andresgarcia0313
/
academia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: remove checkout action, use passwordless sudo, simplify workflow
CI/CD Pipeline / deploy (push) Failing after 21s Details
CI/CD Pipeline / smoke-tests (push) Has been skipped Details
CI/CD Pipeline / rollback (push) Has been skipped Details 

- No checkout needed (code pulled via git on K3s server)
- Use passwordless sudo on K3s server
- Simplified smoke tests to single step
- Reduced workflow complexity

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Andrés Eduardo García Márquez 2026-01-09 07:51:24 -05:00
parent cfac85275b
commit 2b9679ee55
1 changed files with 33 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
.gitea/workflows/deploy.yaml
View File

@ -12,13 +12,10 @@ env:
DOMAIN: "academia.ingeniumcodex.com" DOMAIN: "academia.ingeniumcodex.com"
jobs: jobs:
# Job único: Build, Test y Deploy en K3s (más eficiente en recursos) # Job: Build, Test y Deploy via SSH (no necesita checkout local)
build-test-deploy: deploy:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup SSH - name: Setup SSH
run: | run: |
mkdir -p ~/.ssh mkdir -p ~/.ssh
@ -26,86 +23,67 @@ jobs:
chmod 600 ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa
ssh-keyscan -H ${{ env.K3S_HOST }} >> ~/.ssh/known_hosts 2>/dev/null ssh-keyscan -H ${{ env.K3S_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
- name: Build, Test & Deploy - name: Build, Test & Deploy on K3s
run: | run: |
ssh ${{ env.K3S_USER }}@${{ env.K3S_HOST }} << 'ENDSSH' ssh ${{ env.K3S_USER }}@${{ env.K3S_HOST }} 'bash -s' << 'ENDSSH'
set -e set -e
cd ~/academia cd ~/academia
# Pull latest changes
echo "=== Pulling latest code ===" echo "=== Pulling latest code ==="
git fetch origin main git fetch origin main
git reset --hard origin/main git reset --hard origin/main
# Run tests (en el servidor que tiene más recursos)
echo "=== Running tests ===" echo "=== Running tests ==="
dotnet test tests/Domain.Tests --verbosity minimal || exit 1 dotnet test tests/Domain.Tests --verbosity minimal
dotnet test tests/Application.Tests --verbosity minimal || exit 1 dotnet test tests/Application.Tests --verbosity minimal
# Build Docker images echo "=== Building Docker images ==="
echo "=== Building images ===" sudo docker build -f deploy/docker/Dockerfile.api -t student-api:latest . &
echo '${{ secrets.K3S_SUDO_PASS }}' | sudo -S docker build \
-f deploy/docker/Dockerfile.api -t student-api:latest . &
PID_API=$! PID_API=$!
sudo docker build -f deploy/docker/Dockerfile.frontend -t student-frontend:latest . &
echo '${{ secrets.K3S_SUDO_PASS }}' | sudo -S docker build \
-f deploy/docker/Dockerfile.frontend -t student-frontend:latest . &
PID_FE=$! PID_FE=$!
wait $PID_API
wait $PID_FE
wait $PID_API || exit 1
wait $PID_FE || exit 1
# Import to k3s
echo "=== Importing to K3s ===" echo "=== Importing to K3s ==="
echo '${{ secrets.K3S_SUDO_PASS }}' | sudo -S sh -c \ sudo sh -c 'docker save student-api:latest | k3s ctr images import -'
'docker save student-api:latest | k3s ctr images import -' sudo sh -c 'docker save student-frontend:latest | k3s ctr images import -'
echo '${{ secrets.K3S_SUDO_PASS }}' | sudo -S sh -c \
'docker save student-frontend:latest | k3s ctr images import -'
# Deploy
echo "=== Deploying ===" echo "=== Deploying ==="
echo '${{ secrets.K3S_SUDO_PASS }}' | sudo -S kubectl apply -k deploy/k3s/ sudo kubectl apply -k deploy/k3s/
echo '${{ secrets.K3S_SUDO_PASS }}' | sudo -S kubectl rollout restart \ sudo kubectl rollout restart deployment/student-api deployment/student-frontend -n academia
deployment/student-api deployment/student-frontend -n academia
# Wait for rollout
echo "=== Waiting for rollout ===" echo "=== Waiting for rollout ==="
echo '${{ secrets.K3S_SUDO_PASS }}' | sudo -S kubectl rollout status \ sudo kubectl rollout status deployment/student-api -n academia --timeout=180s
deployment/student-api -n academia --timeout=180s sudo kubectl rollout status deployment/student-frontend -n academia --timeout=60s
echo '${{ secrets.K3S_SUDO_PASS }}' | sudo -S kubectl rollout status \
deployment/student-frontend -n academia --timeout=60s echo "=== Deploy complete ==="
ENDSSH ENDSSH
# Smoke Tests en Producción # Smoke Tests
smoke-tests: smoke-tests:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build-test-deploy needs: deploy
steps: steps:
- name: Wait for services - name: Wait for services
run: sleep 15 run: sleep 15
- name: Health Check API - name: Verify Production
run: | run: |
response=$(curl -sf https://${{ env.DOMAIN }}/health) echo "Checking health..."
echo "Health: $response" curl -sf https://${{ env.DOMAIN }}/health | grep -q '"status":"Healthy"'
echo "$response" | grep -q '"status":"Healthy"' || exit 1
- name: Frontend Check echo "Checking frontend..."
run: curl -sf https://${{ env.DOMAIN }}/ | grep -q 'Sistema de Estudiantes' || exit 1 curl -sf https://${{ env.DOMAIN }}/ | grep -q 'Sistema de Estudiantes'
- name: GraphQL Check echo "Checking GraphQL..."
run: | curl -sf -X POST https://${{ env.DOMAIN }}/graphql \
response=$(curl -sf -X POST https://${{ env.DOMAIN }}/graphql \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-d '{"query":"{ subjects { id name } }"}') -d '{"query":"{ subjects { id } }"}' | grep -q '"subjects"'
echo "GraphQL: $response"
echo "$response" | grep -q '"subjects"' || exit 1
- name: Database Check echo "All checks passed!"
run: |
curl -sf https://${{ env.DOMAIN }}/health | grep -q '"name":"database","status":"Healthy"' || exit 1
# Rollback si smoke tests fallan # Rollback on failure
rollback: rollback:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: smoke-tests needs: smoke-tests
@ -120,7 +98,5 @@ jobs:
- name: Rollback - name: Rollback
run: | run: |
ssh ${{ env.K3S_USER }}@${{ env.K3S_HOST }} << 'ENDSSH' ssh ${{ env.K3S_USER }}@${{ env.K3S_HOST }} \
echo '${{ secrets.K3S_SUDO_PASS }}' | sudo -S kubectl rollout undo \ 'sudo kubectl rollout undo deployment/student-api deployment/student-frontend -n academia'
deployment/student-api deployment/student-frontend -n academia
ENDSSH