# .gitea/workflows/ci-and-cd.yml name: CI & CD on: push: branches: - dev jobs: lint_commits: name: Lint Commits runs-on: [self-hosted] steps: - name: Checkout Repository uses: actions/checkout@v3 with: fetch-depth: 0 - name: Install Dependencies env: NODE_ENV: development NPM_CONFIG_PRODUCTION: 'false' run: npm ci --no-audit - name: Lint Commit Messages run: npx commitlint --from=origin/dev --to=HEAD release: name: Release needs: lint_commits runs-on: [self-hosted] outputs: sha_short: ${{ steps.commit_short.outputs.sha_short }} is_tagged: ${{ steps.check_tag.outputs.is_tagged }} steps: - name: Checkout Repository uses: actions/checkout@v3 with: fetch-depth: 0 fetch-tags: true - name: Commit Short Hash id: commit_short run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '20' - name: Install Dependencies run: npm ci --no-audit - name: Run Semantic Release env: GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} GITEA_URL: https://git.dejodigital.com.br run: npx semantic-release - name: Check if Release Tag Exists id: check_tag run: | if git tag --points-at HEAD | grep -q '^v'; then echo "is_tagged=true" >> $GITHUB_OUTPUT else echo "is_tagged=false" >> $GITHUB_OUTPUT fi build_and_push: name: Docker | Build and Push needs: release if: ${{ needs.release.outputs.is_tagged == 'true' }} runs-on: [self-hosted] env: DEJO_NODE_AWS_REGION: us-east-1 AWS_ECR_REPOSITORY: dev-dejo/dejo-node DISABLE_DISCORD_NOTIFY: false DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} sha_short: ${{ needs.release.outputs.sha_short }} steps: - name: Checkout Repository uses: actions/checkout@v3 with: fetch-depth: 0 - name: Discord | Notify Start if: ${{ env.DISABLE_DISCORD_NOTIFY != 'true' }} run: | TAG=${GITHUB_REF#refs/tags/} curl -X POST -H "Content-Type: application/json" \ -d "{\"content\":\":arrow_forward: Deploy da versão **${TAG}** iniciado...\"}" \ "${DISCORD_WEBHOOK}" - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Copy Env run: cp infrastructure/.env.example infrastructure/.env - name: Cache Docker layers uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: ${{ runner.os }}-buildx - name: Docker Login to AWS ECR uses: docker/login-action@v2 with: registry: ${{ secrets.DEV_DEJO_AWS_ECR_REGISTRY }} username: ${{ secrets.DEJO_NODE_AWS_ACCESS_KEY }} password: ${{ secrets.DEJO_NODE_AWS_SECRET_KEY }} - name: Build and Push Backend id: build_push continue-on-error: true uses: docker/build-push-action@v5 with: context: . file: ./Dockerfile push: true tags: | ${{ secrets.DEV_DEJO_AWS_ECR_REGISTRY }}/${{ env.AWS_ECR_REPOSITORY }}:latest ${{ secrets.DEV_DEJO_AWS_ECR_REGISTRY }}/${{ env.AWS_ECR_REPOSITORY }}:${{ env.sha_short }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new - name: Discord | Notify Error (Build) if: steps.build_push.outcome == 'failure' && env.DISABLE_DISCORD_NOTIFY != 'true' run: | curl -X POST -H "Content-Type: application/json" \ -d '{"content":":x: Falha no build/push do Docker. Veja logs."}' \ "${DISCORD_WEBHOOK}" - name: Fail job if build_push failed if: steps.build_push.outcome == 'failure' run: exit 1 - name: Moving Cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - name: Discord | Notify Success (Build) if: steps.build_push.outcome == 'success' && env.DISABLE_DISCORD_NOTIFY != 'true' run: | curl -X POST -H "Content-Type: application/json" \ -d '{"content":":white_check_mark: Build e push do Docker concluídos com sucesso."}' \ "${DISCORD_WEBHOOK}" kustomize_apply: name: Kubernetes | Kustomize Apply needs: build_and_push runs-on: [self-hosted] env: DEJO_NODE_AWS_REGION: us-east-1 KUBE_NAMESPACE: dejo-node DISABLE_DISCORD_NOTIFY: false DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} steps: - name: Checkout Repository uses: actions/checkout@v3 with: fetch-depth: 0 - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.DEJO_NODE_AWS_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.DEJO_NODE_AWS_SECRET_KEY }} aws-region: ${{ env.DEJO_NODE_AWS_REGION }} - name: Apply Kustomize id: kustomize continue-on-error: true run: | echo "${{ secrets.DEJO_NODE_KUBE_CONFIG_DATA_DEV }}" | base64 -d > kubeconfig export KUBECONFIG=$PWD/kubeconfig kubectl apply -k infrastructure/kubernetes/dev -n "${KUBE_NAMESPACE}" - name: Discord | Notify Error (Kustomize) if: steps.kustomize.outcome == 'failure' && env.DISABLE_DISCORD_NOTIFY != 'true' run: | curl -X POST -H "Content-Type: application/json" \ -d '{"content":":x: Falha ao aplicar Kustomize. Veja logs."}' \ "${DISCORD_WEBHOOK}" - name: Fail job if kustomize failed if: steps.kustomize.outcome == 'failure' run: exit 1 - name: Discord | Notify Success (Kustomize) if: steps.kustomize.outcome == 'success' && env.DISABLE_DISCORD_NOTIFY != 'true' run: | curl -X POST -H "Content-Type: application/json" \ -d '{"content":":white_check_mark: Kustomize aplicado com sucesso."}' \ "${DISCORD_WEBHOOK}" deploy_backend: name: Kubernetes | Deploy App needs: kustomize_apply runs-on: [self-hosted] env: DEJO_NODE_AWS_REGION: us-east-1 AWS_ECR_REPOSITORY: dev-dejo/dejo-node KUBE_NAMESPACE: dejo-node KUBE_DEPLOY_NAME: api-app DISABLE_DISCORD_NOTIFY: false DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} sha_short: ${{ needs.release.outputs.sha_short }} steps: - name: Checkout Repository uses: actions/checkout@v3 with: fetch-depth: 0 - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.DEJO_NODE_AWS_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.DEJO_NODE_AWS_SECRET_KEY }} aws-region: ${{ env.DEJO_NODE_AWS_REGION }} - name: Deploy API id: deploy_api continue-on-error: true run: | echo "${{ secrets.DEJO_NODE_KUBE_CONFIG_DATA_DEV }}" | base64 -d > kubeconfig export KUBECONFIG=$PWD/kubeconfig kubectl set image deployment/${{ env.KUBE_DEPLOY_NAME }} \ ${{ env.KUBE_DEPLOY_NAME }}="${{ secrets.DEV_DEJO_AWS_ECR_REGISTRY }}/${{ env.AWS_ECR_REPOSITORY }}:${{ env.sha_short }}" \ --record -n "${KUBE_NAMESPACE}" - name: Discord | Notify Error (Deploy) if: steps.deploy_api.outcome == 'failure' && env.DISABLE_DISCORD_NOTIFY != 'true' run: | curl -X POST -H "Content-Type: application/json" \ -d '{"content":":x: Erro durante o deploy! Veja logs."}' \ "${DISCORD_WEBHOOK}" - name: Fail job if deploy_api failed if: steps.deploy_api.outcome == 'failure' run: exit 1 - name: Discord | Notify Success (Deploy) if: steps.deploy_api.outcome == 'success' && env.DISABLE_DISCORD_NOTIFY != 'true' run: | curl -X POST -H "Content-Type: application/json" \ -d '{"content":":white_check_mark: Deploy concluído com sucesso! :rocket:"}' \ "${DISCORD_WEBHOOK}"