# name: Release pipeline # on: # workflow_dispatch: # env: # WEB_IMAGE_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web # WORKER_IMAGE_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker # PROJECT_DIR: /home/${{ secrets.USER }}/tatikoma # jobs: # build-and-push: # runs-on: ubuntu-latest # steps: # - name: Checkout code # uses: actions/checkout@v4 # - name: Set up Docker Buildx # uses: docker/setup-buildx-action@v3 # - name: Log in to Docker Hub # uses: docker/login-action@v3 # with: # username: ${{ secrets.DOCKERHUB_USERNAME }} # password: ${{ secrets.DOCKERHUB_PASSWORD }} # - name: Build and push tatikoma-web image # uses: docker/build-push-action@v5 # with: # context: . # file: ./Dockerfile.web # push: true # tags: | # ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web:latest # cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web:latest # cache-to: type=inline # - name: Build and push tatikoma-worker image # uses: docker/build-push-action@v5 # with: # context: . # file: ./Dockerfile.worker # push: true # tags: | # ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker:latest # cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker:latest # cache-to: type=inline # - name: Verify push # run: | # echo "Docker images successfully built and pushed to Docker Hub" # echo "Images:" # echo "- ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web:latest" # echo "- ${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker:latest" # build-and-push-send-success-message: # runs-on: ubuntu-latest # needs: build-and-push # if: success() # steps: # - name: Send success message # uses: appleboy/telegram-action@master # with: # to: ${{ secrets.TELEGRAM_TO }} # token: ${{ secrets.TELEGRAM_TOKEN }} # format: markdown # message: | # *${{ github.workflow }}* # ✅ New images pushed to Dockerhub 🐳 # Images: # - `${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-web:latest` # - `${{ secrets.DOCKERHUB_USERNAME }}/tatikoma-worker:latest` # Status: Success # build-and-push-send-failure-message: # runs-on: ubuntu-latest # needs: build-and-push # if: failure() # steps: # - name: Send failure message # uses: appleboy/telegram-action@master # with: # to: ${{ secrets.TELEGRAM_TO }} # token: ${{ secrets.TELEGRAM_TOKEN }} # format: markdown # message: | # *${{ github.workflow }}* # ❌ Error creating and pushing docker images # [View failed workflow](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) # deploy: # name: Deploy to server # runs-on: ubuntu-latest # needs: build-and-push # if: success() # outputs: # container_status: ${{ steps.get_status.outputs.status }} # steps: # - name: Checkout code # uses: actions/checkout@v4 # - name: Create project directory # uses: appleboy/ssh-action@master # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USER }} # password: ${{ secrets.SSH_PASSWORD }} # script: | # set -e # echo "Creating project directory..." # mkdir -p tatikoma/liquibase # mkdir -p tatikoma/liquibase/changelog # - name: Copy project files # shell: bash # run: | # # Копируем docker-compose.yml # sshpass -p "${{ secrets.SSH_PASSWORD }}" scp -o StrictHostKeyChecking=no \ # docker-compose.yml \ # ${{ secrets.USER }}@${{ secrets.HOST }}:tatikoma/ # # Копируем liquibase файлы # sshpass -p "${{ secrets.SSH_PASSWORD }}" scp -o StrictHostKeyChecking=no \ # -r ./liquibase/changelog/ \ # ${{ secrets.USER }}@${{ secrets.HOST }}:tatikoma/liquibase/ # # Копируем nginx конфиги # sshpass -p "${{ secrets.SSH_PASSWORD }}" scp -o StrictHostKeyChecking=no \ # -r ./nginx/ \ # ${{ secrets.USER }}@${{ secrets.HOST }}:tatikoma/ # - name: Create or update environment file # uses: appleboy/ssh-action@master # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USER }} # password: ${{ secrets.SSH_PASSWORD }} # script: | # set -e # cd tatikoma # rm -f .env # touch .env # echo "${{ secrets.ENV_FILE }}" >> .env # echo "Environment file created/updated" # - name: Prepare directories # uses: appleboy/ssh-action@master # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USER }} # password: ${{ secrets.SSH_PASSWORD }} # script: | # set -e # cd tatikoma # mkdir -p {nginx/ssl,nginx/htpasswd,uptime-kuma-data} # - name: Setup authentication # uses: appleboy/ssh-action@master # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USER }} # password: ${{ secrets.SSH_PASSWORD }} # script: | # set -e # cd tatikoma # echo "Setting up authentication..." # mkdir -p nginx/htpasswd # if ! command -v htpasswd &> /dev/null; then # echo "Installing apache2-utils..." # apt-get update && apt-get install -y apache2-utils # fi # # Используем echo для передачи пароля через stdin # # Это безопаснее, чем передавать как аргумент # htpasswd -b -c nginx/htpasswd/.htpasswd "${{ secrets.UPTIME_KUMA_USER }}" "${{ secrets.UPTIME_KUMA_PASSWORD }}" # echo "Authentication setup complete" # - name: Setup SSL certificates (if not exists) # uses: appleboy/ssh-action@master # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USER }} # password: ${{ secrets.SSH_PASSWORD }} # script: | # set -e # cd tatikoma # echo "Checking SSL certificates..." # # Проверяем существование SSL сертификатов # if [ ! -f "nginx/ssl/live/${{ secrets.HOST }}/privkey.pem" ]; then # echo "ERROR: SSL certificates not found!" # echo "Please generate SSL certificates manually first:" # echo "mkdir -p nginx/ssl/live/${{ secrets.HOST }}/" # echo "Then place privkey.pem and fullchain.pem in that directory" # exit 1 # else # echo "SSL certificates found, continuing..." # fi # - name: Log in to Docker Hub # uses: docker/login-action@v3 # with: # username: ${{ secrets.DOCKERHUB_USERNAME }} # password: ${{ secrets.DOCKERHUB_PASSWORD }} # - name: Clean up old images and containers # uses: appleboy/ssh-action@master # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USER }} # password: ${{ secrets.SSH_PASSWORD }} # script: | # set -e # echo "Stopping and removing Tatikoma containers..." # docker stop tatikoma_web tatikoma_liquibase tatikoma_worker tatikoma_nginx tatikoma_uptime_kuma 2>/dev/null || true # docker rm tatikoma_web tatikoma_liquibase tatikoma_worker tatikoma_nginx tatikoma_uptime_kuma 2>/dev/null || true # echo "Cleaning up old Docker images..." # docker images lulufox/tatikoma-web --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}\t{{.CreatedAt}}" || true # docker images lulufox/tatikoma-worker --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}\t{{.CreatedAt}}" || true # docker rmi $(docker images lulufox/tatikoma-web -q) 2>/dev/null || true # docker rmi $(docker images lulufox/tatikoma-worker -q) 2>/dev/null || true # docker image prune -f # - name: Pull latest images # uses: appleboy/ssh-action@master # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USER }} # password: ${{ secrets.SSH_PASSWORD }} # script: | # set -e # echo "Pulling latest Docker images..." # docker pull lulufox/tatikoma-web:latest # docker pull lulufox/tatikoma-worker:latest # - name: Run migrations # uses: appleboy/ssh-action@master # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USER }} # password: ${{ secrets.SSH_PASSWORD }} # script: | # set -e # cd tatikoma # echo "Running migrations..." # docker compose up -d liquibase # - name: Start application services # uses: appleboy/ssh-action@master # with: # host: ${{ secrets.HOST }} # username: ${{ secrets.USER }} # password: ${{ secrets.SSH_PASSWORD }} # script: | # set -e # cd tatikoma # echo "Starting all services..." # docker compose up -d # echo "Waiting for services to start..." # sleep 30 # echo "Current Tatikoma containers status:" # docker ps --filter "name=tatikoma" --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}" # echo "Nginx configuration test:" # docker exec tatikoma_nginx nginx -t || true # - name: Get container status # id: get_status # run: | # sleep 15 # status=$(sshpass -p "${{ secrets.SSH_PASSWORD }}" ssh -o StrictHostKeyChecking=no \ # ${{ secrets.USER }}@${{ secrets.HOST }} \ # "docker ps -a --filter "name=tatikoma" --format 'table {{.Names}}\t{{.Status}}'") # echo "status<> $GITHUB_OUTPUT # echo "$status" >> $GITHUB_OUTPUT # echo "EOF" >> $GITHUB_OUTPUT # send_message: # runs-on: ubuntu-latest # needs: deploy # if: always() # steps: # - name: send message # uses: appleboy/telegram-action@master # with: # to: ${{ secrets.TELEGRAM_TO }} # token: ${{ secrets.TELEGRAM_TOKEN }} # format: markdown # message: | # *${{ github.workflow }}* # Репозиторий: \`${{ github.repository }}\` # Статус контейнеров: # ``` # ${{ needs.deploy.outputs.container_status || 'Не удалось получить статус' }} # ``` # Uptime Kuma доступен по: https://${{ secrets.HOST }}