diff --git a/.gitea/workflows/itam_production_deploy.yml b/.gitea/workflows/itam_production_deploy.yml index 013bac8..168d05b 100644 --- a/.gitea/workflows/itam_production_deploy.yml +++ b/.gitea/workflows/itam_production_deploy.yml @@ -32,9 +32,11 @@ jobs: DB_USER: ${{ vars.PROD_DB_USER }} DB_PASS: ${{ secrets.PROD_DB_PASS }} DB_NAME: ${{ vars.PROD_DB_NAME }} + CLIENT_ID: ${{ vars.PROD_CLIENT_ID }} + ISSUER: ${{ vars.PROD_ISSUER }} run: | set -euo pipefail - required_keys="PROD_HOST PROD_USER PROD_DEPLOY_PATH PROD_GIT_URL DB_HOST DB_PORT DB_USER DB_PASS DB_NAME" + required_keys="PROD_HOST PROD_USER PROD_DEPLOY_PATH PROD_GIT_URL DB_HOST DB_PORT DB_USER DB_PASS DB_NAME CLIENT_ID ISSUER" for key in ${required_keys}; do if [ -z "${!key:-}" ]; then echo "::error::Missing required variable or secret: ${key}" @@ -50,6 +52,10 @@ jobs: DB_PASS: ${{ secrets.PROD_DB_PASS }} DB_NAME: ${{ vars.PROD_DB_NAME }} LOG_LEVEL: ${{ vars.PROD_LOG_LEVEL }} + CLIENT_ID: ${{ vars.PROD_CLIENT_ID }} + ISSUER: ${{ vars.PROD_ISSUER }} + PROD_REDIRECT_URI: ${{ vars.PROD_REDIRECT_URI }} + PROD_JWKS_URI: ${{ vars.PROD_JWKS_URI }} run: | set -euo pipefail EFFECTIVE_LOG_LEVEL="${LOG_LEVEL:-info}" @@ -62,6 +68,10 @@ jobs: NODE_ENV=production PORT=3000 LOG_LEVEL=${EFFECTIVE_LOG_LEVEL} + CLIENT_ID=${CLIENT_ID} + ISSUER=${ISSUER} + PROD_REDIRECT_URI=${PROD_REDIRECT_URI:-http://172.16.10.175:9090/callback} + PROD_JWKS_URI=${PROD_JWKS_URI:-http://172.16.10.175:9090/.well-known/jwks.json} EOF - name: Deploy to production host @@ -111,7 +121,7 @@ jobs: fi REMOTE_BACKUP - ssh "${PROD_USER}@${PROD_HOST}" "cd '${PROD_DEPLOY_PATH}' && git clean -fd" + ssh "${PROD_USER}@${PROD_HOST}" "cd '${PROD_DEPLOY_PATH}' && git clean -fd -e uploads/ -e logs/nginx/ -e mysql_data/" ssh "${PROD_USER}@${PROD_HOST}" "cd '${PROD_DEPLOY_PATH}' && mkdir -p uploads logs/nginx"