pipeline build v14 - GPT version of pipeline

2025-07-31 14:51:45 +00:00 · 2025-07-31 14:51:45 +00:00 · 11a9afbddd
commit 11a9afbddd
parent 9849137be1
1 changed files with 25 additions and 18 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -1,30 +1,37 @@
 steps:
-  push-to-staging:
+  ssh-test:                       # name unchanged
    image: google/cloud-sdk:latest
    commands:
      - |
-        #!/bin/bash
-        set -eu
+        #!/usr/bin/env bash
+        set -euo pipefail
+
        mkdir -p ~/.ssh

-        # Inject known hosts
-        gcloud secrets versions access latest --secret=STAGING_KNOWN_HOSTS --project=aptivaai-dev | base64 -d > ~/.ssh/known_hosts
+        # ── Fetch & install secrets from Secret Manager ─────────────
+        gcloud secrets versions access latest \
+          --secret=STAGING_KNOWN_HOSTS --project=aptivaai-dev | base64 -d > ~/.ssh/known_hosts
        chmod 644 ~/.ssh/known_hosts

-        # Inject SSH key
-        gcloud secrets versions access latest --secret=STAGING_SSH_KEY --project=aptivaai-dev | base64 -d > ~/.ssh/id_ed25519
+        gcloud secrets versions access latest \
+          --secret=STAGING_SSH_KEY --project=aptivaai-dev | base64 -d > ~/.ssh/id_ed25519
        chmod 600 ~/.ssh/id_ed25519

-        # Confirm working tree location
-        SRC_DIR="$PWD/repo"  # Assuming you cloned to ./repo
-        DEST_DIR="/home/jcoakley/dev1"  # Confirm if this is correct on staging
+        echo "🔑  SSH material ready"

-        # Clone dev1 repo
-        git config --global user.name "Woodpecker CI"
-        git config --global user.email "ci@aptivaai.com"
-        git clone https://jcoakley:f4bf7ac91bdbd16bf47d241860198ba0bbe4b5c6@gitea.dev1.aptivaai.com/jcoakley/dev1.git repo
+        # ── Tag comes from the commit that triggered Woodpecker ─────
+        TAG=$(echo "$CI_COMMIT_SHA" | head -c 8)
+        echo "🚀  Deploying tag ${TAG} to staging"

-        # Rsync to staging VM
-        rsync -az --delete -e "ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes" \
-          --exclude '.git' \
-          "$SRC_DIR/" jcoakley@10.128.0.12:"$DEST_DIR"
+        # ── SSH into the staging VM and re‑create the stack ─────────
+        ssh -o StrictHostKeyChecking=yes \
+            -i ~/.ssh/id_ed25519 \
+            jcoakley@10.128.0.12 <<EOF
+          set -euo pipefail
+          cd /opt/aptiva-staging-app
+          echo "Pulling containers with IMG_TAG=${TAG}"
+          IMG_TAG=${TAG} docker compose pull
+          echo "Recreating services"
+          IMG_TAG=${TAG} docker compose up -d --force-recreate --remove-orphans
+          echo "✅  Staging stack refreshed"
+EOF