feat: add CI pipeline with ESLint, refactor deploy with rollback + Telegram
- Add eslint.config.mjs (flat config, eslint-config-next@16 + TypeScript) - Add .gitea/workflows/ci.yaml (lint, test:unit, build on all branches) - Refactor deploy.yaml: needs: [ci] gate, Docker rollback tag, Telegram notifications - Fix 3 pre-existing lint errors (empty interfaces, ts-ignore, require imports)
This commit is contained in:
@@ -10,6 +10,7 @@ jobs:
|
||||
deploy:
|
||||
name: Build and Deploy
|
||||
runs-on: ubuntu-24.04
|
||||
needs: [ci]
|
||||
steps:
|
||||
- name: Setup SSH
|
||||
run: |
|
||||
@@ -20,17 +21,14 @@ jobs:
|
||||
|
||||
- name: Update .env.docker from Gitea vars & secrets
|
||||
env:
|
||||
# ── Auth ──────────────────────────────────────────
|
||||
APP_URL: ${{ vars.APP_URL }}
|
||||
NEXTAUTH_SECRET: ${{ secrets.NEXTAUTH_SECRET }}
|
||||
ADMIN_EMAIL: ${{ vars.ADMIN_EMAIL }}
|
||||
ALLOW_REGISTRATION: ${{ vars.ALLOW_REGISTRATION }}
|
||||
# ── Database ──────────────────────────────────────
|
||||
POSTGRES_USER: ${{ vars.POSTGRES_USER }}
|
||||
POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
|
||||
POSTGRES_DB: ${{ vars.POSTGRES_DB }}
|
||||
POSTGRES_PORT: ${{ vars.POSTGRES_PORT }}
|
||||
# ── AI Provider ───────────────────────────────────
|
||||
AI_PROVIDER_TAGS: ${{ vars.AI_PROVIDER_TAGS }}
|
||||
AI_MODEL_TAGS: ${{ vars.AI_MODEL_TAGS }}
|
||||
AI_PROVIDER_EMBEDDING: ${{ vars.AI_PROVIDER_EMBEDDING }}
|
||||
@@ -41,7 +39,6 @@ jobs:
|
||||
CUSTOM_OPENAI_API_KEY: ${{ secrets.CUSTOM_OPENAI_API_KEY }}
|
||||
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
|
||||
OLLAMA_BASE_URL: ${{ vars.OLLAMA_BASE_URL }}
|
||||
# ── Email ─────────────────────────────────────────
|
||||
EMAIL_PROVIDER: ${{ vars.EMAIL_PROVIDER }}
|
||||
SMTP_FROM: ${{ vars.SMTP_FROM }}
|
||||
RESEND_API_KEY: ${{ secrets.RESEND_API_KEY }}
|
||||
@@ -51,10 +48,8 @@ jobs:
|
||||
SMTP_PASS: ${{ secrets.SMTP_PASS }}
|
||||
SMTP_SECURE: ${{ vars.SMTP_SECURE }}
|
||||
SMTP_IGNORE_CERT: ${{ vars.SMTP_IGNORE_CERT }}
|
||||
# ── MCP ───────────────────────────────────────────
|
||||
MCP_MODE: ${{ vars.MCP_MODE }}
|
||||
MCP_PORT: ${{ vars.MCP_PORT }}
|
||||
# ── Tools ─────────────────────────────────────────
|
||||
WEB_SEARCH_PROVIDER: ${{ vars.WEB_SEARCH_PROVIDER }}
|
||||
SEARXNG_URL: ${{ vars.SEARXNG_URL }}
|
||||
BRAVE_SEARCH_API_KEY: ${{ secrets.BRAVE_SEARCH_API_KEY }}
|
||||
@@ -62,14 +57,11 @@ jobs:
|
||||
run: |
|
||||
ssh root@192.168.1.190 bash << 'ENDSSH'
|
||||
ENV_FILE="/opt/memento/.env.docker"
|
||||
# Crée le fichier s'il n'existe pas
|
||||
touch "$ENV_FILE"
|
||||
|
||||
# Fonction : supprime toutes les occurrences de la clé puis ajoute la nouvelle valeur
|
||||
upsert() {
|
||||
local key="$1" val="$2"
|
||||
[ -z "$val" ] && return
|
||||
# Supprimer toutes les lignes existantes (évite les doublons)
|
||||
sed -i "/^[[:space:]]*${key}=/d" "$ENV_FILE"
|
||||
echo "${key}=\"${val}\"" >> "$ENV_FILE"
|
||||
}
|
||||
@@ -109,10 +101,15 @@ jobs:
|
||||
upsert JINA_API_KEY "$JINA_API_KEY"
|
||||
|
||||
echo ".env.docker updated"
|
||||
# Redémarre les containers pour appliquer les nouvelles vars d'env
|
||||
cd /opt/memento && docker compose up -d --force-recreate memento-note
|
||||
ENDSSH
|
||||
|
||||
- name: Tag current image as rollback
|
||||
run: |
|
||||
ssh root@192.168.1.190 << 'ENDSSH'
|
||||
docker tag memento-note_memento-note:latest memento-note_memento-note:rollback 2>/dev/null && echo "Rollback tag saved" || echo "No existing image to tag"
|
||||
ENDSSH
|
||||
|
||||
- name: Deploy via SSH
|
||||
run: |
|
||||
ssh root@192.168.1.190 << 'ENDSSH'
|
||||
@@ -158,20 +155,51 @@ jobs:
|
||||
ENDSSH
|
||||
|
||||
- name: Wait for app to be healthy
|
||||
id: health-check
|
||||
run: |
|
||||
echo "Waiting up to 180s for http://192.168.1.190 ..."
|
||||
for i in $(seq 1 36); do
|
||||
CODE=$(curl -s -o /dev/null -w "%{http_code}" --max-time 5 -L http://192.168.1.190/ || echo "000")
|
||||
if [ "$CODE" != "000" ] && [ "$CODE" -lt 500 ]; then
|
||||
echo "✅ App OK (HTTP $CODE) after $((i * 5))s"
|
||||
echo "App OK (HTTP $CODE) after $((i * 5))s"
|
||||
echo "healthy=true" >> $GITHUB_OUTPUT
|
||||
exit 0
|
||||
fi
|
||||
echo " [$((i * 5))s] HTTP $CODE"
|
||||
sleep 5
|
||||
done
|
||||
echo "healthy=false" >> $GITHUB_OUTPUT
|
||||
echo "Timeout! Derniers logs :"
|
||||
ssh root@192.168.1.190 "docker logs memento-web --tail=50"
|
||||
exit 1
|
||||
exit 0
|
||||
|
||||
- name: Rollback on failure
|
||||
if: steps.health-check.outputs.healthy == 'false'
|
||||
run: |
|
||||
ssh root@192.168.1.190 << 'ENDSSH'
|
||||
echo "=== ROLLBACK: Restoring previous image ==="
|
||||
docker tag memento-note_memento-note:rollback memento-note_memento-note:latest
|
||||
cd /opt/memento && docker compose up -d --force-recreate memento-note
|
||||
echo "Rollback complete"
|
||||
ENDSSH
|
||||
|
||||
- name: Notify Telegram
|
||||
if: always()
|
||||
run: |
|
||||
HEALTHY="${{ steps.health-check.outputs.healthy }}"
|
||||
if [ "$HEALTHY" = "true" ]; then
|
||||
MSG="✅ Memento deploy SUCCESS%nBranch: main%nCommit: ${{ github.sha }}"
|
||||
else
|
||||
MSG="❌ Memento deploy FAILED%nBranch: main%nCommit: ${{ github.sha }}%nAction: rollback to previous image"
|
||||
fi
|
||||
curl -s -X POST "https://api.telegram.org/bot${{ secrets.TELEGRAM_BOT_TOKEN }}/sendMessage" \
|
||||
-d chat_id="${{ secrets.TELEGRAM_CHAT_ID }}" \
|
||||
-d text="$(printf "$MSG")" \
|
||||
-d parse_mode="HTML" || true
|
||||
|
||||
- name: Fail if unhealthy
|
||||
if: steps.health-check.outputs.healthy == 'false'
|
||||
run: exit 1
|
||||
|
||||
- name: Cleanup
|
||||
if: always()
|
||||
|
||||
Reference in New Issue
Block a user