feat: Gitea Webhook Auto-Deploy Service für Staging
deployer-Container (almir/webhook) lauscht auf Port 9001. Bei Push → git pull, npm build, migrate, cache clear, workers restart. Secret via DEPLOY_WEBHOOK_SECRET in .env konfigurieren. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>main
parent
2cf56a3caf
commit
3c0676acd9
|
|
@ -163,6 +163,25 @@ services:
|
||||||
depends_on:
|
depends_on:
|
||||||
- redis
|
- redis
|
||||||
|
|
||||||
|
deployer:
|
||||||
|
image: almir/webhook
|
||||||
|
container_name: nexxo_deployer
|
||||||
|
restart: unless-stopped
|
||||||
|
ports:
|
||||||
|
- "9001:9001"
|
||||||
|
environment:
|
||||||
|
DEPLOY_WEBHOOK_SECRET: ${DEPLOY_WEBHOOK_SECRET}
|
||||||
|
volumes:
|
||||||
|
- ./docker/webhook/hooks.json:/etc/webhook/hooks.json:ro
|
||||||
|
- ./docker/webhook/entrypoint.sh:/entrypoint.sh:ro
|
||||||
|
- ./docker/webhook/deploy.sh:/scripts/deploy.sh
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
- /usr/bin/docker:/usr/bin/docker:ro
|
||||||
|
- ./:/aziros
|
||||||
|
entrypoint: ["/bin/sh", "/entrypoint.sh"]
|
||||||
|
networks:
|
||||||
|
- nexxo
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
nexxo:
|
nexxo:
|
||||||
driver: bridge
|
driver: bridge
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,29 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
COMPOSE_FILE="/aziros/docker-compose.staging.yml"
|
||||||
|
|
||||||
|
echo "[deploy] $(date) – Deploy gestartet"
|
||||||
|
cd /aziros
|
||||||
|
|
||||||
|
git pull origin main
|
||||||
|
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app npm ci --silent
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app npm run build:staging
|
||||||
|
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app composer install --no-dev --optimize-autoloader --quiet
|
||||||
|
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app php artisan migrate --force
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app php artisan db:seed --class=TranslationSeeder --force
|
||||||
|
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app php artisan config:clear
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app php artisan cache:clear
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app php artisan view:clear
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app php artisan route:clear
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app php artisan config:cache
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app php artisan route:cache
|
||||||
|
docker compose -f "$COMPOSE_FILE" exec -T app php artisan view:cache
|
||||||
|
|
||||||
|
docker compose -f "$COMPOSE_FILE" restart worker scheduler mail-worker reverb
|
||||||
|
|
||||||
|
echo "[deploy] ✅ Deploy fertig"
|
||||||
|
|
@ -0,0 +1,4 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# Substituiert ${DEPLOY_WEBHOOK_SECRET} im hooks.json-Template
|
||||||
|
envsubst < /etc/webhook/hooks.json > /tmp/hooks.json
|
||||||
|
exec webhook -hooks /tmp/hooks.json -verbose -port 9001
|
||||||
|
|
@ -0,0 +1,18 @@
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"id": "deploy",
|
||||||
|
"execute-command": "/scripts/deploy.sh",
|
||||||
|
"command-working-directory": "/aziros",
|
||||||
|
"response-message": "Deploy gestartet",
|
||||||
|
"trigger-rule": {
|
||||||
|
"match": {
|
||||||
|
"type": "value",
|
||||||
|
"value": "${DEPLOY_WEBHOOK_SECRET}",
|
||||||
|
"parameter": {
|
||||||
|
"source": "header",
|
||||||
|
"name": "X-Webhook-Secret"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
Loading…
Reference in New Issue