Split build-on-server and registry deploy workflows

2026-02-04 14:54:43 +09:00
parent c5c3e30e78
commit 02f40e9cc3
2 changed files with 78 additions and 43 deletions
--- a/.gitea/workflows/deploy-registry.yml
+++ b/.gitea/workflows/deploy-registry.yml
@@ -0,0 +1,54 @@
+name: Deploy (registry)
+
+on:
+  workflow_dispatch:
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ vars.HARBOR_ENDPOINT }}
+          username: ${{ vars.HARBOR_ROBOT_ACCOUNT }}
+          password: ${{ secrets.HARBOR_ROBOT_KEY }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: |
+            ${{ vars.HARBOR_ENDPOINT }}/${{ vars.IMAGE_NAME }}:latest
+            ${{ vars.HARBOR_ENDPOINT }}/${{ vars.IMAGE_NAME }}:${{ github.sha }}
+
+      - name: Deploy via SSH
+        uses: appleboy/ssh-action@v1.0.3
+        with:
+          host: ${{ vars.SSH_HOST }}
+          username: ${{ vars.SSH_USER }}
+          key: ${{ secrets.SSH_KEY }}
+          port: ${{ vars.SSH_PORT }}
+          script: |
+            cd ${{ secrets.DEPLOY_PATH }}
+            cat << 'ENVEOF' > .env
+            ${{ secrets.DEPLOY_ENV_FILE }}
+            ENVEOF
+
+            # Export variables from .env file
+            set -a
+            source .env
+            set +a
+
+            docker compose --env-file .env pull
+            docker compose --env-file .env up -d