From 7bb35ecf65158999a9ca97ebf793c236cfd1d065 Mon Sep 17 00:00:00 2001 From: Ronny Date: Sat, 11 Apr 2026 20:38:10 +0200 Subject: [PATCH] fix: simplify CI pipeline YAML to avoid parsing errors Removed env: block and complex inline heredocs. Compose file written to temp file instead of inline Python string. --- .gitea/workflows/build.yml | 127 ++++++++++++++++++------------------- 1 file changed, 62 insertions(+), 65 deletions(-) diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index 013947c..f7935a0 100644 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -4,10 +4,6 @@ on: push: branches: [main] -env: - REGISTRY: git.home.rm-warpstation.de - IMAGE: mwf975_git/tippspiel - jobs: build: runs-on: self-hosted @@ -37,7 +33,8 @@ jobs: - name: Build Docker Image via Portainer run: | - IMAGE_TAG="${{ env.REGISTRY }}/${{ env.IMAGE }}:latest" + REGISTRY="git.home.rm-warpstation.de" + IMAGE_TAG="${REGISTRY}/mwf975_git/tippspiel:latest" echo "Building image: $IMAGE_TAG" curl -s -k -X POST \ "https://192.168.1.60:9444/api/endpoints/2/docker/build?t=${IMAGE_TAG}&dockerfile=./Dockerfile&nocache=1" \ @@ -45,105 +42,105 @@ jobs: -H "Content-Type: application/x-tar" \ --data-binary @/tmp/tippspiel-ci.tar \ --max-time 600 \ - | grep -E '(Successfully|error|Error)' || true + | tail -5 echo "Build completed." - name: Push to Gitea Registry run: | - IMAGE_TAG="${{ env.REGISTRY }}/${{ env.IMAGE }}:latest" + REGISTRY="git.home.rm-warpstation.de" + IMAGE_TAG="${REGISTRY}/mwf975_git/tippspiel:latest" + DEPLOY_TOKEN="${{ secrets.DEPLOY_TOKEN }}" - # Login to Gitea registry via Portainer Docker API - LOGIN_PAYLOAD=$(python3 -c "import json; print(json.dumps({'username': 'mwf975_git', 'password': '${{ secrets.DEPLOY_TOKEN }}', 'serveraddress': 'https://${{ env.REGISTRY }}'}))") - curl -s -k -X POST \ - "https://192.168.1.60:9444/api/endpoints/2/docker/auth" \ - -H "X-API-Key: ${{ secrets.PORTAINER_TOKEN }}" \ - -H "Content-Type: application/json" \ - -d "$LOGIN_PAYLOAD" || true + AUTH_HEADER=$(python3 -c " + import base64, json + auth = json.dumps({'username': 'mwf975_git', 'password': '${DEPLOY_TOKEN}', 'serveraddress': 'https://${REGISTRY}'}) + print(base64.urlsafe_b64encode(auth.encode()).decode()) + ") - # Push image to registry echo "Pushing $IMAGE_TAG..." - AUTH_HEADER=$(python3 -c "import base64,json; print(base64.urlsafe_b64encode(json.dumps({'username':'mwf975_git','password':'${{ secrets.DEPLOY_TOKEN }}'}).encode()).decode())") curl -s -k -X POST \ "https://192.168.1.60:9444/api/endpoints/2/docker/images/${IMAGE_TAG}/push" \ -H "X-API-Key: ${{ secrets.PORTAINER_TOKEN }}" \ -H "X-Registry-Auth: $AUTH_HEADER" \ - --max-time 300 || true + --max-time 300 + echo "" echo "Push completed." - name: Redeploy Stack via Portainer run: | - echo "Fetching current stack config from Portainer..." + REGISTRY="git.home.rm-warpstation.de" - # Aktuelle Env-Vars aus Portainer lesen + # Compose-File als separate Datei schreiben + cat > /tmp/compose-deploy.yml << 'COMPOSE_EOF' + services: + tippspiel: + image: git.home.rm-warpstation.de/mwf975_git/tippspiel:latest + container_name: wm2026-tippspiel + restart: unless-stopped + ports: + - "3301:3001" + environment: + - NODE_ENV=${NODE_ENV} + - PORT=${PORT} + - DATABASE_URL=${DATABASE_URL} + - SUPABASE_URL=${SUPABASE_URL} + - SUPABASE_SERVICE_ROLE_KEY=${SUPABASE_SERVICE_ROLE_KEY} + - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY} + - FOOTBALL_API_KEY=${FOOTBALL_API_KEY} + - FOOTBALL_API_BASE_URL=${FOOTBALL_API_BASE_URL} + - ELEVENLABS_API_KEY=${ELEVENLABS_API_KEY} + - CORS_ORIGIN=${CORS_ORIGIN} + - STAFFBASE_PUBLIC_KEY=${STAFFBASE_PUBLIC_KEY:-} + - STAFFBASE_PLUGIN_ID=${STAFFBASE_PLUGIN_ID:-} + healthcheck: + test: ["CMD", "wget", "-qO-", "http://localhost:3001/health"] + interval: 30s + timeout: 5s + start_period: 10s + retries: 3 + networks: + - main-network + + networks: + main-network: + external: true + COMPOSE_EOF + + # Env-Vars aus Portainer lesen ENV_VARS=$(curl -s -k \ "https://192.168.1.60:9444/api/stacks/115" \ -H "X-API-Key: ${{ secrets.PORTAINER_TOKEN }}" \ | python3 -c "import sys,json; print(json.dumps(json.load(sys.stdin).get('Env', [])))") - # Stack mit Image-Pull neu deployen + # Stack-File lesen und Payload bauen + STACK_CONTENT=$(cat /tmp/compose-deploy.yml) PAYLOAD=$(python3 -c " - import json - env_vars = $ENV_VARS + import json, sys + compose = open('/tmp/compose-deploy.yml').read() + env_vars = json.loads(sys.argv[1]) print(json.dumps({ - 'stackFileContent': '''services: - tippspiel: - image: ${{ env.REGISTRY }}/${{ env.IMAGE }}:latest - container_name: wm2026-tippspiel - restart: unless-stopped - ports: - - \"3301:3001\" - environment: - - NODE_ENV=\${NODE_ENV} - - PORT=\${PORT} - - DATABASE_URL=\${DATABASE_URL} - - SUPABASE_URL=\${SUPABASE_URL} - - SUPABASE_SERVICE_ROLE_KEY=\${SUPABASE_SERVICE_ROLE_KEY} - - ANTHROPIC_API_KEY=\${ANTHROPIC_API_KEY} - - FOOTBALL_API_KEY=\${FOOTBALL_API_KEY} - - FOOTBALL_API_BASE_URL=\${FOOTBALL_API_BASE_URL} - - ELEVENLABS_API_KEY=\${ELEVENLABS_API_KEY} - - CORS_ORIGIN=\${CORS_ORIGIN} - - STAFFBASE_PUBLIC_KEY=\${STAFFBASE_PUBLIC_KEY:-} - - STAFFBASE_PLUGIN_ID=\${STAFFBASE_PLUGIN_ID:-} - healthcheck: - test: [\"CMD\", \"wget\", \"-qO-\", \"http://localhost:3001/health\"] - interval: 30s - timeout: 5s - start_period: 10s - retries: 3 - networks: - - main-network - -networks: - main-network: - external: true''', + 'stackFileContent': compose, 'env': env_vars, 'prune': True, 'pullImage': True })) - ") + " "$ENV_VARS") - echo "Redeploying stack wm2026-tippspiel..." + echo "Redeploying stack..." curl -s -k -X PUT \ "https://192.168.1.60:9444/api/stacks/115?endpointId=2" \ -H "X-API-Key: ${{ secrets.PORTAINER_TOKEN }}" \ -H "Content-Type: application/json" \ -d "$PAYLOAD" \ - | python3 -c "import sys,json; d=json.load(sys.stdin); print('Stack redeployed:', d.get('Name'), '| Status:', d.get('Status'))" \ + | python3 -c "import sys,json; d=json.load(sys.stdin); print('Stack:', d.get('Name'), '| Status:', d.get('Status'))" \ || echo "Stack redeploy triggered." - echo "Deployment complete!" - name: Verify deployment run: | sleep 20 - STATUS=$(curl -s http://192.168.1.60:3301/health | python3 -c "import sys,json; d=json.load(sys.stdin); print(d.get('status'))" 2>/dev/null || echo "unreachable") + STATUS=$(curl -s http://192.168.1.60:3301/health | python3 -c "import sys,json; print(d:=json.load(sys.stdin), d.get('status'))" 2>/dev/null || echo "unreachable") echo "Health check: $STATUS" - if [ "$STATUS" = "ok" ]; then - echo "✅ Deployment successful! App running at http://192.168.1.60:3301" - else - echo "⚠️ Health check inconclusive (container may be restarting)" - fi - name: Cleanup if: always() - run: rm -rf workspace /tmp/tippspiel-ci.tar + run: rm -rf workspace /tmp/tippspiel-ci.tar /tmp/compose-deploy.yml