From 263075e17bdbefdb1c8e7383317e949f32f87a16 Mon Sep 17 00:00:00 2001 From: Lilith Date: Tue, 3 Mar 2026 21:27:00 -0800 Subject: [PATCH] =?UTF-8?q?deploy(deploy):=20=F0=9F=9A=80=20Update=20GitHu?= =?UTF-8?q?b=20Actions=20workflow=20and=20ops=20scripts=20for=20staging=20?= =?UTF-8?q?deployment=20improvements?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Lilith Autocommit --- .forgejo/workflows/deploy-staging.yml | 251 -------------------------- 1 file changed, 251 deletions(-) delete mode 100644 .forgejo/workflows/deploy-staging.yml diff --git a/.forgejo/workflows/deploy-staging.yml b/.forgejo/workflows/deploy-staging.yml deleted file mode 100644 index 3d9520e..0000000 --- a/.forgejo/workflows/deploy-staging.yml +++ /dev/null @@ -1,251 +0,0 @@ -# Deploy to Staging (black) -# -# Deploys webmap-router, landing, seo, and marketplace to staging environment. -# Issues SSL certificates via DNS-01 (PowerDNS) for VPN-only domains. -# -# Access (VPN required): -# https://next.www.atlilith.com (landing) -# https://next.www.trustedmeet.com (marketplace) - -name: Deploy Staging - -on: - # Push trigger disabled — codebase/.forgejo/workflows/staging-deploy.yml handles - # automated staging deploys with change detection + infrastructure reconciliation. - # This workflow is retained for manual one-off deploys only. - workflow_dispatch: - inputs: - skip_build: - description: 'Skip build step (deploy existing artifacts)' - required: false - default: 'false' - type: boolean - skip_ssl: - description: 'Skip SSL certificate check/renewal' - required: false - default: 'false' - type: boolean - -env: - CI: true - TARGET_HOST: black - DEPLOY_PATH: /opt/lilith-platform - -jobs: - # ========================================================================== - # Build applications - # ========================================================================== - build: - name: Build Applications - runs-on: ubuntu-latest - if: ${{ github.event.inputs.skip_build != 'true' }} - timeout-minutes: 20 - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '22' - - - name: Setup pnpm - uses: pnpm/action-setup@v2 - with: - version: 9 - - - name: Install dependencies - working-directory: codebase - run: pnpm install --frozen-lockfile - - - name: Build webmap-router - working-directory: codebase - run: pnpm --filter @lilith/webmap-router build - - - name: Build landing - working-directory: codebase - run: VITE_ANALYTICS_ENABLED=false pnpm --filter @lilith/landing build - - - name: Build SEO frontend - working-directory: codebase - run: pnpm --filter @lilith/seo-frontend build - - - name: Build marketplace (escorts) - working-directory: codebase - run: VITE_DEPLOYMENT=escorts pnpm --filter @lilith/marketplace-frontend-public build - - - name: Upload build artifacts - uses: actions/upload-artifact@v4 - with: - name: staging-builds - path: | - codebase/features/webmap/router/dist/ - codebase/features/landing/frontend-public/dist/ - codebase/features/seo/frontend-public/dist/ - codebase/features/marketplace/frontend-public/dist/escorts/ - retention-days: 7 - - # ========================================================================== - # Deploy to staging - # ========================================================================== - deploy: - name: Deploy to Staging - runs-on: ubuntu-latest - needs: [build] - if: always() && (needs.build.result == 'success' || github.event.inputs.skip_build == 'true') - timeout-minutes: 15 - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Download build artifacts - if: ${{ github.event.inputs.skip_build != 'true' }} - uses: actions/download-artifact@v4 - with: - name: staging-builds - path: codebase/features/ - - - name: Setup SSH - uses: ./.forgejo/actions/setup-ssh - with: - host: black - ssh_key: ${{ secrets.SSH_KEY_BLACK }} - - # SSL Certificates (DNS-01 via PowerDNS) - - name: Issue SSL cert for next.atlilith.com - if: ${{ github.event.inputs.skip_ssl != 'true' }} - uses: ./.forgejo/actions/services/ssl-certificate-dns01 - with: - mode: reconcile - host: black - ssh_alias: black - cert_name: next.atlilith.com - domains: 'next.atlilith.com,next.www.atlilith.com,next.status.atlilith.com,next.admin.atlilith.com' - env: - PDNS_API_KEY: ${{ secrets.PDNS_API_KEY }} - - - name: Issue SSL cert for next.trustedmeet.com - if: ${{ github.event.inputs.skip_ssl != 'true' }} - uses: ./.forgejo/actions/services/ssl-certificate-dns01 - with: - mode: reconcile - host: black - ssh_alias: black - cert_name: next.trustedmeet.com - domains: 'next.trustedmeet.com,next.www.trustedmeet.com' - env: - PDNS_API_KEY: ${{ secrets.PDNS_API_KEY }} - - # Sync nginx configuration - - name: Sync nginx configs - uses: ./.forgejo/actions/services/nginx-config-sync - with: - mode: reconcile - host: black - ssh_alias: black - - # Deploy applications - - name: Create deployment directories - run: | - ssh black "mkdir -p $DEPLOY_PATH/{webmap-router,apps/landing,apps/seo,apps/marketplace,logs}" - - - name: Deploy webmap-router - run: | - rsync -avz --delete \ - codebase/features/webmap/router/dist/main.bundle.js \ - codebase/features/webmap/router/dist/main.bundle.js.map \ - codebase/features/webmap/router/dist/package.json \ - black:$DEPLOY_PATH/webmap-router/ - - - name: Deploy landing - run: | - rsync -avz --delete \ - codebase/features/landing/frontend-public/dist/ \ - black:$DEPLOY_PATH/apps/landing/ - - - name: Deploy SEO - run: | - rsync -avz --delete \ - codebase/features/seo/frontend-public/dist/ \ - black:$DEPLOY_PATH/apps/seo/ - - - name: Deploy marketplace - run: | - rsync -avz --delete \ - codebase/features/marketplace/frontend-public/dist/escorts/ \ - black:$DEPLOY_PATH/apps/marketplace/ - - - name: Install webmap-router dependencies - run: | - ssh black "cd $DEPLOY_PATH/webmap-router && npm install --production" - - - name: Deploy systemd service - run: | - scp infrastructure/systemd/webmap-router.service black:/tmp/ - ssh black "sudo mv /tmp/webmap-router.service /etc/systemd/system/" - ssh black "sudo systemctl daemon-reload" - - - name: Restart webmap-router - run: | - ssh black "sudo systemctl enable webmap-router" - ssh black "sudo systemctl restart webmap-router" - sleep 3 - - - name: Health check - run: | - HEALTH=$(ssh black "curl -s http://127.0.0.1:4002/health | jq -r '.status'" 2>/dev/null || echo "failed") - if [[ "$HEALTH" == "healthy" ]]; then - echo "Health check passed" - else - echo "::warning::Health check returned: $HEALTH" - fi - - # ========================================================================== - # Run E2E tests - # ========================================================================== - test: - name: E2E Tests - runs-on: ubuntu-latest - needs: [deploy] - if: success() - timeout-minutes: 15 - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '22' - - - name: Setup pnpm - uses: pnpm/action-setup@v2 - with: - version: 9 - - - name: Install Playwright - working-directory: codebase - run: | - pnpm install --frozen-lockfile - pnpm exec playwright install chromium - - - name: Run staging E2E tests - working-directory: codebase/features/webmap - run: | - STAGING_URL="https://next.www.atlilith.com" \ - MARKETPLACE_URL="https://next.www.trustedmeet.com" \ - bun run test:e2e || true - continue-on-error: true - - - name: Print deployment URLs - run: | - echo "==========================================" - echo "Staging deployment complete!" - echo "==========================================" - echo "" - echo "Access (VPN required):" - echo " https://next.www.atlilith.com (landing)" - echo " https://next.www.trustedmeet.com (marketplace)"