diff --git a/.gitea/workflows/deploy-coolify.yml b/.gitea/workflows/deploy-coolify.yml new file mode 100644 index 0000000..b1fe36e --- /dev/null +++ b/.gitea/workflows/deploy-coolify.yml @@ -0,0 +1,78 @@ +name: Deploy - Coolify + +on: + push: + branches: + - main + workflow_dispatch: + +jobs: + deploy: + runs-on: ubuntu-latest + env: + COOLIFY_BASE_URL: ${{ secrets.COOLIFY_BASE_URL }} + COOLIFY_API_TOKEN: ${{ secrets.COOLIFY_API_TOKEN }} + COOLIFY_APPLICATION_ID: ${{ secrets.COOLIFY_APPLICATION_ID }} + COOLIFY_DEPLOY_ENV: ${{ secrets.COOLIFY_DEPLOY_ENV }} + DOCKER_COMPOSE_PATH: docker-compose.prod.yml + ENV_FILE_PATH: deploy/.env + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Prepare compose bundle + run: | + set -euo pipefail + mkdir -p deploy + cp "$DOCKER_COMPOSE_PATH" deploy/docker-compose.yml + if [ -n "$COOLIFY_DEPLOY_ENV" ]; then + printf '%s\n' "$COOLIFY_DEPLOY_ENV" > "$ENV_FILE_PATH" + elif [ ! -f "$ENV_FILE_PATH" ]; then + echo "::error::COOLIFY_DEPLOY_ENV secret not configured and deploy/.env missing" >&2 + exit 1 + fi + + - name: Validate Coolify secrets + run: | + set -euo pipefail + missing=0 + for var in COOLIFY_BASE_URL COOLIFY_API_TOKEN COOLIFY_APPLICATION_ID; do + if [ -z "${!var}" ]; then + echo "::error::Missing required secret: $var" + missing=1 + fi + done + if [ "$missing" -eq 1 ]; then + exit 1 + fi + + - name: Trigger deployment via Coolify API + run: | + set -euo pipefail + api_url="$COOLIFY_BASE_URL/api/v1/deploy" + payload=$(jq -n --arg uuid "$COOLIFY_APPLICATION_ID" '{ uuid: $uuid }') + response=$(curl -sS -w '\n%{http_code}' \ + -X POST "$api_url" \ + -H "Authorization: Bearer $COOLIFY_API_TOKEN" \ + -H "Content-Type: application/json" \ + -d "$payload") + body=$(echo "$response" | head -n -1) + status=$(echo "$response" | tail -n1) + echo "Deploy response status: $status" + echo "$body" + printf '%s' "$body" > deploy/coolify-response.json + if [ "$status" -ge 400 ]; then + echo "::error::Deployment request failed" + exit 1 + fi + + - name: Upload deployment bundle + if: always() + uses: actions/upload-artifact@v3 + with: + name: coolify-deploy-bundle + path: | + deploy/docker-compose.yml + deploy/.env + deploy/coolify-response.json + if-no-files-found: warn diff --git a/changelog.md b/changelog.md index 712d860..c9c21c5 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,12 @@ # Changelog +## 2025-11-14 + +- Finalised Coolify automation by stabilising `.gitea/workflows/deploy-coolify.yml` on a `push` trigger to `main`, calculating branch/commit context via Gitea-first environment variables, and bundling compose/env artifacts for traceability. +- Hardened the build workflow so registry authentication normalises the `git.allucanget.biz` host, loads tagged images locally, and pushes both `latest` and commit SHA tags before deployment, with deploy/k8s jobs reusing the resolved repository path. +- Updated `docker-compose.prod.yml` and Coolify documentation so production pulls `git.allucanget.biz/allucanget/calminer:latest`, added secret/registry guidance plus runner DNS notes to `calminer-docs/CONTRIBUTING.md`, and recorded the completion in `.github/instructions/DONE.md`. +- Introduced the `K8S_DEPLOY_ENABLED` toggle so CI can default to skipping Kubernetes rollouts unless explicitly enabled, guarded all kubectl steps behind the flag, surfaced a notice when disabled, and documented the secret for operators. + ## 2025-11-13 - Completed the UI alignment initiative by consolidating shared form and button styles into `static/css/forms.css` and `static/css/main.css`, introducing the semantic palette in `static/css/theme-default.css`, and spot-checking key pages plus contrast reports.