fix: yaml schema

2025-07-30 19:43:38 +00:00 · 2025-07-30 19:43:38 +00:00 · e289847d73
commit e289847d73
parent 7f9f2657af
1 changed files with 36 additions and 44 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -1,78 +1,70 @@
-# .woodpecker.yml  ── runs on the dev1 agent
+# .woodpecker.yml  ── dev1 ➜ staging
 kind: pipeline
 type: docker
 name: build-and-deploy
-# ────────────────────────────────────────────────
+workspace:
-# 1. Clone / workspace (defaults are fine)
+  base: /woodpecker
-# ────────────────────────────────────────────────
+  path: src
 clone:
  depth: 50
-workspace:
+############################################################
-  base: /woodpecker   # host‑path inside the agent
+# 1. Build & push the images
-  path: src           # repo will be /woodpecker/src
+############################################################
 # ────────────────────────────────────────────────
 # 2. Build & push Docker images to Artifact Registry
 # ────────────────────────────────────────────────
 steps:
 - name: build-and-push
-  image: gcr.io/google.com/cloudsdktool/cloud-sdk:slim
+  image: docker:24.0.9-dind
-  privileged: true            # we need Docker‑in‑Docker
+  privileged: true
  volumes:
  - name: docker-sock
    path: /var/run/docker.sock
-
+  settings:
    registry: us-central1-docker.pkg.dev
    username: _json_key
    password:
      from_secret: GCP_SA_JSON
  commands:
  # authenticate to GAR using the VM’s metadata‑server token
  - gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
  # buildx (with cross‑stage cache) → push to Artifact Registry
  - |
    set -e
    REG=us-central1-docker.pkg.dev/aptivaai-dev/aptiva-repo
-    TAG=${CI_COMMIT_SHA:-latest}
+    TAG=${CI_COMMIT_SHA::8}
    docker buildx create --use --name woodpecker || true
    for svc in server1 server2 server3 nginx ; do
      docker buildx build \
        --file Dockerfile.${svc} \
        --tag ${REG}/${svc}:${TAG} \
        --cache-from type=registry,ref=${REG}/${svc}:cache \
        --cache-to   type=registry,ref=${REG}/${svc}:cache,mode=max \
        --push .
    done
  when:
-    event: [push, manual]
+    event:
-    branch: [master]
+      - push
      - manual
    branch:
      - master
-# ────────────────────────────────────────────────
+############################################################
-# 3. Rolling update on the *staging* VM
+# 2. Rolling update on staging
-# ────────────────────────────────────────────────
+############################################################
 - name: deploy-staging
  image: appleboy/drone-ssh
  settings:
-    host: 10.128.0.12               # **internal** IP of aptiva‑staging
+    host: 10.128.0.12            # internal IP of staging VM
    port: 22
    username: jcoakley
    key:
      from_secret: STAGING_SSH_KEY
    known_hosts:
      from_secret: STAGING_KNOWN_HOSTS
    port: 22
    script:
-    - cd /opt/aptiva-staging-app
+      - cd /opt/aptiva-staging-app
-    - ./refresh_secrets.sh          # refreshes GCP Secret‑Manager env‑vars
+      - ./refresh_secrets.sh
-    - IMG_TAG=${CI_COMMIT_SHA} docker compose pull
+      - IMG_TAG=${CI_COMMIT_SHA::8} docker compose pull
-    - IMG_TAG=${CI_COMMIT_SHA} docker compose up -d --remove-orphans
+      - IMG_TAG=${CI_COMMIT_SHA::8} docker compose up -d --remove-orphans
  when:
-    event: [push, manual]
+    event:
-    branch: [master]
+      - push
-
+      - manual
-# ────────────────────────────────────────────────
+    branch:
-volumes:
+      - master
 - name: docker-sock
  host:
    path: /var/run/docker.sock