Modernizar workflow y docker-compose con variables

- Convertir imágenes hardcodeadas a variables (REG, REPO_OWNER) - Agregar variables APP_NAME y APP_DOMAIN al workflow - Agregar flag --wait al despliegue para esperar contenedores listos - Pasar variables de entorno (RADIUS_*) explícitamente en cada paso - Agregar paso informativo sobre el deployment - Simplificar comandos docker compose (sin -f innecesario) - Corregir indentación del docker-compose.yml - Eliminar paso redundante "Show service status" Estos cambios hacen que el workflow sea más robusto y consistente con el patrón usado en analiticaNucleo.
2025-10-28 10:25:07 -06:00
parent 732edadcb6
commit 67e2e4cb0f
2 changed files with 51 additions and 33 deletions
--- a/.gitea/workflows/build-and-deploy.yml
+++ b/.gitea/workflows/build-and-deploy.yml
@@ -5,10 +5,15 @@ on:
    branches: [ main ]

 jobs:
+#───────────────── build, push & deploy (unified) ─────────────────
  build-and-deploy:
    runs-on: docker
    env:
-      REG: ${{ vars.REGISTRY_URL }}/${{ github.repository_owner }}
+      REG: ${{ vars.REGISTRY_URL }}
+      REPO_OWNER: ${{ github.repository_owner }}
+      APP_NAME: radiusnucleo
+      APP_DOMAIN: wifi.nucleoriofrio.com
+      # Variables sensibles de entorno desde secrets
      RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
      RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
    steps:
@@ -22,15 +27,23 @@ jobs:

      - name: Build+push radiusnucleo (with SPA)
        run: |
-          docker build -t $REG/radiusnucleo:${{ github.sha }} -t $REG/radiusnucleo:latest -f node-api/Dockerfile .
-          docker push $REG/radiusnucleo:${{ github.sha }}
-          docker push $REG/radiusnucleo:latest
+          docker build -t $REG/$REPO_OWNER/radiusnucleo:${{ github.sha }} -t $REG/$REPO_OWNER/radiusnucleo:latest -f node-api/Dockerfile .
+          docker push $REG/$REPO_OWNER/radiusnucleo:${{ github.sha }}
+          docker push $REG/$REPO_OWNER/radiusnucleo:latest

      - name: Build+push radiusnucleo-freeradius
        run: |
-          docker build -t $REG/radiusnucleo-freeradius:${{ github.sha }} -t $REG/radiusnucleo-freeradius:latest ./freeradius
-          docker push $REG/radiusnucleo-freeradius:${{ github.sha }}
-          docker push $REG/radiusnucleo-freeradius:latest
+          docker build -t $REG/$REPO_OWNER/radiusnucleo-freeradius:${{ github.sha }} -t $REG/$REPO_OWNER/radiusnucleo-freeradius:latest ./freeradius
+          docker push $REG/$REPO_OWNER/radiusnucleo-freeradius:${{ github.sha }}
+          docker push $REG/$REPO_OWNER/radiusnucleo-freeradius:latest
+
+      - name: Info about environment
+        run: |
+          echo "ℹ️  Deploying $APP_NAME"
+          echo "   Domain: $APP_DOMAIN"
+          echo "   Image Node: $REG/$REPO_OWNER/radiusnucleo:latest"
+          echo "   Image FreeRADIUS: $REG/$REPO_OWNER/radiusnucleo-freeradius:latest"
+          echo "   Networks: principal, radiusnucleo_radius_net"

      - name: Ensure external docker networks exist
        run: |
@@ -38,13 +51,19 @@ jobs:
          docker network inspect radiusnucleo_radius_net >/dev/null 2>&1 || docker network create radiusnucleo_radius_net

      - name: Pull fresh images used in compose
-        run: docker compose -f docker-compose.yml pull
+        env:
+          RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
+          RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
+        run: docker compose pull

      - name: Clean up stack
-        run: docker compose -f docker-compose.yml --project-name radiusnucleo down
+        env:
+          RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
+          RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
+        run: docker compose --project-name $APP_NAME down

      - name: Update stack
-        run: docker compose -f docker-compose.yml --project-name radiusnucleo up -d --remove-orphans
-
-      - name: Show service status
-        run: docker compose -f docker-compose.yml --project-name radiusnucleo ps
+        env:
+          RADIUS_CLIENTS_CIDR: ${{ secrets.RADIUS_CLIENTS_CIDR }}
+          RADIUS_SHARED_SECRET: ${{ secrets.RADIUS_SHARED_SECRET }}
+        run: docker compose --project-name $APP_NAME up -d --remove-orphans --wait
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,14 +1,13 @@
+version: "3.9"

-  version: "3.9"
-
-  services:
-    radiusnucleo-node:
-      build:
-        context: .
-        dockerfile: node-api/Dockerfile
-      image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo:latest
-      container_name: radiusnucleo-node-1
-      environment:
+services:
+  radiusnucleo-node:
+    build:
+      context: .
+      dockerfile: node-api/Dockerfile
+    image: ${REG}/${REPO_OWNER}/radiusnucleo:latest
+    container_name: radiusnucleo-node-1
+    environment:
        - VLAN_ID=2
        - MAX_UP=10000000
        - MAX_DOWN=10000000
@@ -20,12 +19,12 @@
        - PGDATABASE=radius
        - PGUSER=radius
        - PGPASSWORD=radius
-      networks:
+    networks:
        principal:
        radiusnucleo_radius_net:
          aliases:
            - node
-      labels:
+    labels:
        # Habilitar Traefik
        - "traefik.enable=true"
        - "traefik.docker.network=principal"
@@ -59,7 +58,7 @@

    freeradius:
      build: ./freeradius
-      image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo-freeradius:latest
+      image: ${REG}/${REPO_OWNER}/radiusnucleo-freeradius:latest
      depends_on:
        - radiusnucleo-node
        - postgres
@@ -88,11 +87,11 @@
        - radiusnucleo_radius_net
        - principal

-  networks:
-    principal:
-      external: true
-    radiusnucleo_radius_net:
-      external: true
+networks:
+  principal:
+    external: true
+  radiusnucleo_radius_net:
+    external: true

-  volumes:
-    postgres_data:
+volumes:
+  postgres_data: