workflows/build-and-deploy.yml
View File

@@ -5,10 +5,15 @@ on:
branches: [ main ] branches: [ main ]
jobs: jobs:
#───────────────── build, push & deploy (unified) ─────────────────
build-and-deploy: build-and-deploy:
runs-on: docker runs-on: docker
env: env:
REG: ${{ vars.REGISTRY_URL }}/${{ github.repository_owner }} REG: ${{ vars.REGISTRY_URL }}
REPO_OWNER: ${{ github.repository_owner }}
APP_NAME: radiusnucleo
APP_DOMAIN: wifi.nucleoriofrio.com
# Variables sensibles de entorno desde secrets
RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }} RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }} RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
steps: steps:
@@ -22,15 +27,23 @@ jobs:
- name: Build+push radiusnucleo (with SPA) - name: Build+push radiusnucleo (with SPA)
run: | run: |
docker build -t $REG/radiusnucleo:${{ github.sha }} -t $REG/radiusnucleo:latest -f node-api/Dockerfile . docker build -t $REG/$REPO_OWNER/radiusnucleo:${{ github.sha }} -t $REG/$REPO_OWNER/radiusnucleo:latest -f node-api/Dockerfile .
docker push $REG/radiusnucleo:${{ github.sha }} docker push $REG/$REPO_OWNER/radiusnucleo:${{ github.sha }}
docker push $REG/radiusnucleo:latest docker push $REG/$REPO_OWNER/radiusnucleo:latest
- name: Build+push radiusnucleo-freeradius - name: Build+push radiusnucleo-freeradius
run: | run: |
docker build -t $REG/radiusnucleo-freeradius:${{ github.sha }} -t $REG/radiusnucleo-freeradius:latest ./freeradius docker build -t $REG/$REPO_OWNER/radiusnucleo-freeradius:${{ github.sha }} -t $REG/$REPO_OWNER/radiusnucleo-freeradius:latest ./freeradius
docker push $REG/radiusnucleo-freeradius:${{ github.sha }} docker push $REG/$REPO_OWNER/radiusnucleo-freeradius:${{ github.sha }}
docker push $REG/radiusnucleo-freeradius:latest docker push $REG/$REPO_OWNER/radiusnucleo-freeradius:latest
- name: Info about environment
run: |
echo " Deploying $APP_NAME"
echo " Domain: $APP_DOMAIN"
echo " Image Node: $REG/$REPO_OWNER/radiusnucleo:latest"
echo " Image FreeRADIUS: $REG/$REPO_OWNER/radiusnucleo-freeradius:latest"
echo " Networks: principal, radiusnucleo_radius_net"
- name: Ensure external docker networks exist - name: Ensure external docker networks exist
run: | run: |
@@ -38,13 +51,19 @@ jobs:
docker network inspect radiusnucleo_radius_net >/dev/null 2>&1 || docker network create radiusnucleo_radius_net docker network inspect radiusnucleo_radius_net >/dev/null 2>&1 || docker network create radiusnucleo_radius_net
- name: Pull fresh images used in compose - name: Pull fresh images used in compose
run: docker compose -f docker-compose.yml pull env:
RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
run: docker compose pull
- name: Clean up stack - name: Clean up stack
run: docker compose -f docker-compose.yml --project-name radiusnucleo down env:
RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
run: docker compose --project-name $APP_NAME down
- name: Update stack - name: Update stack
run: docker compose -f docker-compose.yml --project-name radiusnucleo up -d --remove-orphans env:
RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
- name: Show service status RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
run: docker compose -f docker-compose.yml --project-name radiusnucleo ps run: docker compose --project-name $APP_NAME up -d --remove-orphans --wait

39
docker-compose.yml
View File

@@ -1,14 +1,13 @@
version: "3.9"
version: "3.9" services:
radiusnucleo-node:
services: build:
radiusnucleo-node: context: .
build: dockerfile: node-api/Dockerfile
context: . image: ${REG}/${REPO_OWNER}/radiusnucleo:latest
dockerfile: node-api/Dockerfile container_name: radiusnucleo-node-1
image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo:latest environment:
container_name: radiusnucleo-node-1
environment:
- VLAN_ID=2 - VLAN_ID=2
- MAX_UP=10000000 - MAX_UP=10000000
- MAX_DOWN=10000000 - MAX_DOWN=10000000
@@ -20,12 +19,12 @@
- PGDATABASE=radius - PGDATABASE=radius
- PGUSER=radius - PGUSER=radius
- PGPASSWORD=radius - PGPASSWORD=radius
networks: networks:
principal: principal:
radiusnucleo_radius_net: radiusnucleo_radius_net:
aliases: aliases:
- node - node
labels: labels:
# Habilitar Traefik # Habilitar Traefik
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=principal" - "traefik.docker.network=principal"
@@ -59,7 +58,7 @@
freeradius: freeradius:
build: ./freeradius build: ./freeradius
image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo-freeradius:latest image: ${REG}/${REPO_OWNER}/radiusnucleo-freeradius:latest
depends_on: depends_on:
- radiusnucleo-node - radiusnucleo-node
- postgres - postgres
@@ -88,11 +87,11 @@
- radiusnucleo_radius_net - radiusnucleo_radius_net
- principal - principal
networks: networks:
principal: principal:
external: true external: true
radiusnucleo_radius_net: radiusnucleo_radius_net:
external: true external: true
volumes: volumes:
postgres_data: postgres_data: