hotfix: remove obsolete git permissions step from backend deploy work… #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Backend Deploy Pipeline | |
| on: | |
| push: | |
| branches: [ 'main' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| runs-on: [ self-hosted, linux, x64, backend ] | |
| timeout-minutes: 15 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Ensure buildx cache | |
| run: mkdir -p /tmp/.buildx-cache | |
| - name: Cache Docker layers | |
| uses: actions/cache@v4 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| password: ${{ secrets.DOCKER_HUB_PASSWORD }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile | |
| push: true | |
| tags: leonardomeireles55/quality-lab-pro-back-end:latest | |
| cache-from: type=registry,ref=leonardomeireles55/quality-lab-pro-back-end:latest | |
| cache-to: type=inline,mode=min | |
| deploy: | |
| runs-on: [ self-hosted, linux, x64, backend ] | |
| needs: build | |
| environment: Production | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Deploy | |
| env: | |
| DB_DATABASE: ${{ secrets.DB_DATABASE }} | |
| DB_DATABASE_TEST: ${{ secrets.DB_DATABASE_TEST }} | |
| DB_ROOT_PASSWORD: ${{ secrets.DB_ROOT_PASSWORD }} | |
| DB_LOCAL_PORT: ${{ secrets.DB_LOCAL_PORT }} | |
| DB_USER: ${{ secrets.DB_USER }} | |
| DB_DOCKER_PORT: ${{ secrets.DB_DOCKER_PORT }} | |
| SERVER_LOCAL_PORT: ${{ secrets.SERVER_LOCAL_PORT }} | |
| SERVER_DOCKER_PORT: ${{ secrets.SERVER_DOCKER_PORT }} | |
| SPRING_PROFILES_ACTIVE: ${{ secrets.SPRING_PROFILES_ACTIVE }} | |
| SPRING_DATASOURCE_URL: ${{ secrets.SPRING_DATASOURCE_URL }} | |
| API_SECURITY_ISSUER: ${{ secrets.API_SECURITY_ISSUER }} | |
| API_SECURITY_TOKEN_SECRET: ${{ secrets.API_SECURITY_TOKEN_SECRET }} | |
| SPRING_MAIL_USERNAME: ${{ secrets.SPRING_MAIL_USERNAME }} | |
| SPRING_MAIL_PASSWORD: ${{ secrets.SPRING_MAIL_PASSWORD }} | |
| EMAIL_TO_SEND_LIST: ${{ secrets.EMAIL_TO_SEND_LIST }} | |
| run: | | |
| for i in 1 2 3; do | |
| if docker compose pull && docker compose up -d; then | |
| exit 0 | |
| fi | |
| echo "Retry $i/3..." | |
| sleep 10 | |
| done | |
| exit 1 | |
| health-check: | |
| runs-on: [ self-hosted, linux, x64, backend ] | |
| needs: deploy | |
| timeout-minutes: 5 | |
| steps: | |
| - name: Health check with timeout and retry | |
| run: | | |
| max_attempts=12 | |
| attempt=1 | |
| while [ $attempt -le $max_attempts ]; do | |
| if curl -sSf https://lab-spec.systems/backend/actuator/health; then | |
| echo "Service is healthy!" | |
| exit 0 | |
| fi | |
| echo "Attempt $attempt/$max_attempts - Service not healthy yet..." | |
| sleep 15 | |
| attempt=$((attempt + 1)) | |
| done | |
| echo "Health check failed after $max_attempts attempts" | |
| exit 1 | |
| notify: | |
| runs-on: [ self-hosted, linux, x64, backend ] | |
| needs: [deploy, health-check, health-check] | |
| if: always() | |
| steps: | |
| - name: Notify deployment status | |
| run: | | |
| if [ "${{ job.status }}" = "success" ]; then | |
| echo "✅ Deployment completed successfully" | |
| else | |
| echo "❌ Deployment failed" | |
| fi |