From ca43de875636c3a9b9e80c907d8bbabfbeeebec0 Mon Sep 17 00:00:00 2001 From: Joelbrit0 Date: Thu, 29 Jan 2026 13:31:20 -0300 Subject: [PATCH] fix: use harbor domain instead of ip to fix ssl error --- .gitea/workflows/deploy-api.yaml | 34 +++++++++++++++----------------- 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/.gitea/workflows/deploy-api.yaml b/.gitea/workflows/deploy-api.yaml index 8a6426c..3d9b30e 100644 --- a/.gitea/workflows/deploy-api.yaml +++ b/.gitea/workflows/deploy-api.yaml @@ -19,6 +19,7 @@ jobs: sudo apt-get clean || true docker system prune -af --volumes || true df -h + - name: Build (develop) / Promote (main) env: REGISTRY: 172.35.0.216 @@ -53,6 +54,7 @@ jobs: LEGACY_USER="${HARBOR_LEGACY_USERNAME:-$PROD_USER}" LEGACY_PASS="${HARBOR_LEGACY_PASSWORD:-$PROD_PASS}" + # --- Lógica para DEVELOP / HOMOLOG (Build) --- if [ "$BRANCH" = "develop" ] || [ "$BRANCH" = "homolog" ]; then TAG=$(echo ${{ gitea.sha }} | cut -c1-7) @@ -64,49 +66,45 @@ jobs: exit 0 fi + # --- Lógica para MAIN (Promoção via Skopeo) --- if [ "$BRANCH" = "main" ]; then sudo apt-get update -y sudo apt-get install -y skopeo if [ -z "${DEV_USER:-}" ] || [ -z "${DEV_PASS:-}" ]; then - echo "Missing Harbor DEV credentials (HARBOR_DEV_USERNAME/HARBOR_DEV_PASSWORD or HARBOR_USERNAME/HARBOR_PASSWORD)." >&2 - exit 1 - fi - if [ -z "${PROD_USER:-}" ] || [ -z "${PROD_PASS:-}" ]; then - echo "Missing Harbor PROD credentials (HARBOR_PROD_USERNAME/HARBOR_PROD_PASSWORD or HARBOR_USERNAME/HARBOR_PASSWORD)." >&2 + echo "Missing Harbor DEV credentials." >&2 exit 1 fi - # Merge commit: HEAD has 2 parents; HEAD^2 is the merged branch tip. PARENTS="$(git rev-list --parents -n 1 HEAD)" set -- $PARENTS SOURCE_SHA="${3:-${1:-}}" - if [ -z "$SOURCE_SHA" ]; then - SOURCE_SHA="${{ gitea.sha }}" - fi TAG="$(echo "$SOURCE_SHA" | cut -c1-7)" - # Promote the exact artifact built on develop into prod (no rebuild). - skopeo inspect --creds "$DEV_USER:$DEV_PASS" "docker://$DEV_IMAGE:$TAG" >/dev/null + # Inspecionar imagem na origem (DEV) ignorando TLS + skopeo inspect --src-tls-verify=false --creds "$DEV_USER:$DEV_PASS" "docker://$DEV_IMAGE:$TAG" >/dev/null - # Validate destination repository exists and auth works. - # Using list-tags avoids assuming a specific tag exists. - skopeo list-tags --creds "$PROD_USER:$PROD_PASS" "docker://$PROD_IMAGE" >/dev/null + # Listar tags no destino (PROD) ignorando TLS + skopeo list-tags --tls-verify=false --creds "$PROD_USER:$PROD_PASS" "docker://$PROD_IMAGE" >/dev/null + # Copiar imagem de DEV para PROD (Promoção) ignorando TLS em ambos skopeo copy --all \ + --src-tls-verify=false \ + --dest-tls-verify=false \ --src-creds "$DEV_USER:$DEV_PASS" \ --dest-creds "$PROD_USER:$PROD_PASS" \ "docker://$DEV_IMAGE:$TAG" \ "docker://$PROD_IMAGE:$TAG" - # Optional: keep legacy tags working during migration. + # Promoção para Legacy (se ativado) if [ "${PROMOTE_LEGACY:-false}" = "true" ]; then - skopeo copy --all \ + skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \ --src-creds "$DEV_USER:$DEV_PASS" \ --dest-creds "$LEGACY_USER:$LEGACY_PASS" \ "docker://$DEV_IMAGE:$TAG" \ "docker://$LEGACY_IMAGE:$TAG" - skopeo copy --all \ + + skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \ --src-creds "$DEV_USER:$DEV_PASS" \ --dest-creds "$LEGACY_USER:$LEGACY_PASS" \ "docker://$DEV_IMAGE:$TAG" \ @@ -117,4 +115,4 @@ jobs: fi echo "Unsupported branch: $BRANCH" >&2 - exit 1 + exit 1 \ No newline at end of file