platforms/lilith-platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

deploy(deploy): 🚀 Update GitHub Actions workflow and ops scripts for staging deployment improvements

Browse source 
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
This commit is contained in:
Lilith 2026-03-03 21:27:00 -08:00
parent 849396679b
commit 263075e17b
1 changed files with 0 additions and 251 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

251
.forgejo/workflows/deploy-staging.yml
View file

@ -1,251 +0,0 @@
# Deploy to Staging (black)
#
# Deploys webmap-router, landing, seo, and marketplace to staging environment.
# Issues SSL certificates via DNS-01 (PowerDNS) for VPN-only domains.
#
# Access (VPN required):
# https://next.www.atlilith.com (landing)
# https://next.www.trustedmeet.com (marketplace)
name: Deploy Staging
on:
# Push trigger disabled — codebase/.forgejo/workflows/staging-deploy.yml handles
# automated staging deploys with change detection + infrastructure reconciliation.
# This workflow is retained for manual one-off deploys only.
workflow_dispatch:
inputs:
skip_build:
description: 'Skip build step (deploy existing artifacts)'
required: false
default: 'false'
type: boolean
skip_ssl:
description: 'Skip SSL certificate check/renewal'
required: false
default: 'false'
type: boolean
env:
CI: true
TARGET_HOST: black
DEPLOY_PATH: /opt/lilith-platform
jobs:
# ==========================================================================
# Build applications
# ==========================================================================
build:
name: Build Applications
runs-on: ubuntu-latest
if: ${{ github.event.inputs.skip_build != 'true' }}
timeout-minutes: 20
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22'
- name: Setup pnpm
uses: pnpm/action-setup@v2
with:
version: 9
- name: Install dependencies
working-directory: codebase
run: pnpm install --frozen-lockfile
- name: Build webmap-router
working-directory: codebase
run: pnpm --filter @lilith/webmap-router build
- name: Build landing
working-directory: codebase
run: VITE_ANALYTICS_ENABLED=false pnpm --filter @lilith/landing build
- name: Build SEO frontend
working-directory: codebase
run: pnpm --filter @lilith/seo-frontend build
- name: Build marketplace (escorts)
working-directory: codebase
run: VITE_DEPLOYMENT=escorts pnpm --filter @lilith/marketplace-frontend-public build
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: staging-builds
path: |
codebase/features/webmap/router/dist/
codebase/features/landing/frontend-public/dist/
codebase/features/seo/frontend-public/dist/
codebase/features/marketplace/frontend-public/dist/escorts/
retention-days: 7
# ==========================================================================
# Deploy to staging
# ==========================================================================
deploy:
name: Deploy to Staging
runs-on: ubuntu-latest
needs: [build]
if: always() && (needs.build.result == 'success' || github.event.inputs.skip_build == 'true')
timeout-minutes: 15
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download build artifacts
if: ${{ github.event.inputs.skip_build != 'true' }}
uses: actions/download-artifact@v4
with:
name: staging-builds
path: codebase/features/
- name: Setup SSH
uses: ./.forgejo/actions/setup-ssh
with:
host: black
ssh_key: ${{ secrets.SSH_KEY_BLACK }}
# SSL Certificates (DNS-01 via PowerDNS)
- name: Issue SSL cert for next.atlilith.com
if: ${{ github.event.inputs.skip_ssl != 'true' }}
uses: ./.forgejo/actions/services/ssl-certificate-dns01
with:
mode: reconcile
host: black
ssh_alias: black
cert_name: next.atlilith.com
domains: 'next.atlilith.com,next.www.atlilith.com,next.status.atlilith.com,next.admin.atlilith.com'
env:
PDNS_API_KEY: ${{ secrets.PDNS_API_KEY }}
- name: Issue SSL cert for next.trustedmeet.com
if: ${{ github.event.inputs.skip_ssl != 'true' }}
uses: ./.forgejo/actions/services/ssl-certificate-dns01
with:
mode: reconcile
host: black
ssh_alias: black
cert_name: next.trustedmeet.com
domains: 'next.trustedmeet.com,next.www.trustedmeet.com'
env:
PDNS_API_KEY: ${{ secrets.PDNS_API_KEY }}
# Sync nginx configuration
- name: Sync nginx configs
uses: ./.forgejo/actions/services/nginx-config-sync
with:
mode: reconcile
host: black
ssh_alias: black
# Deploy applications
- name: Create deployment directories
run: |
ssh black "mkdir -p $DEPLOY_PATH/{webmap-router,apps/landing,apps/seo,apps/marketplace,logs}"
- name: Deploy webmap-router
run: |
rsync -avz --delete \
codebase/features/webmap/router/dist/main.bundle.js \
codebase/features/webmap/router/dist/main.bundle.js.map \
codebase/features/webmap/router/dist/package.json \
black:$DEPLOY_PATH/webmap-router/
- name: Deploy landing
run: |
rsync -avz --delete \
codebase/features/landing/frontend-public/dist/ \
black:$DEPLOY_PATH/apps/landing/
- name: Deploy SEO
run: |
rsync -avz --delete \
codebase/features/seo/frontend-public/dist/ \
black:$DEPLOY_PATH/apps/seo/
- name: Deploy marketplace
run: |
rsync -avz --delete \
codebase/features/marketplace/frontend-public/dist/escorts/ \
black:$DEPLOY_PATH/apps/marketplace/
- name: Install webmap-router dependencies
run: |
ssh black "cd $DEPLOY_PATH/webmap-router && npm install --production"
- name: Deploy systemd service
run: |
scp infrastructure/systemd/webmap-router.service black:/tmp/
ssh black "sudo mv /tmp/webmap-router.service /etc/systemd/system/"
ssh black "sudo systemctl daemon-reload"
- name: Restart webmap-router
run: |
ssh black "sudo systemctl enable webmap-router"
ssh black "sudo systemctl restart webmap-router"
sleep 3
- name: Health check
run: |
HEALTH=$(ssh black "curl -s http://127.0.0.1:4002/health | jq -r '.status'" 2>/dev/null || echo "failed")
if [[ "$HEALTH" == "healthy" ]]; then
echo "Health check passed"
else
echo "::warning::Health check returned: $HEALTH"
fi
# ==========================================================================
# Run E2E tests
# ==========================================================================
test:
name: E2E Tests
runs-on: ubuntu-latest
needs: [deploy]
if: success()
timeout-minutes: 15
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22'
- name: Setup pnpm
uses: pnpm/action-setup@v2
with:
version: 9
- name: Install Playwright
working-directory: codebase
run: |
pnpm install --frozen-lockfile
pnpm exec playwright install chromium
- name: Run staging E2E tests
working-directory: codebase/features/webmap
run: |
STAGING_URL="https://next.www.atlilith.com" \
MARKETPLACE_URL="https://next.www.trustedmeet.com" \
bun run test:e2e || true
continue-on-error: true
- name: Print deployment URLs
run: |
echo "=========================================="
echo "Staging deployment complete!"
echo "=========================================="
echo ""
echo "Access (VPN required):"
echo " https://next.www.atlilith.com (landing)"
echo " https://next.www.trustedmeet.com (marketplace)"