From e289847d73844b6160190e82385c84c825ab267f Mon Sep 17 00:00:00 2001 From: Josh Date: Wed, 30 Jul 2025 19:43:38 +0000 Subject: [PATCH] fix: yaml schema --- .woodpecker.yml | 80 ++++++++++++++++++++++--------------------------- 1 file changed, 36 insertions(+), 44 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 256e62b..dbab46d 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,78 +1,70 @@ -# .woodpecker.yml ── runs on the dev1 agent +# .woodpecker.yml ── dev1 ➜ staging kind: pipeline type: docker name: build-and-deploy -# ──────────────────────────────────────────────── -# 1. Clone / workspace (defaults are fine) -# ──────────────────────────────────────────────── +workspace: + base: /woodpecker + path: src + clone: depth: 50 -workspace: - base: /woodpecker # host‑path inside the agent - path: src # repo will be /woodpecker/src - -# ──────────────────────────────────────────────── -# 2. Build & push Docker images to Artifact Registry -# ──────────────────────────────────────────────── +############################################################ +# 1. Build & push the images +############################################################ steps: - name: build-and-push - image: gcr.io/google.com/cloudsdktool/cloud-sdk:slim - privileged: true # we need Docker‑in‑Docker + image: docker:24.0.9-dind + privileged: true volumes: - name: docker-sock path: /var/run/docker.sock - + settings: + registry: us-central1-docker.pkg.dev + username: _json_key + password: + from_secret: GCP_SA_JSON commands: - # authenticate to GAR using the VM’s metadata‑server token - - gcloud auth configure-docker us-central1-docker.pkg.dev --quiet - - # buildx (with cross‑stage cache) → push to Artifact Registry - | + set -e REG=us-central1-docker.pkg.dev/aptivaai-dev/aptiva-repo - TAG=${CI_COMMIT_SHA:-latest} - + TAG=${CI_COMMIT_SHA::8} docker buildx create --use --name woodpecker || true - for svc in server1 server2 server3 nginx ; do docker buildx build \ --file Dockerfile.${svc} \ --tag ${REG}/${svc}:${TAG} \ - --cache-from type=registry,ref=${REG}/${svc}:cache \ - --cache-to type=registry,ref=${REG}/${svc}:cache,mode=max \ --push . done - when: - event: [push, manual] - branch: [master] + event: + - push + - manual + branch: + - master -# ──────────────────────────────────────────────── -# 3. Rolling update on the *staging* VM -# ──────────────────────────────────────────────── +############################################################ +# 2. Rolling update on staging +############################################################ - name: deploy-staging image: appleboy/drone-ssh settings: - host: 10.128.0.12 # **internal** IP of aptiva‑staging + host: 10.128.0.12 # internal IP of staging VM + port: 22 username: jcoakley key: from_secret: STAGING_SSH_KEY known_hosts: from_secret: STAGING_KNOWN_HOSTS - port: 22 script: - - cd /opt/aptiva-staging-app - - ./refresh_secrets.sh # refreshes GCP Secret‑Manager env‑vars - - IMG_TAG=${CI_COMMIT_SHA} docker compose pull - - IMG_TAG=${CI_COMMIT_SHA} docker compose up -d --remove-orphans - + - cd /opt/aptiva-staging-app + - ./refresh_secrets.sh + - IMG_TAG=${CI_COMMIT_SHA::8} docker compose pull + - IMG_TAG=${CI_COMMIT_SHA::8} docker compose up -d --remove-orphans when: - event: [push, manual] - branch: [master] - -# ──────────────────────────────────────────────── -volumes: -- name: docker-sock - host: - path: /var/run/docker.sock + event: + - push + - manual + branch: + - master