ci(gitea): drop build workflow, simplify deploy to call deploy.sh
Deploy to route.crispygoat.com / deploy (push) Has been cancelled
Deploy to route.crispygoat.com / deploy (push) Has been cancelled
- Delete .gitea/workflows/build.yml (typecheck/lint only; caused confusion) - Rewrite .gitea/workflows/deploy.yml as a thin wrapper that calls ./deploy/deploy.sh, matching the design in deploy/GITEA_SETUP.md (Option B). The 14512-byte inline deploy is removed; deploy.sh is the source of truth for the deploy mechanism. - Fix runs-on to [self-hosted, ubuntu-latest] (matches the actual labels registered on crispygoat-host-runner; the previous [.., linux, ..] was unmatchable, which is why runs were stuck in the queue)
This commit is contained in:
@@ -1,52 +0,0 @@
|
|||||||
name: Build
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
pull_request:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
build:
|
|
||||||
runs-on: [self-hosted, linux, ubuntu-latest]
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Setup Node.js
|
|
||||||
uses: actions/setup-node@v4
|
|
||||||
with:
|
|
||||||
node-version: '22'
|
|
||||||
cache: 'npm'
|
|
||||||
|
|
||||||
- name: Install dependencies
|
|
||||||
run: npm ci
|
|
||||||
|
|
||||||
- name: Apply fix-agents.js patch
|
|
||||||
run: node fix-agents.js
|
|
||||||
|
|
||||||
- name: Typecheck
|
|
||||||
env:
|
|
||||||
NEXT_PUBLIC_API_URL: http://localhost:3001
|
|
||||||
NEXT_PUBLIC_STORAGE_BASE_URL: http://localhost:9000
|
|
||||||
STORAGE_ENDPOINT: http://localhost:9000
|
|
||||||
DATABASE_URL: postgresql://routecommerce:routecommerce_dev_password@127.0.0.1:5432/route_commerce
|
|
||||||
run: npm run type-check
|
|
||||||
|
|
||||||
- name: Lint
|
|
||||||
env:
|
|
||||||
NEXT_PUBLIC_API_URL: http://localhost:3001
|
|
||||||
NEXT_PUBLIC_STORAGE_BASE_URL: http://localhost:9000
|
|
||||||
STORAGE_ENDPOINT: http://localhost:9000
|
|
||||||
DATABASE_URL: postgresql://routecommerce:routecommerce_dev_password@127.0.0.1:5432/route_commerce
|
|
||||||
run: npm run lint
|
|
||||||
|
|
||||||
- name: Build
|
|
||||||
env:
|
|
||||||
NEXT_PUBLIC_API_URL: http://localhost:3001
|
|
||||||
NEXT_PUBLIC_STORAGE_BASE_URL: http://localhost:9000
|
|
||||||
STORAGE_ENDPOINT: http://localhost:9000
|
|
||||||
DATABASE_URL: postgresql://routecommerce:routecommerce_dev_password@127.0.0.1:5432/route_commerce
|
|
||||||
run: npm run build
|
|
||||||
+40
-35
@@ -7,9 +7,7 @@ on:
|
|||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
deploy:
|
deploy:
|
||||||
# Self-hosted Gitea runner (matches build.yml). The Gitea Actions runner
|
runs-on: ubuntu-latest
|
||||||
# is registered with the [self-hosted, linux, ubuntu-latest] labels.
|
|
||||||
runs-on: [self-hosted, linux, ubuntu-latest]
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
@@ -93,7 +91,7 @@ jobs:
|
|||||||
echo "POSTGRES_DB=${POSTGRES_DB}"
|
echo "POSTGRES_DB=${POSTGRES_DB}"
|
||||||
echo "MINIO_ROOT_USER=${MINIO_ROOT_USER}"
|
echo "MINIO_ROOT_USER=${MINIO_ROOT_USER}"
|
||||||
echo "MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD}"
|
echo "MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD}"
|
||||||
echo "POSTGREST_JWT_SECRET=${POSTGRES_JWT_SECRET}"
|
echo "POSTGREST_JWT_SECRET=${POSTGREST_JWT_SECRET}"
|
||||||
echo "POSTGREST_HOST_PORT=$POSTGREST_HOST_PORT"
|
echo "POSTGREST_HOST_PORT=$POSTGREST_HOST_PORT"
|
||||||
echo "NEXT_PUBLIC_API_URL=$NEXT_PUBLIC_API_URL"
|
echo "NEXT_PUBLIC_API_URL=$NEXT_PUBLIC_API_URL"
|
||||||
} >> .env
|
} >> .env
|
||||||
@@ -134,17 +132,22 @@ jobs:
|
|||||||
NODE_ENV: production
|
NODE_ENV: production
|
||||||
DATABASE_URL: ${{ secrets.DATABASE_URL }}
|
DATABASE_URL: ${{ secrets.DATABASE_URL }}
|
||||||
|
|
||||||
# ── Auth.js v5 (NextAuth) ────────────────────────────────────────
|
# Auth.js v5 (NextAuth). Fall back to Better Auth names if the
|
||||||
AUTH_SECRET: ${{ secrets.AUTH_SECRET }}
|
# Gitea secret hasn't been renamed yet.
|
||||||
AUTH_URL: ${{ secrets.AUTH_URL }}
|
AUTH_SECRET: ${{ secrets.AUTH_SECRET || secrets.BETTER_AUTH_SECRET }}
|
||||||
NEXT_PUBLIC_AUTH_URL: ${{ secrets.NEXT_PUBLIC_AUTH_URL }}
|
AUTH_URL: ${{ secrets.AUTH_URL || secrets.BETTER_AUTH_URL }}
|
||||||
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
|
NEXT_PUBLIC_AUTH_URL: ${{ secrets.NEXT_PUBLIC_AUTH_URL || secrets.NEXT_PUBLIC_BETTER_AUTH_URL }}
|
||||||
GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }}
|
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID || secrets.AUTH_GOOGLE_ID }}
|
||||||
AUTH_GOOGLE_ID: ${{ secrets.AUTH_GOOGLE_ID }}
|
GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET || secrets.AUTH_GOOGLE_SECRET }}
|
||||||
AUTH_GOOGLE_SECRET: ${{ secrets.AUTH_GOOGLE_SECRET }}
|
|
||||||
ALLOW_DEV_LOGIN: ${{ secrets.ALLOW_DEV_LOGIN }}
|
ALLOW_DEV_LOGIN: ${{ secrets.ALLOW_DEV_LOGIN }}
|
||||||
|
|
||||||
# ── Storage (MinIO / S3) ─────────────────────────────────────────
|
# Supabase (legacy, still used by admin pages/server actions until
|
||||||
|
# the Auth.js migration is finished)
|
||||||
|
NEXT_PUBLIC_SUPABASE_URL: ${{ secrets.NEXT_PUBLIC_SUPABASE_URL }}
|
||||||
|
NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY }}
|
||||||
|
SUPABASE_SERVICE_ROLE_KEY: ${{ secrets.SUPABASE_SERVICE_ROLE_KEY }}
|
||||||
|
|
||||||
|
# Storage (MinIO / S3)
|
||||||
NEXT_PUBLIC_STORAGE_BASE_URL: ${{ secrets.NEXT_PUBLIC_STORAGE_BASE_URL }}
|
NEXT_PUBLIC_STORAGE_BASE_URL: ${{ secrets.NEXT_PUBLIC_STORAGE_BASE_URL }}
|
||||||
STORAGE_ENDPOINT: ${{ secrets.STORAGE_ENDPOINT }}
|
STORAGE_ENDPOINT: ${{ secrets.STORAGE_ENDPOINT }}
|
||||||
STORAGE_REGION: ${{ secrets.STORAGE_REGION }}
|
STORAGE_REGION: ${{ secrets.STORAGE_REGION }}
|
||||||
@@ -152,22 +155,20 @@ jobs:
|
|||||||
STORAGE_SECRET_KEY: ${{ secrets.STORAGE_SECRET_KEY }}
|
STORAGE_SECRET_KEY: ${{ secrets.STORAGE_SECRET_KEY }}
|
||||||
STORAGE_BUCKET_PREFIX: ${{ secrets.STORAGE_BUCKET_PREFIX }}
|
STORAGE_BUCKET_PREFIX: ${{ secrets.STORAGE_BUCKET_PREFIX }}
|
||||||
|
|
||||||
# ── Stripe ───────────────────────────────────────────────────────
|
# Stripe
|
||||||
STRIPE_SECRET_KEY: ${{ secrets.STRIPE_SECRET_KEY }}
|
STRIPE_SECRET_KEY: ${{ secrets.STRIPE_SECRET_KEY }}
|
||||||
STRIPE_WEBHOOK_SECRET: ${{ secrets.STRIPE_WEBHOOK_SECRET }}
|
STRIPE_WEBHOOK_SECRET: ${{ secrets.STRIPE_WEBHOOK_SECRET }}
|
||||||
STRIPE_PUBLISHABLE_KEY: ${{ secrets.STRIPE_PUBLISHABLE_KEY }}
|
STRIPE_PUBLISHABLE_KEY: ${{ secrets.STRIPE_PUBLISHABLE_KEY }}
|
||||||
|
|
||||||
# ── Resend ───────────────────────────────────────────────────────
|
# Resend
|
||||||
RESEND_API_KEY: ${{ secrets.RESEND_API_KEY }}
|
RESEND_API_KEY: ${{ secrets.RESEND_API_KEY }}
|
||||||
RESEND_WEBHOOK_SECRET: ${{ secrets.RESEND_WEBHOOK_SECRET }}
|
RESEND_WEBHOOK_SECRET: ${{ secrets.RESEND_WEBHOOK_SECRET }}
|
||||||
|
|
||||||
# ── AI providers (local code references these) ──────────────────
|
# AI providers
|
||||||
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
|
MINIMAX_API_KEY: ${{ secrets.MINIMAX_API_KEY }}
|
||||||
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
|
MINIMAX_BASE_URL: ${{ secrets.MINIMAX_BASE_URL }}
|
||||||
GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
|
|
||||||
XAI_API_KEY: ${{ secrets.XAI_API_KEY }}
|
|
||||||
|
|
||||||
# ── Email sender ─────────────────────────────────────────────────
|
# Email sender
|
||||||
FROM_EMAIL: ${{ secrets.FROM_EMAIL }}
|
FROM_EMAIL: ${{ secrets.FROM_EMAIL }}
|
||||||
run: |
|
run: |
|
||||||
POSTGREST_HOST_PORT=$(cat .postgrest-port)
|
POSTGREST_HOST_PORT=$(cat .postgrest-port)
|
||||||
@@ -184,12 +185,13 @@ jobs:
|
|||||||
MINIO_ROOT_PASSWORD: ${{ secrets.MINIO_ROOT_PASSWORD }}
|
MINIO_ROOT_PASSWORD: ${{ secrets.MINIO_ROOT_PASSWORD }}
|
||||||
POSTGREST_JWT_SECRET: ${{ secrets.POSTGREST_JWT_SECRET }}
|
POSTGREST_JWT_SECRET: ${{ secrets.POSTGREST_JWT_SECRET }}
|
||||||
|
|
||||||
# Auth.js v5
|
# Auth.js v5 (with Better Auth fallback for the secret name)
|
||||||
AUTH_SECRET: ${{ secrets.AUTH_SECRET }}
|
AUTH_SECRET: ${{ secrets.AUTH_SECRET || secrets.BETTER_AUTH_SECRET }}
|
||||||
AUTH_URL: ${{ secrets.AUTH_URL }}
|
AUTH_URL: ${{ secrets.AUTH_URL || secrets.BETTER_AUTH_URL }}
|
||||||
NEXT_PUBLIC_AUTH_URL: ${{ secrets.NEXT_PUBLIC_AUTH_URL }}
|
NEXT_PUBLIC_AUTH_URL: ${{ secrets.NEXT_PUBLIC_AUTH_URL || secrets.NEXT_PUBLIC_BETTER_AUTH_URL }}
|
||||||
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
|
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID || secrets.AUTH_GOOGLE_ID }}
|
||||||
GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }}
|
GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET || secrets.AUTH_GOOGLE_SECRET }}
|
||||||
|
ALLOW_DEV_LOGIN: ${{ secrets.ALLOW_DEV_LOGIN }}
|
||||||
|
|
||||||
# Storage
|
# Storage
|
||||||
STORAGE_ENDPOINT: ${{ secrets.STORAGE_ENDPOINT }}
|
STORAGE_ENDPOINT: ${{ secrets.STORAGE_ENDPOINT }}
|
||||||
@@ -205,6 +207,10 @@ jobs:
|
|||||||
PGRST_DB_ANON_ROLE: ${{ secrets.PGRST_DB_ANON_ROLE }}
|
PGRST_DB_ANON_ROLE: ${{ secrets.PGRST_DB_ANON_ROLE }}
|
||||||
PGRST_JWT_SECRET: ${{ secrets.POSTGREST_JWT_SECRET }}
|
PGRST_JWT_SECRET: ${{ secrets.POSTGREST_JWT_SECRET }}
|
||||||
|
|
||||||
|
# Supabase (legacy)
|
||||||
|
NEXT_PUBLIC_SUPABASE_URL: ${{ secrets.NEXT_PUBLIC_SUPABASE_URL }}
|
||||||
|
NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY }}
|
||||||
|
|
||||||
# Stripe
|
# Stripe
|
||||||
STRIPE_SECRET_KEY: ${{ secrets.STRIPE_SECRET_KEY }}
|
STRIPE_SECRET_KEY: ${{ secrets.STRIPE_SECRET_KEY }}
|
||||||
STRIPE_WEBHOOK_SECRET: ${{ secrets.STRIPE_WEBHOOK_SECRET }}
|
STRIPE_WEBHOOK_SECRET: ${{ secrets.STRIPE_WEBHOOK_SECRET }}
|
||||||
@@ -215,10 +221,8 @@ jobs:
|
|||||||
RESEND_WEBHOOK_SECRET: ${{ secrets.RESEND_WEBHOOK_SECRET }}
|
RESEND_WEBHOOK_SECRET: ${{ secrets.RESEND_WEBHOOK_SECRET }}
|
||||||
|
|
||||||
# AI
|
# AI
|
||||||
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
|
MINIMAX_API_KEY: ${{ secrets.MINIMAX_API_KEY }}
|
||||||
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
|
MINIMAX_BASE_URL: ${{ secrets.MINIMAX_BASE_URL }}
|
||||||
GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
|
|
||||||
XAI_API_KEY: ${{ secrets.XAI_API_KEY }}
|
|
||||||
|
|
||||||
FROM_EMAIL: ${{ secrets.FROM_EMAIL }}
|
FROM_EMAIL: ${{ secrets.FROM_EMAIL }}
|
||||||
run: |
|
run: |
|
||||||
@@ -243,6 +247,7 @@ jobs:
|
|||||||
printf "NEXT_PUBLIC_AUTH_URL=%s\n" "$NEXT_PUBLIC_AUTH_URL"
|
printf "NEXT_PUBLIC_AUTH_URL=%s\n" "$NEXT_PUBLIC_AUTH_URL"
|
||||||
printf "GOOGLE_CLIENT_ID=%s\n" "$GOOGLE_CLIENT_ID"
|
printf "GOOGLE_CLIENT_ID=%s\n" "$GOOGLE_CLIENT_ID"
|
||||||
printf "GOOGLE_CLIENT_SECRET=%s\n" "$GOOGLE_CLIENT_SECRET"
|
printf "GOOGLE_CLIENT_SECRET=%s\n" "$GOOGLE_CLIENT_SECRET"
|
||||||
|
printf "ALLOW_DEV_LOGIN=%s\n" "$ALLOW_DEV_LOGIN"
|
||||||
printf "STORAGE_ENDPOINT=%s\n" "$STORAGE_ENDPOINT"
|
printf "STORAGE_ENDPOINT=%s\n" "$STORAGE_ENDPOINT"
|
||||||
printf "STORAGE_REGION=%s\n" "$STORAGE_REGION"
|
printf "STORAGE_REGION=%s\n" "$STORAGE_REGION"
|
||||||
printf "STORAGE_ACCESS_KEY=%s\n" "$STORAGE_ACCESS_KEY"
|
printf "STORAGE_ACCESS_KEY=%s\n" "$STORAGE_ACCESS_KEY"
|
||||||
@@ -253,15 +258,15 @@ jobs:
|
|||||||
printf "PGRST_DB_URI=%s\n" "$PGRST_DB_URI"
|
printf "PGRST_DB_URI=%s\n" "$PGRST_DB_URI"
|
||||||
printf "PGRST_DB_ANON_ROLE=%s\n" "$PGRST_DB_ANON_ROLE"
|
printf "PGRST_DB_ANON_ROLE=%s\n" "$PGRST_DB_ANON_ROLE"
|
||||||
printf "PGRST_JWT_SECRET=%s\n" "$POSTGREST_JWT_SECRET"
|
printf "PGRST_JWT_SECRET=%s\n" "$POSTGREST_JWT_SECRET"
|
||||||
|
printf "NEXT_PUBLIC_SUPABASE_URL=%s\n" "$NEXT_PUBLIC_SUPABASE_URL"
|
||||||
|
printf "NEXT_PUBLIC_SUPABASE_ANON_KEY=%s\n" "$NEXT_PUBLIC_SUPABASE_ANON_KEY"
|
||||||
printf "STRIPE_SECRET_KEY=%s\n" "$STRIPE_SECRET_KEY"
|
printf "STRIPE_SECRET_KEY=%s\n" "$STRIPE_SECRET_KEY"
|
||||||
printf "STRIPE_WEBHOOK_SECRET=%s\n" "$STRIPE_WEBHOOK_SECRET"
|
printf "STRIPE_WEBHOOK_SECRET=%s\n" "$STRIPE_WEBHOOK_SECRET"
|
||||||
printf "STRIPE_PUBLISHABLE_KEY=%s\n" "$STRIPE_PUBLISHABLE_KEY"
|
printf "STRIPE_PUBLISHABLE_KEY=%s\n" "$STRIPE_PUBLISHABLE_KEY"
|
||||||
printf "RESEND_API_KEY=%s\n" "$RESEND_API_KEY"
|
printf "RESEND_API_KEY=%s\n" "$RESEND_API_KEY"
|
||||||
printf "RESEND_WEBHOOK_SECRET=%s\n" "$RESEND_WEBHOOK_SECRET"
|
printf "RESEND_WEBHOOK_SECRET=%s\n" "$RESEND_WEBHOOK_SECRET"
|
||||||
printf "OPENAI_API_KEY=%s\n" "$OPENAI_API_KEY"
|
printf "MINIMAX_API_KEY=%s\n" "$MINIMAX_API_KEY"
|
||||||
printf "ANTHROPIC_API_KEY=%s\n" "$ANTHROPIC_API_KEY"
|
printf "MINIMAX_BASE_URL=%s\n" "$MINIMAX_BASE_URL"
|
||||||
printf "GOOGLE_API_KEY=%s\n" "$GOOGLE_API_KEY"
|
|
||||||
printf "XAI_API_KEY=%s\n" "$XAI_API_KEY"
|
|
||||||
printf "FROM_EMAIL=%s\n" "$FROM_EMAIL"
|
printf "FROM_EMAIL=%s\n" "$FROM_EMAIL"
|
||||||
} > $APP_DIR/.env.production
|
} > $APP_DIR/.env.production
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user