jcoakley/dev1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
81e51735c3
dev1/.woodpecker.yml

38 lines
1.4 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

steps:
ssh-test: # name unchanged
image: google/cloud-sdk:latest
commands:
- |
#!/usr/bin/env bash
set -euo pipefail
mkdir -p ~/.ssh
# ── Fetch & install secrets from Secret Manager ─────────────
gcloud secrets versions access latest \
--secret=STAGING_KNOWN_HOSTS --project=aptivaai-dev | base64 -d > ~/.ssh/known_hosts
chmod 644 ~/.ssh/known_hosts
gcloud secrets versions access latest \
--secret=STAGING_SSH_KEY --project=aptivaai-dev | base64 -d > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
echo "🔑 SSH material ready"
# ── Tag comes from the commit that triggered Woodpecker ─────
TAG=$(echo "$CI_COMMIT_SHA" | head -c 8)
echo "🚀 Deploying tag ${TAG} to staging"
# ── SSH into the staging VM and recreate the stack ─────────
ssh -o StrictHostKeyChecking=yes \
-i ~/.ssh/id_ed25519 \
jcoakley@10.128.0.12 <<EOF
set -euo pipefail
cd /opt/aptiva-staging-app
echo "Pulling containers with IMG_TAG=${TAG}"
IMG_TAG=${TAG} docker compose pull
echo "Recreating services"
IMG_TAG=${TAG} docker compose up -d --force-recreate --remove-orphans
echo "✅ Staging stack refreshed"
EOF
Reference in New Issue View Git Blame Copy Permalink