diff --git a/.woodpecker.yml b/.woodpecker.yml index 0d2e0f9..d311d9b 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -15,45 +15,52 @@ steps: image: docker:24.0-cli privileged: true volumes: - - name: docker-sock - path: /var/run/docker.sock + - name: docker-sock + path: /var/run/docker.sock commands: - - | - set -eu - REG=us-central1-docker.pkg.dev/aptivaai-dev/aptiva-repo - TAG=$(echo "$CI_COMMIT_SHA" | head -c 8) - docker buildx create --use --name woodpecker || true - for svc in server1 server2 server3 nginx; do - docker buildx build -f Dockerfile.${svc} \ - -t ${REG}/${svc}:${TAG} --push . - done - when: - event: [push, manual] - branch: [master] - -# ── 2. Deploy to staging ──────────────────────────────── -- name: deploy-staging - image: appleboy/drone-ssh - settings: - host: 10.128.0.12 - port: 22 - username: jcoakley - key: - from_secret: STAGING_SSH_KEY # ← the only secrets we need - known_hosts: - from_secret: STAGING_KNOWN_HOSTS - script: - | set -eu + REG=us-central1-docker.pkg.dev/aptivaai-dev/aptiva-repo TAG=$(echo "$CI_COMMIT_SHA" | head -c 8) - cd /opt/aptiva-staging-app - IMG_TAG=$TAG docker compose pull - IMG_TAG=$TAG docker compose up -d --force-recreate --remove-orphans + docker buildx create --use --name woodpecker || true + for svc in server1 server2 server3 nginx; do + docker buildx build -f Dockerfile.${svc} \ + -t ${REG}/${svc}:${TAG} --push . + done when: event: [push, manual] branch: [master] +# ── 2. Deploy to staging (raw SSH) ────────────────────── +- name: deploy-staging + image: alpine:latest + commands: + - | + set -eu + apk add --no-cache openssh bash + + mkdir -p ~/.ssh + echo "$STAGING_KNOWN_HOSTS" > ~/.ssh/known_hosts + echo "$STAGING_SSH_KEY" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + + TAG=$(echo "$CI_COMMIT_SHA" | head -c 8) + ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes jcoakley@10.128.0.12 <