222 lines
7.2 KiB
YAML
222 lines
7.2 KiB
YAML
name: CI-CD
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- "**"
|
|
pull_request:
|
|
|
|
jobs:
|
|
bot-checks:
|
|
name: Bot Lint Test Build
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: "22"
|
|
cache: npm
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Lint
|
|
run: npm run lint
|
|
|
|
- name: Build
|
|
run: npm run build
|
|
|
|
- name: Test
|
|
run: npm run test
|
|
|
|
dashboard-checks:
|
|
name: Dashboard Lint Build
|
|
runs-on: ubuntu-latest
|
|
defaults:
|
|
run:
|
|
working-directory: admin-dashboard
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: "22"
|
|
cache: npm
|
|
cache-dependency-path: admin-dashboard/package-lock.json
|
|
|
|
- name: Install dashboard dependencies
|
|
run: npm ci
|
|
|
|
- name: Lint dashboard
|
|
run: npm run lint
|
|
|
|
- name: Build dashboard
|
|
run: npm run build
|
|
|
|
deploy-coolify:
|
|
name: Deploy to Coolify
|
|
runs-on: ubuntu-latest
|
|
needs:
|
|
- bot-checks
|
|
- dashboard-checks
|
|
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
|
|
steps:
|
|
- name: Validate Coolify API access
|
|
env:
|
|
COOLIFY_BASE_URL: ${{ secrets.COOLIFY_BASE_URL }}
|
|
COOLIFY_API_TOKEN: ${{ secrets.COOLIFY_API_TOKEN }}
|
|
run: |
|
|
if [ -z "$COOLIFY_BASE_URL" ]; then
|
|
echo "Missing COOLIFY_BASE_URL"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "$COOLIFY_API_TOKEN" ]; then
|
|
echo "Missing COOLIFY_API_TOKEN"
|
|
exit 1
|
|
fi
|
|
|
|
BASE_URL="${COOLIFY_BASE_URL%/}"
|
|
STATUS=$(curl --silent --output /tmp/coolify_api_probe.txt --write-out "%{http_code}" \
|
|
"$BASE_URL/api/v1/deploy" \
|
|
-H "Authorization: Bearer $COOLIFY_API_TOKEN")
|
|
|
|
if [ "$STATUS" -eq 401 ] || [ "$STATUS" -eq 403 ]; then
|
|
echo "Coolify API token rejected during preflight (HTTP $STATUS)."
|
|
echo "Check token scope and team/project access for this token."
|
|
exit 1
|
|
fi
|
|
|
|
echo "Coolify API preflight HTTP $STATUS"
|
|
|
|
- name: Trigger backend deploy
|
|
env:
|
|
COOLIFY_BASE_URL: ${{ secrets.COOLIFY_BASE_URL }}
|
|
COOLIFY_API_TOKEN: ${{ secrets.COOLIFY_API_TOKEN }}
|
|
COOLIFY_RESOURCE_UUID: ${{ secrets.COOLIFY_RESOURCE_UUID_BOT }}
|
|
run: |
|
|
if [ -z "$COOLIFY_BASE_URL" ]; then
|
|
echo "Missing COOLIFY_BASE_URL"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "$COOLIFY_API_TOKEN" ]; then
|
|
echo "Missing COOLIFY_API_TOKEN"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "$COOLIFY_RESOURCE_UUID" ]; then
|
|
echo "Missing COOLIFY_RESOURCE_UUID_BOT"
|
|
exit 1
|
|
fi
|
|
|
|
BASE_URL="${COOLIFY_BASE_URL%/}"
|
|
|
|
STATUS=$(curl --silent --output /tmp/coolify_backend_get.txt --write-out "%{http_code}" -G \
|
|
"$BASE_URL/api/v1/deploy" \
|
|
-H "Authorization: Bearer $COOLIFY_API_TOKEN" \
|
|
--data-urlencode "uuid=$COOLIFY_RESOURCE_UUID")
|
|
|
|
if [ "$STATUS" -eq 200 ]; then
|
|
echo "Backend deploy triggered via GET + Bearer"
|
|
exit 0
|
|
fi
|
|
|
|
STATUS=$(curl --silent --output /tmp/coolify_backend_post_bearer.txt --write-out "%{http_code}" \
|
|
-X POST "$BASE_URL/api/v1/deploy" \
|
|
-H "Authorization: Bearer $COOLIFY_API_TOKEN" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"uuid\":\"$COOLIFY_RESOURCE_UUID\"}")
|
|
|
|
if [ "$STATUS" -eq 200 ]; then
|
|
echo "Backend deploy triggered via POST + Bearer"
|
|
exit 0
|
|
fi
|
|
|
|
STATUS=$(curl --silent --output /tmp/coolify_backend_get_token.txt --write-out "%{http_code}" -G \
|
|
"$BASE_URL/api/v1/deploy" \
|
|
-H "Authorization: $COOLIFY_API_TOKEN" \
|
|
--data-urlencode "uuid=$COOLIFY_RESOURCE_UUID")
|
|
|
|
if [ "$STATUS" -eq 200 ]; then
|
|
echo "Backend deploy triggered via GET + Authorization: Token"
|
|
exit 0
|
|
fi
|
|
|
|
echo "Backend deploy failed across all auth/method variants."
|
|
echo "GET+Bearer response:"
|
|
sed -e 's/[A-Za-z0-9_\-]\{20,\}/[REDACTED]/g' /tmp/coolify_backend_get.txt | head -c 500; echo
|
|
echo "POST+Bearer response:"
|
|
sed -e 's/[A-Za-z0-9_\-]\{20,\}/[REDACTED]/g' /tmp/coolify_backend_post_bearer.txt | head -c 500; echo
|
|
echo "GET+Token response:"
|
|
sed -e 's/[A-Za-z0-9_\-]\{20,\}/[REDACTED]/g' /tmp/coolify_backend_get_token.txt | head -c 500; echo
|
|
exit 1
|
|
|
|
- name: Trigger dashboard deploy
|
|
env:
|
|
COOLIFY_BASE_URL: ${{ secrets.COOLIFY_BASE_URL }}
|
|
COOLIFY_API_TOKEN: ${{ secrets.COOLIFY_API_TOKEN }}
|
|
COOLIFY_RESOURCE_UUID: ${{ secrets.COOLIFY_RESOURCE_UUID_DASHBOARD }}
|
|
run: |
|
|
if [ -z "$COOLIFY_BASE_URL" ]; then
|
|
echo "Missing COOLIFY_BASE_URL"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "$COOLIFY_API_TOKEN" ]; then
|
|
echo "Missing COOLIFY_API_TOKEN"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "$COOLIFY_RESOURCE_UUID" ]; then
|
|
echo "Missing COOLIFY_RESOURCE_UUID_DASHBOARD"
|
|
exit 1
|
|
fi
|
|
|
|
BASE_URL="${COOLIFY_BASE_URL%/}"
|
|
|
|
STATUS=$(curl --silent --output /tmp/coolify_dashboard_get.txt --write-out "%{http_code}" -G \
|
|
"$BASE_URL/api/v1/deploy" \
|
|
-H "Authorization: Bearer $COOLIFY_API_TOKEN" \
|
|
--data-urlencode "uuid=$COOLIFY_RESOURCE_UUID")
|
|
|
|
if [ "$STATUS" -eq 200 ]; then
|
|
echo "Dashboard deploy triggered via GET + Bearer"
|
|
exit 0
|
|
fi
|
|
|
|
STATUS=$(curl --silent --output /tmp/coolify_dashboard_post_bearer.txt --write-out "%{http_code}" \
|
|
-X POST "$BASE_URL/api/v1/deploy" \
|
|
-H "Authorization: Bearer $COOLIFY_API_TOKEN" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"uuid\":\"$COOLIFY_RESOURCE_UUID\"}")
|
|
|
|
if [ "$STATUS" -eq 200 ]; then
|
|
echo "Dashboard deploy triggered via POST + Bearer"
|
|
exit 0
|
|
fi
|
|
|
|
STATUS=$(curl --silent --output /tmp/coolify_dashboard_get_token.txt --write-out "%{http_code}" -G \
|
|
"$BASE_URL/api/v1/deploy" \
|
|
-H "Authorization: $COOLIFY_API_TOKEN" \
|
|
--data-urlencode "uuid=$COOLIFY_RESOURCE_UUID")
|
|
|
|
if [ "$STATUS" -eq 200 ]; then
|
|
echo "Dashboard deploy triggered via GET + Authorization: Token"
|
|
exit 0
|
|
fi
|
|
|
|
echo "Dashboard deploy failed across all auth/method variants."
|
|
echo "GET+Bearer response:"
|
|
sed -e 's/[A-Za-z0-9_\-]\{20,\}/[REDACTED]/g' /tmp/coolify_dashboard_get.txt | head -c 500; echo
|
|
echo "POST+Bearer response:"
|
|
sed -e 's/[A-Za-z0-9_\-]\{20,\}/[REDACTED]/g' /tmp/coolify_dashboard_post_bearer.txt | head -c 500; echo
|
|
echo "GET+Token response:"
|
|
sed -e 's/[A-Za-z0-9_\-]\{20,\}/[REDACTED]/g' /tmp/coolify_dashboard_get_token.txt | head -c 500; echo
|
|
exit 1
|