name: Deploy Roxane to Preprod on: push: branches: - release jobs: deploy: runs-on: docker container: image: nebulaed/php83-node22 steps: - name: Install network & SSH tools run: | set -e apt update apt install -y iproute2 iputils-ping openssh-client git - name: Show IPv6 network run: | ip -6 addr ip -6 route - name: Ping IPv6 preprod server run: | ping6 -c 3 2a01:e0a:bfe:a8a0::205 - name: Configure SSH env: SSH_HOST: ${{ vars.PREPROD_HOST }} SSH_PORT: ${{ vars.PREPROD_PORT }} run: | set -e mkdir -p ~/.ssh chmod 700 ~/.ssh echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -6 -p "$SSH_PORT" "$SSH_HOST" >> ~/.ssh/known_hosts echo "SSH_HOST_SSH=$SSH_HOST" >> "$GITEA_ENV" - name: Checkout code run: | set -e git clone ${{ vars.GIT_REPO }} /workspace/roxane cd /workspace/roxane git checkout release - name: Deploy Roxane to preprod env: SSH_USER: ${{ vars.PREPROD_USER }} SSH_PORT: ${{ vars.PREPROD_PORT }} PREPROD_PATH: ${{ vars.PREPROD_PATH }} # GIT_REPO: ${{ vars.GIT_REPO }} # Ancien système : le serveur preprod tirait le code depuis Gitea # # Ne fonctionne plus car Free bloque les ports entrants run: | set -e echo "[>>] Envoi du code vers le serveur preprod..." # Crée l'archive depuis le runner et l'envoie directement par SSH # Le serveur preprod n'a plus besoin de contacter Gitea git -C /workspace/roxane archive --format=tar.gz release | \ ssh -6 -o StrictHostKeyChecking=yes \ -o ConnectTimeout=10 \ -o ServerAliveInterval=60 \ -p "$SSH_PORT" \ "$SSH_USER@$SSH_HOST_SSH" \ "mkdir -p $PREPROD_PATH && tar -xz -C $PREPROD_PATH" ssh -6 -o StrictHostKeyChecking=yes \ -o ConnectTimeout=10 \ -o ServerAliveInterval=60 \ -p "$SSH_PORT" \ "$SSH_USER@$SSH_HOST_SSH" bash -l -s <<'EOF' "$PREPROD_PATH" set -e PREPROD_PATH="$1" cd "$PREPROD_PATH" # Ancien système (commenté) : # if [ ! -d "$PREPROD_PATH/.git" ]; then # echo "[!] Repository not found. Cloning from $GIT_REPO..." # mkdir -p "$(dirname "$PREPROD_PATH")" # git clone "$GIT_REPO" "$PREPROD_PATH" # cd "$PREPROD_PATH" # git checkout release # else # cd "$PREPROD_PATH" # git config --global --add safe.directory "$PREPROD_PATH" 2>/dev/null || true # echo "[>>] Pulling latest Roxane release..." # git fetch origin # git checkout release # git reset --hard origin/release # git clean -fd # fi echo "[*] Installing Composer dependencies..." composer install --no-dev --optimize-autoloader --no-interaction --prefer-dist echo "[~] Building frontend with Vite..." npm ci --prefer-offline npm run build echo "[DB] Running database migrations..." php artisan migrate --force echo "[++] Optimizing Roxane..." php artisan config:cache php artisan route:cache php artisan view:cache php artisan event:cache echo "[<>] Restarting queue workers..." php artisan queue:restart || true sudo supervisorctl reread sudo supervisorctl update sudo supervisorctl restart roxane-worker:* echo "[OK] Roxane deployed successfully to preprod!" EOF - name: Verify deployment if: success() env: SSH_USER: ${{ vars.PREPROD_USER }} SSH_PORT: ${{ vars.PREPROD_PORT }} PREPROD_PATH: ${{ vars.PREPROD_PATH }} run: | ssh -6 -o StrictHostKeyChecking=yes \ -p "$SSH_PORT" \ "$SSH_USER@$SSH_HOST_SSH" bash -l -s <<'EOF' "$PREPROD_PATH" set -e cd "$1" echo "[?] Verifying deployment..." echo "Laravel version: $(php artisan --version)" echo "Déploiement effectué le : $(date)" EOF - name: Cleanup on failure if: failure() env: SSH_USER: ${{ vars.PREPROD_USER }} SSH_PORT: ${{ vars.PREPROD_PORT }} PREPROD_PATH: ${{ vars.PREPROD_PATH }} run: | ssh -6 -o StrictHostKeyChecking=yes \ -p "$SSH_PORT" \ "$SSH_USER@$SSH_HOST_SSH" bash -l -s <<'EOF' "$PREPROD_PATH" cd "$1" echo "[!!] Deployment failed. Rolling back optimizations..." php artisan config:clear || true php artisan route:clear || true php artisan view:clear || true php artisan cache:clear || true EOF