webzine/.gitea/workflows/deploy.yml

name: Deploy Webzine

on:
  push:
    branches:
      - main
      - dev

jobs:
  # ─────────────────────────────────────────────
  # COMPILATION — commun aux deux branches
  # ─────────────────────────────────────────────
  build:
    name: Build & Push Docker Image
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      # Le tag d'image dépend de la branche :
      #   main → webzine:latest
      - name: Set image tag
        id: vars
        run: |
          echo "IMAGE_TAG=latest" >> $GITHUB_OUTPUT
          echo "ENV_LABEL=production" >> $GITHUB_OUTPUT

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      # Connexion au registry Gitea intégré
      - name: Log in to Gitea Container Registry
        uses: docker/login-action@v3
        with:
          registry: ${{ vars.REGISTRY_URL }}
          username: ${{ secrets.REGISTRY_USERNAME }}
          password: ${{ secrets.REGISTRY_PASSWORD }}

      # Construction et publication de l'image Docker
      - name: Build and push Docker image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./Webzine.WebApplication/Dockerfile
          push: true
          tags: ${{ vars.REGISTRY_URL }}/webzine/webzine:${{ steps.vars.outputs.IMAGE_TAG }}
          cache-from: type=registry,ref=${{ vars.REGISTRY_URL }}/webzine/webzine:buildcache-${{ steps.vars.outputs.IMAGE_TAG }}
          cache-to: type=registry,ref=${{ vars.REGISTRY_URL }}/webzine/webzine:buildcache-${{ steps.vars.outputs.IMAGE_TAG }},mode=max

    outputs:
      image_tag: ${{ steps.vars.outputs.IMAGE_TAG }}
      env_label: ${{ steps.vars.outputs.ENV_LABEL }}

  # ─────────────────────────────────────────────
  # DÉPLOIEMENT — Serveur de PRODUCTION (branche main)
  # ─────────────────────────────────────────────
  deploy-production:
    name: Deploy to Production
    needs: build
    runs-on: ubuntu-latest

    steps:
      - name: Deploy via SSH to PRODUCTION server
        uses: appleboy/ssh-action@v1.0.3
        with:
          host: ${{ secrets.PROD_HOST }}
          username: ${{ secrets.PROD_USER }}
          key: ${{ secrets.PROD_SSH_KEY }}
          port: ${{ secrets.PROD_SSH_PORT || 22 }}
          script: |
            set -e

            echo "=== [PROD] Récupération de l'image ==="
            docker login ${{ vars.REGISTRY_URL }} \
              -u ${{ secrets.REGISTRY_USERNAME }} \
              -p ${{ secrets.REGISTRY_PASSWORD }}

            docker pull ${{ vars.REGISTRY_URL }}/webzine/webzine:latest

            echo "=== [PROD] Arrêt de l'ancien conteneur ==="
            docker stop webzine-prod 2>/dev/null || true
            docker rm   webzine-prod 2>/dev/null || true

            echo "=== [PROD] Démarrage du nouveau conteneur ==="
            docker run -d \
              --name webzine-prod \
              --restart unless-stopped \
              -p 80:8080 \
              -p 443:8081 \
              -v /opt/webzine/prod/data:/app/Data \
              -v /opt/webzine/prod/logs:/Logs \
              -e ASPNETCORE_ENVIRONMENT=Production \
              ${{ vars.REGISTRY_URL }}/webzine/webzine:latest

            echo "=== [PROD] Nettoyage des anciennes images ==="
            docker image prune -f

            echo "=== [PROD] Déploiement terminé ==="