diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index d7bfeb0..94195e5 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -14,11 +14,28 @@ jobs: - name: Build and Push run: | + set -euo pipefail REGISTRY="git.simplifiquehc.com.br" IMAGE_NAME="$REGISTRY/simplifique/vendaweb-portal" - SHA_TAG=$(echo ${{ gitea.sha }} | cut -c1-7) + SHA_TAG=$(echo "${{ github.sha }}" | cut -c1-7) - echo "${{ secrets.K8S }}" | docker login "$REGISTRY" -u "${{ gitea.actor }}" --password-stdin + REGISTRY_USERNAME="${{ secrets.REGISTRY_USERNAME }}" + if [ -z "$REGISTRY_USERNAME" ]; then + REGISTRY_USERNAME="${{ github.actor }}" + fi + + REGISTRY_PASSWORD="${{ secrets.REGISTRY_PASSWORD }}" + if [ -z "$REGISTRY_PASSWORD" ]; then + REGISTRY_PASSWORD="${{ secrets.K8S }}" + fi + + if [ -z "$REGISTRY_USERNAME" ] || [ -z "$REGISTRY_PASSWORD" ]; then + echo "Missing registry credentials. Set secrets.REGISTRY_USERNAME + secrets.REGISTRY_PASSWORD (recommended)" + echo "(fallback supported: secrets.K8S as password)" + exit 1 + fi + + printf '%s' "$REGISTRY_PASSWORD" | docker login "$REGISTRY" -u "$REGISTRY_USERNAME" --password-stdin docker build -t "$IMAGE_NAME:$SHA_TAG" -t "$IMAGE_NAME:latest" . docker push "$IMAGE_NAME:$SHA_TAG" @@ -26,7 +43,8 @@ jobs: - name: Update Manifest and Push to Git run: | - SHA_TAG=$(echo ${{ gitea.sha }} | cut -c1-7) + set -euo pipefail + SHA_TAG=$(echo "${{ github.sha }}" | cut -c1-7) IMAGE_NAME="git.simplifiquehc.com.br/simplifique/vendaweb-portal" MANIFEST_FILE="k8s/overlays/prod/deployment-image-digest-patch.yaml" @@ -38,7 +56,7 @@ jobs: exit 1 fi - git remote set-url origin "https://${{ gitea.actor }}:${{ secrets.GITEA_TOKEN }}@git.simplifiquehc.com.br/simplifique/Vendaweb-portal.git" + git remote set-url origin "https://${{ github.actor }}:${{ secrets.GITEA_TOKEN }}@git.simplifiquehc.com.br/simplifique/Vendaweb-portal.git" git config user.name "Gitea Action" git config user.email "actions@simplifiquehc.com.br"