From 0b283791455a7277b2a7ee0fed7b157bab1b12b4 Mon Sep 17 00:00:00 2001 From: Joelbrit0 Date: Thu, 29 Jan 2026 13:47:26 -0300 Subject: [PATCH] feat: migrate registry to gitea and simplify workflow --- .gitea/workflows/deploy-api.yaml | 113 +++------------------------ k8s/base/deployment.yaml | 2 +- k8s/overlays/prod/kustomization.yaml | 1 - 3 files changed, 14 insertions(+), 102 deletions(-) diff --git a/.gitea/workflows/deploy-api.yaml b/.gitea/workflows/deploy-api.yaml index 3d9b30e..799ce0c 100644 --- a/.gitea/workflows/deploy-api.yaml +++ b/.gitea/workflows/deploy-api.yaml @@ -12,107 +12,20 @@ jobs: with: fetch-depth: 0 - - name: Free disk space + - name: Push to Gitea Registry run: | - df -h - sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc || true - sudo apt-get clean || true - docker system prune -af --volumes || true - df -h + # Define Image Name (removes https:// and converts to lowercase) + IMAGE="git.simplifiquehc.com.br/${{ gitea.repository }}" + IMAGE_LOWER=$(echo "$IMAGE" | tr '[:upper:]' '[:lower:]') - - name: Build (develop) / Promote (main) - env: - REGISTRY: 172.35.0.216 - DEV_PROJECT: vendaweb-dev - PROD_PROJECT: vendaweb-prod - IMAGE_REPO: vendaweb-api - PROMOTE_LEGACY: 'false' - HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }} - HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }} - HARBOR_DEV_USERNAME: ${{ secrets.HARBOR_DEV_USERNAME }} - HARBOR_DEV_PASSWORD: ${{ secrets.HARBOR_DEV_PASSWORD }} - HARBOR_PROD_USERNAME: ${{ secrets.HARBOR_PROD_USERNAME }} - HARBOR_PROD_PASSWORD: ${{ secrets.HARBOR_PROD_PASSWORD }} - HARBOR_LEGACY_USERNAME: ${{ secrets.HARBOR_LEGACY_USERNAME }} - HARBOR_LEGACY_PASSWORD: ${{ secrets.HARBOR_LEGACY_PASSWORD }} - run: | - set -euo pipefail + # Login to Gitea Registry (using the domain) + echo "${{ secrets.GITEA }}" | docker login git.simplifiquehc.com.br -u "${{ gitea.actor }}" --password-stdin - BRANCH="${GITHUB_REF_NAME:-${GITEA_REF_NAME:-}}" - if [ -z "$BRANCH" ] && [ -n "${GITHUB_REF:-}" ]; then - BRANCH="${GITHUB_REF#refs/heads/}" - fi + # Build and Push + docker build -t "$IMAGE_LOWER:latest" . + docker push "$IMAGE_LOWER:latest" - DEV_IMAGE="$REGISTRY/$DEV_PROJECT/$IMAGE_REPO" - PROD_IMAGE="$REGISTRY/$PROD_PROJECT/$IMAGE_REPO" - LEGACY_IMAGE="$REGISTRY/library/$IMAGE_REPO" - - DEV_USER="${HARBOR_DEV_USERNAME:-$HARBOR_USERNAME}" - DEV_PASS="${HARBOR_DEV_PASSWORD:-$HARBOR_PASSWORD}" - PROD_USER="${HARBOR_PROD_USERNAME:-$HARBOR_USERNAME}" - PROD_PASS="${HARBOR_PROD_PASSWORD:-$HARBOR_PASSWORD}" - LEGACY_USER="${HARBOR_LEGACY_USERNAME:-$PROD_USER}" - LEGACY_PASS="${HARBOR_LEGACY_PASSWORD:-$PROD_PASS}" - - # --- Lógica para DEVELOP / HOMOLOG (Build) --- - if [ "$BRANCH" = "develop" ] || [ "$BRANCH" = "homolog" ]; then - TAG=$(echo ${{ gitea.sha }} | cut -c1-7) - - echo "$DEV_PASS" | docker login "$REGISTRY" -u "$DEV_USER" --password-stdin - docker build -t "$DEV_IMAGE:$TAG" -f ./Dockerfile . - docker push "$DEV_IMAGE:$TAG" - docker tag "$DEV_IMAGE:$TAG" "$DEV_IMAGE:develop" - docker push "$DEV_IMAGE:develop" - exit 0 - fi - - # --- Lógica para MAIN (Promoção via Skopeo) --- - if [ "$BRANCH" = "main" ]; then - sudo apt-get update -y - sudo apt-get install -y skopeo - - if [ -z "${DEV_USER:-}" ] || [ -z "${DEV_PASS:-}" ]; then - echo "Missing Harbor DEV credentials." >&2 - exit 1 - fi - - PARENTS="$(git rev-list --parents -n 1 HEAD)" - set -- $PARENTS - SOURCE_SHA="${3:-${1:-}}" - TAG="$(echo "$SOURCE_SHA" | cut -c1-7)" - - # Inspecionar imagem na origem (DEV) ignorando TLS - skopeo inspect --src-tls-verify=false --creds "$DEV_USER:$DEV_PASS" "docker://$DEV_IMAGE:$TAG" >/dev/null - - # Listar tags no destino (PROD) ignorando TLS - skopeo list-tags --tls-verify=false --creds "$PROD_USER:$PROD_PASS" "docker://$PROD_IMAGE" >/dev/null - - # Copiar imagem de DEV para PROD (Promoção) ignorando TLS em ambos - skopeo copy --all \ - --src-tls-verify=false \ - --dest-tls-verify=false \ - --src-creds "$DEV_USER:$DEV_PASS" \ - --dest-creds "$PROD_USER:$PROD_PASS" \ - "docker://$DEV_IMAGE:$TAG" \ - "docker://$PROD_IMAGE:$TAG" - - # Promoção para Legacy (se ativado) - if [ "${PROMOTE_LEGACY:-false}" = "true" ]; then - skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \ - --src-creds "$DEV_USER:$DEV_PASS" \ - --dest-creds "$LEGACY_USER:$LEGACY_PASS" \ - "docker://$DEV_IMAGE:$TAG" \ - "docker://$LEGACY_IMAGE:$TAG" - - skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \ - --src-creds "$DEV_USER:$DEV_PASS" \ - --dest-creds "$LEGACY_USER:$LEGACY_PASS" \ - "docker://$DEV_IMAGE:$TAG" \ - "docker://$LEGACY_IMAGE:latest" - fi - - exit 0 - fi - - echo "Unsupported branch: $BRANCH" >&2 - exit 1 \ No newline at end of file + # Optional: Use SHA tag as well + TAG=$(echo ${{ gitea.sha }} | cut -c1-7) + docker tag "$IMAGE_LOWER:latest" "$IMAGE_LOWER:$TAG" + docker push "$IMAGE_LOWER:$TAG" diff --git a/k8s/base/deployment.yaml b/k8s/base/deployment.yaml index eb670b0..bb8230b 100644 --- a/k8s/base/deployment.yaml +++ b/k8s/base/deployment.yaml @@ -18,7 +18,7 @@ spec: - name: harbor-secret containers: - name: api - image: 172.35.0.216/library/vendaweb-api:latest + image: git.simplifiquehc.com.br/simplifique/vendaweb-api:latest imagePullPolicy: IfNotPresent ports: - name: http diff --git a/k8s/overlays/prod/kustomization.yaml b/k8s/overlays/prod/kustomization.yaml index 6b76f88..6fc041d 100644 --- a/k8s/overlays/prod/kustomization.yaml +++ b/k8s/overlays/prod/kustomization.yaml @@ -7,5 +7,4 @@ resources: - ../../base patches: - - path: deployment-image-digest-patch.yaml - path: service-patch.yaml