feat: update deployment workflow to use SSH for production server

2026-03-26 15:28:19 +01:00
parent ccf1436ffc
commit 1f2f4bc512
1 changed files with 33 additions and 74 deletions
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -20,17 +20,11 @@ jobs:
      # Le tag d'image dépend de la branche :
      #   main → webzine:latest
      #   dev  → webzine:dev
      - name: Set image tag
        id: vars
        run: |
-          if [ "${{ gitea.ref_name }}" = "main" ]; then
+          echo "IMAGE_TAG=latest" >> $GITHUB_OUTPUT
-            echo "IMAGE_TAG=latest" >> $GITHUB_OUTPUT
+          echo "ENV_LABEL=production" >> $GITHUB_OUTPUT
            echo "ENV_LABEL=production" >> $GITHUB_OUTPUT
          else
            echo "IMAGE_TAG=dev" >> $GITHUB_OUTPUT
            echo "ENV_LABEL=development" >> $GITHUB_OUTPUT
          fi
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
@@ -64,77 +58,42 @@ jobs:
  deploy-production:
    name: Deploy to Production
    needs: build
-    if: gitea.ref_name == 'main'
+    runs-on: ubuntu-latest
    runs-on: self-hosted
    steps:
-      - name: Deploy on PRODUCTION server
+      - name: Deploy via SSH to PRODUCTION server
-        run: |
+        uses: appleboy/ssh-action@v1.0.3
-          set -e
+        with:
          host: ${{ secrets.PROD_SSH_HOST }}
          username: ${{ secrets.PROD_SSH_USER }}
          key: ${{ secrets.PROD_SSH_KEY }}
          port: ${{ secrets.PROD_SSH_PORT || 22 }}
          script: |
            set -e
-          echo "=== [PROD] Récupération de l'image ==="
+            echo "=== [PROD] Récupération de l'image ==="
-          docker login ${{ vars.REGISTRY_URL }} \
+            docker login ${{ vars.REGISTRY_URL }} \
-            -u ${{ secrets.REGISTRY_USERNAME }} \
+              -u ${{ secrets.REGISTRY_USERNAME }} \
-            -p ${{ secrets.REGISTRY_PASSWORD }}
+              -p ${{ secrets.REGISTRY_PASSWORD }}
-          docker pull ${{ vars.REGISTRY_URL }}/webzine/webzine:latest
+            docker pull ${{ vars.REGISTRY_URL }}/webzine/webzine:latest
-          echo "=== [PROD] Arrêt de l'ancien conteneur ==="
+            echo "=== [PROD] Arrêt de l'ancien conteneur ==="
-          docker stop webzine-prod 2>/dev/null || true
+            docker stop webzine-prod 2>/dev/null || true
-          docker rm   webzine-prod 2>/dev/null || true
+            docker rm   webzine-prod 2>/dev/null || true
-          echo "=== [PROD] Démarrage du nouveau conteneur ==="
+            echo "=== [PROD] Démarrage du nouveau conteneur ==="
-          docker run -d \
+            docker run -d \
-            --name webzine-prod \
+              --name webzine-prod \
-            --restart unless-stopped \
+              --restart unless-stopped \
-            -p 80:8080 \
+              -p 80:8080 \
-            -p 443:8081 \
+              -p 443:8081 \
-            -v /opt/webzine/prod/data:/app/Data \
+              -v /opt/webzine/prod/data:/app/Data \
-            -v /opt/webzine/prod/logs:/Logs \
+              -v /opt/webzine/prod/logs:/Logs \
-            -e ASPNETCORE_ENVIRONMENT=Production \
+              -e ASPNETCORE_ENVIRONMENT=Production \
-            ${{ vars.REGISTRY_URL }}/webzine/webzine:latest
+              ${{ vars.REGISTRY_URL }}/webzine/webzine:latest
-          echo "=== [PROD] Nettoyage des anciennes images ==="
+            echo "=== [PROD] Nettoyage des anciennes images ==="
-          docker image prune -f
+            docker image prune -f
-          echo "=== [PROD] Déploiement terminé ==="
+            echo "=== [PROD] Déploiement terminé ==="
  # ─────────────────────────────────────────────
  # DÉPLOIEMENT — Serveur de DÉVELOPPEMENT (branche dev)
  # ─────────────────────────────────────────────
  deploy-development:
    name: Deploy to Development
    needs: build
    if: gitea.ref_name == 'dev'
    runs-on: self-hosted
    steps:
      - name: Deploy on DEVELOPMENT server
        run: |
          set -e
          echo "=== [DEV] Récupération de l'image ==="
          docker login ${{ vars.REGISTRY_URL }} \
            -u ${{ secrets.REGISTRY_USERNAME }} \
            -p ${{ secrets.REGISTRY_PASSWORD }}
          docker pull ${{ vars.REGISTRY_URL }}/webzine/webzine:dev
          echo "=== [DEV] Arrêt de l'ancien conteneur ==="
          docker stop webzine-dev 2>/dev/null || true
          docker rm   webzine-dev 2>/dev/null || true
          echo "=== [DEV] Démarrage du nouveau conteneur ==="
          docker run -d \
            --name webzine-dev \
            --restart unless-stopped \
            -p 8080:8080 \
            -v /opt/webzine/dev/data:/app/Data \
            -v /opt/webzine/dev/logs:/Logs \
            -e ASPNETCORE_ENVIRONMENT=Development \
            ${{ vars.REGISTRY_URL }}/webzine/webzine:dev
          echo "=== [DEV] Nettoyage des anciennes images ==="
          docker image prune -f
          echo "=== [DEV] Déploiement terminé ==="