kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

export 수정

Browse Source
This commit is contained in:
조찬영
2026-02-06 17:18:19 +09:00
parent 22b132eb51
commit 804dc412fb
1 changed files with 37 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
.gitea/workflows/staging_release.yml
View File

@@ -14,10 +14,12 @@ jobs:
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Setup SSH - name: Setup SSH
uses: webfactory/ssh-agent@v0.9.0 uses: webfactory/ssh-agent@v0.9.0
with: with:
ssh-private-key: ${{ secrets.STAGE_SSH_PRIVATE_KEY }} ssh-private-key: ${{ secrets.STAGE_SSH_PRIVATE_KEY }}
- name: Deploy to Staging - name: Deploy to Staging
env: env:
IMAGE_TAG: ${{ github.event.inputs.rc_version_tag }} IMAGE_TAG: ${{ github.event.inputs.rc_version_tag }}
@@ -25,27 +27,33 @@ jobs:
USERFRONT_IMAGE_NAME: ${{ vars.HARBOR_HOSTNAME }}/baron_sso/userfront USERFRONT_IMAGE_NAME: ${{ vars.HARBOR_HOSTNAME }}/baron_sso/userfront
ADMINFRONT_IMAGE_NAME: ${{ vars.HARBOR_HOSTNAME }}/baron_sso/adminfront ADMINFRONT_IMAGE_NAME: ${{ vars.HARBOR_HOSTNAME }}/baron_sso/adminfront
DEVFRONT_IMAGE_NAME: ${{ vars.HARBOR_HOSTNAME }}/baron_sso/devfront DEVFRONT_IMAGE_NAME: ${{ vars.HARBOR_HOSTNAME }}/baron_sso/devfront
# Staging-specific variables
DEPLOY_PATH: ${{ vars.STAGE_DEPLOY_PATH }} DEPLOY_PATH: ${{ vars.STAGE_DEPLOY_PATH }}
STAGE_HOST: ${{ vars.STAGE_HOST }} STAGE_HOST: ${{ vars.STAGE_HOST }}
STAGE_USER: ${{ vars.STAGE_USER }} STAGE_USER: ${{ vars.STAGE_USER }}
HARBOR_ENDPOINT: ${{ vars.HARBOR_ENDPOINT }} HARBOR_ENDPOINT: ${{ vars.HARBOR_ENDPOINT }}
HARBOR_ROBOT_ACCOUNT: ${{ vars.HARBOR_ROBOT_ACCOUNT }} HARBOR_ROBOT_ACCOUNT: ${{ vars.HARBOR_ROBOT_ACCOUNT }}
HARBOR_ROBOT_KEY: ${{ secrets.HARBOR_ROBOT_KEY }} HARBOR_ROBOT_KEY: ${{ secrets.HARBOR_ROBOT_KEY }}
run: | run: |
set -euo pipefail set -euo pipefail
echo "DEBUG: STAGE_USER='${STAGE_USER}'" echo "DEBUG: STAGE_USER='${STAGE_USER}'"
echo "DEBUG: STAGE_HOST='${STAGE_HOST}'" echo "DEBUG: STAGE_HOST='${STAGE_HOST}'"
echo "DEBUG: DEPLOY_PATH='${DEPLOY_PATH}'" echo "DEBUG: DEPLOY_PATH='${DEPLOY_PATH}'"
# Sanity check
if [ -z "${STAGE_USER}" ] || [ -z "${STAGE_HOST}" ] || [ -z "${DEPLOY_PATH}" ]; then if [ -z "${STAGE_USER}" ] || [ -z "${STAGE_HOST}" ] || [ -z "${DEPLOY_PATH}" ]; then
echo "::error::Missing required vars (STAGE_USER/STAGE_HOST/DEPLOY_PATH). Check Gitea repo variables." echo "::error::Missing required vars (STAGE_USER/STAGE_HOST/DEPLOY_PATH). Check Gitea repo variables."
exit 1 exit 1
fi fi
ssh-keyscan -H "${STAGE_HOST}" >> ~/.ssh/known_hosts ssh-keyscan -H "${STAGE_HOST}" >> ~/.ssh/known_hosts
ssh "${STAGE_USER}@${STAGE_HOST}" "mkdir -p '${DEPLOY_PATH}'" ssh "${STAGE_USER}@${STAGE_HOST}" "mkdir -p '${DEPLOY_PATH}'"
# Create .env file using HEREDOC # Create .env for Staging using a HEREDOC to prevent shell expansion issues
cat <<'EOF' > .env cat <<'EOF' > .env
APP_ENV=stage APP_ENV=stage
TZ=Asia/Seoul TZ=Asia/Seoul
@@ -116,27 +124,36 @@ jobs:
EOF EOF
# Copy artifacts to remote # Copy artifacts to remote
# Using compose.infra.yaml as base for staging (assuming simplified structure compared to prod)
# OR use docker-compose.template.yaml if staging follows prod structure strictly
scp docker/docker-compose.staging.template.yaml .env "${STAGE_USER}@${STAGE_HOST}:${DEPLOY_PATH}/" scp docker/docker-compose.staging.template.yaml .env "${STAGE_USER}@${STAGE_HOST}:${DEPLOY_PATH}/"
scp docker/compose.infra.yaml "${STAGE_USER}@${STAGE_HOST}:${DEPLOY_PATH}/compose.infra.yml" scp docker/compose.infra.yaml "${STAGE_USER}@${STAGE_HOST}:${DEPLOY_PATH}/compose.infra.yml"
# Ory compose files might be needed too
scp docker/compose.ory.yaml "${STAGE_USER}@${STAGE_HOST}:${DEPLOY_PATH}/compose.ory.yml" scp docker/compose.ory.yaml "${STAGE_USER}@${STAGE_HOST}:${DEPLOY_PATH}/compose.ory.yml"
scp -r docker/ory "${STAGE_USER}@${STAGE_HOST}:${DEPLOY_PATH}/docker/" scp -r docker/ory "${STAGE_USER}@${STAGE_HOST}:${DEPLOY_PATH}/docker/"
# Execute remote deployment script # Deploy
ssh "${STAGE_USER}@${STAGE_HOST}" 'bash -s' <<EOF echo "${HARBOR_ROBOT_KEY}" | ssh "${STAGE_USER}@${STAGE_HOST}" \
set -e "export DEPLOY_PATH='${DEPLOY_PATH}'; \
cd '${DEPLOY_PATH}' export BACKEND_IMAGE_NAME='${BACKEND_IMAGE_NAME}'; \
export USERFRONT_IMAGE_NAME='${USERFRONT_IMAGE_NAME}'; \
echo "${HARBOR_ROBOT_KEY}" | docker login '${HARBOR_ENDPOINT}' -u '${HARBOR_ROBOT_ACCOUNT}' --password-stdin export ADMINFRONT_IMAGE_NAME='${ADMINFRONT_IMAGE_NAME}'; \
export DEVFRONT_IMAGE_NAME='${DEVFRONT_IMAGE_NAME}'; \
export IMAGE_TAG='${IMAGE_TAG}'; \
export HARBOR_ENDPOINT='${HARBOR_ENDPOINT}'; \
export HARBOR_ROBOT_ACCOUNT='${HARBOR_ROBOT_ACCOUNT}'; \
set -e; \
cd \"\${DEPLOY_PATH}\"; \
docker login \"\${HARBOR_ENDPOINT}\" -u \"\${HARBOR_ROBOT_ACCOUNT}\" --password-stdin; \
set -a; \
. ./.env; \
set +a; \
for net in baron_net public_net ory-net hydranet kratosnet; do for net in baron_net public_net ory-net hydranet kratosnet; do
docker network inspect "\$net" >/dev/null 2>&1 || docker network create "\$net" docker network inspect "\$net" >/dev/null 2>&1 || docker network create "\$net"
done done
# Assuming template usage similar to prod
set -a envsubst < docker-compose.staging.template.yaml > docker-compose.yml; \
. ./.env # Pull & Up
set +a # Assuming staging runs both infra, ory, and app stack
docker compose -f compose.infra.yml -f compose.ory.yml -f docker-compose.yml pull; \
envsubst '\$BACKEND_IMAGE_NAME \$ADMINFRONT_IMAGE_NAME \$DEVFRONT_IMAGE_NAME \$USERFRONT_IMAGE_NAME \$IMAGE_TAG' < docker-compose.staging.template.yaml > docker-compose.yml docker compose -f compose.infra.yml -f compose.ory.yml -f docker-compose.yml up -d --remove-orphans"
docker compose -f compose.infra.yml -f compose.ory.yml -f docker-compose.yml pull
docker compose -f compose.infra.yml -f compose.ory.yml -f docker-compose.yml up -d --remove-orphans