avm/mostovik-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: avm:3bd62263cf1b630727533b860b962e75e95a7e53
Branches Tags
avm:main avm:dev avm:codex/ci-registry-push avm:backup/feature-new-version-before-dev-rebase-20260428 avm:backup/dev-before-new-version-20260428 avm:feature/fix-admin avm:fix_config avm:feature/frontend-api-alignment-dev
...
compare: avm:main
Branches Tags
avm:dev avm:main avm:codex/ci-registry-push avm:backup/feature-new-version-before-dev-rebase-20260428 avm:backup/dev-before-new-version-20260428 avm:feature/fix-admin avm:fix_config avm:feature/frontend-api-alignment-dev

17 Commits
3bd62263cf ... main

Author SHA1 Message Date
avm
5eed8ec877 Merge dev into main
All checks were successful
CI/CD Pipeline / Quality Gate (push) Successful in 24s
Details
Deploy Customer Main / Build, Push, Deploy (push) Successful in 5m3s
Details
CI/CD Pipeline / Build and Push Images (push) Successful in 10s
Details
CI/CD Pipeline / Internal Notify (push) Successful in 0s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Successful in 1s
Details 
Pin customer deploy workflow to backend runner.
 2026-05-05 10:20:10 +03:00
Aleksandr Meshchriakov
f54aa4cb0b ci: pin customer deploy to backend runner
All checks were successful
CI/CD Pipeline / Quality Gate (push) Successful in 26s
Details
CI/CD Pipeline / Quality Gate (pull_request) Successful in 18s
Details
CI/CD Pipeline / Build and Push Images (push) Successful in 11s
Details
CI/CD Pipeline / Build and Push Images (pull_request) Successful in 1s
Details
CI/CD Pipeline / Internal Notify (push) Successful in 0s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Successful in 1s
Details
CI/CD Pipeline / Internal Notify (pull_request) Successful in 0s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (pull_request) Successful in 1s
Details
2026-05-05 09:19:42 +02:00
avm
5d583edfaa Merge dev into main
All checks were successful
CI/CD Pipeline / Quality Gate (push) Successful in 22s
Details
CI/CD Pipeline / Build and Push Images (push) Successful in 4s
Details
CI/CD Pipeline / Internal Notify (push) Successful in 1s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Successful in 1s
Details
Deploy Customer Main / Build, Push, Deploy (push) Successful in 17m31s
Details 
Merge dev into main for customer deploy.
 2026-05-05 01:35:05 +03:00
Aleksandr Meshchriakov
d082cb3885 ci: serialize customer deploys
All checks were successful
CI/CD Pipeline / Quality Gate (push) Successful in 18s
Details
CI/CD Pipeline / Quality Gate (pull_request) Successful in 18s
Details
CI/CD Pipeline / Build and Push Images (push) Successful in 4s
Details
CI/CD Pipeline / Build and Push Images (pull_request) Successful in 1s
Details
CI/CD Pipeline / Internal Notify (push) Successful in 1s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Successful in 1s
Details
CI/CD Pipeline / Internal Notify (pull_request) Successful in 0s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (pull_request) Successful in 1s
Details
2026-05-05 00:34:36 +02:00
avm
e963fb128c Merge dev into main
Some checks failed
CI/CD Pipeline / Quality Gate (push) Successful in 19s
Details
CI/CD Pipeline / Build and Push Images (push) Successful in 9s
Details
CI/CD Pipeline / Internal Notify (push) Has been cancelled
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Has been cancelled
Details
Deploy Customer Main / Build, Push, Deploy (push) Has been cancelled
Details 
Merge dev into main for customer deploy.
 2026-05-05 01:20:01 +03:00
Aleksandr Meshchriakov
3d9d143f7e ci: push customer images with docker buildx
Some checks failed
CI/CD Pipeline / Quality Gate (push) Successful in 17s
Details
CI/CD Pipeline / Quality Gate (pull_request) Successful in 17s
Details
CI/CD Pipeline / Build and Push Images (push) Has been cancelled
Details
CI/CD Pipeline / Internal Notify (push) Has been cancelled
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Has been cancelled
Details
CI/CD Pipeline / Build and Push Images (pull_request) Successful in 0s
Details
CI/CD Pipeline / Internal Notify (pull_request) Successful in 0s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (pull_request) Failing after 0s
Details
2026-05-05 00:18:04 +02:00
avm
54b61180a1 Merge dev into main
Some checks failed
CI/CD Pipeline / Quality Gate (push) Successful in 17s
Details
Deploy Customer Main / Build, Push, Deploy (push) Failing after 2m30s
Details
CI/CD Pipeline / Build and Push Images (push) Successful in 12s
Details
CI/CD Pipeline / Internal Notify (push) Has been cancelled
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Has been cancelled
Details 
Merge dev into main for customer deploy.
 2026-05-05 01:13:08 +03:00
Aleksandr Meshchriakov
99ec865dfa ci: use https registry for customer deploy
Some checks failed
CI/CD Pipeline / Quality Gate (push) Successful in 26s
Details
CI/CD Pipeline / Quality Gate (pull_request) Successful in 25s
Details
CI/CD Pipeline / Build and Push Images (push) Has been cancelled
Details
CI/CD Pipeline / Internal Notify (push) Has been cancelled
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Has been cancelled
Details
CI/CD Pipeline / Build and Push Images (pull_request) Successful in 0s
Details
CI/CD Pipeline / Internal Notify (pull_request) Successful in 1s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (pull_request) Failing after 1s
Details
2026-05-05 00:11:40 +02:00
avm
c326b4fc7c Merge dev into main
Some checks failed
CI/CD Pipeline / Quality Gate (push) Successful in 21s
Details
Deploy Customer Main / Build, Push, Deploy (push) Failing after 2m0s
Details
CI/CD Pipeline / Build and Push Images (push) Successful in 8s
Details
CI/CD Pipeline / Internal Notify (push) Has been cancelled
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Has been cancelled
Details 
Merge dev into main for customer deploy.
 2026-05-05 01:05:45 +03:00
Aleksandr Meshchriakov
a1894dfa48 ci: harden customer deploy auth
Some checks failed
CI/CD Pipeline / Quality Gate (pull_request) Successful in 25s
Details
CI/CD Pipeline / Quality Gate (push) Successful in 27s
Details
CI/CD Pipeline / Build and Push Images (push) Has been cancelled
Details
CI/CD Pipeline / Internal Notify (push) Has been cancelled
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Has been cancelled
Details
CI/CD Pipeline / Build and Push Images (pull_request) Successful in 1s
Details
CI/CD Pipeline / Internal Notify (pull_request) Successful in 1s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (pull_request) Failing after 1s
Details
2026-05-05 00:01:49 +02:00
avm
647e322b03 Merge dev into main
Some checks failed
CI/CD Pipeline / Quality Gate (push) Successful in 21s
Details
Deploy Customer Main / Build, Push, Deploy (push) Failing after 2m7s
Details
CI/CD Pipeline / Build and Push Images (push) Successful in 9s
Details
CI/CD Pipeline / Internal Notify (push) Successful in 1s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Successful in 1s
Details 
Deploy customer main pipeline and current dev state.
 2026-05-05 00:56:08 +03:00
Aleksandr Meshchriakov
7f1569feaf Merge remote-tracking branch 'origin/main' into dev
All checks were successful
CI/CD Pipeline / Quality Gate (pull_request) Successful in 17s
Details
CI/CD Pipeline / Build and Push Images (pull_request) Successful in 1s
Details
CI/CD Pipeline / Quality Gate (push) Successful in 21s
Details
CI/CD Pipeline / Internal Notify (pull_request) Successful in 0s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (pull_request) Successful in 1s
Details
CI/CD Pipeline / Build and Push Images (push) Successful in 9s
Details
CI/CD Pipeline / Internal Notify (push) Successful in 0s
Details
CI/CD Pipeline / Deploy Dev in Dokploy (push) Successful in 2s
Details 
# Conflicts:
#	.gitea/workflows/ci-cd.yml
 2026-05-04 23:53:40 +02:00
avm
57e520ba97 ci: default manual action to noop
All checks were successful
CI/CD Pipeline / Manual Actions Require Dev Branch (push) Has been skipped
Details
CI/CD Pipeline / Code Quality Checks (push) Successful in 1m54s
Details
CI/CD Pipeline / Run Tests (push) Successful in 2m41s
Details
CI/CD Pipeline / Telegram Notify Success (push) Successful in 12s
Details
2026-04-28 13:06:03 +03:00
Aleksandr Meshchriakov
37cb95a3e0 ci: default manual action to noop
All checks were successful
CI/CD Pipeline / Manual Actions Require Dev Branch (pull_request) Has been skipped
Details
CI/CD Pipeline / Run Tests (pull_request) Successful in 2m35s
Details
CI/CD Pipeline / Code Quality Checks (pull_request) Successful in 3m56s
Details
CI/CD Pipeline / Telegram Notify Success (pull_request) Successful in 12s
Details
2026-04-28 12:01:10 +02:00
avm
b7e38b191f ci: expose dev manual actions on default branch
All checks were successful
CI/CD Pipeline / Manual Actions Require Dev Branch (push) Has been skipped
Details
CI/CD Pipeline / Code Quality Checks (push) Successful in 2m40s
Details
CI/CD Pipeline / Run Tests (push) Successful in 2m52s
Details
CI/CD Pipeline / Telegram Notify Success (push) Successful in 11s
Details
2026-04-28 12:52:12 +03:00
Aleksandr Meshchriakov
f55cd26277 ci: expose dev manual actions on default branch
All checks were successful
CI/CD Pipeline / Manual Actions Require Dev Branch (pull_request) Has been skipped
Details
CI/CD Pipeline / Code Quality Checks (pull_request) Successful in 2m59s
Details
CI/CD Pipeline / Run Tests (pull_request) Successful in 3m3s
Details
CI/CD Pipeline / Telegram Notify Success (pull_request) Successful in 12s
Details
2026-04-28 11:48:41 +02:00
avm
a4d2ae99b7 Merge pull request 'dev' (#9) from dev into main
All checks were successful
CI/CD Pipeline / Code Quality Checks (push) Successful in 2m5s
Details
CI/CD Pipeline / Run Tests (push) Successful in 2m23s
Details
CI/CD Pipeline / Telegram Notify Success (push) Successful in 1m30s
Details 
Reviewed-on: #9
 2026-03-17 16:06:44 +03:00
1 changed files with 32 additions and 29 deletions
Expand all files Collapse all files

61
.gitea/workflows/deploy-customer-main.yml
View File

@@ -11,7 +11,7 @@ concurrency:
cancel-in-progress: true cancel-in-progress: true
env: env:
CUSTOMER_REGISTRY_HOST: registry.dev.nii-ecos.ru:80 CUSTOMER_REGISTRY_HOST: registry.dev.nii-ecos.ru
CUSTOMER_REGISTRY_NAMESPACE: avm CUSTOMER_REGISTRY_NAMESPACE: avm
CUSTOMER_WEB_IMAGE: mostovik-backend-web CUSTOMER_WEB_IMAGE: mostovik-backend-web
CUSTOMER_CELERY_IMAGE: mostovik-backend-celery CUSTOMER_CELERY_IMAGE: mostovik-backend-celery
@@ -24,7 +24,7 @@ env:
jobs: jobs:
deploy: deploy:
name: Build, Push, Deploy name: Build, Push, Deploy
runs-on: ubuntu-latest runs-on: [backend-docker]
timeout-minutes: 90 timeout-minutes: 90
steps: steps:
@@ -50,14 +50,16 @@ jobs:
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
GITEA_TOKEN: ${{ gitea.token }}
CUSTOMER_DEPLOY_SSH_KEY: ${{ secrets.CUSTOMER_DEPLOY_SSH_KEY }} CUSTOMER_DEPLOY_SSH_KEY: ${{ secrets.CUSTOMER_DEPLOY_SSH_KEY }}
CUSTOMER_DEPLOY_SSH_KEY_B64: ${{ secrets.CUSTOMER_DEPLOY_SSH_KEY_B64 }} CUSTOMER_DEPLOY_SSH_KEY_B64: ${{ secrets.CUSTOMER_DEPLOY_SSH_KEY_B64 }}
DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }} DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
run: | run: |
set -euo pipefail set -euo pipefail
registry_user="${REGISTRY_USER:-${REGISTRY_USERNAME:-}}" registry_user="${REGISTRY_USER:-${REGISTRY_USERNAME:-${GITHUB_ACTOR:-}}}"
registry_password="${REGISTRY_TOKEN:-${REGISTRY_PASSWORD:-}}" registry_password="${REGISTRY_TOKEN:-${REGISTRY_PASSWORD:-${GITEA_TOKEN:-}}}"
home_dir="${HOME:-/root}"
if [ -z "${registry_user}" ]; then if [ -z "${registry_user}" ]; then
echo "Missing registry user secret: set REGISTRY_USER or REGISTRY_USERNAME" >&2 echo "Missing registry user secret: set REGISTRY_USER or REGISTRY_USERNAME" >&2
@@ -70,18 +72,21 @@ jobs:
if [ -z "${CUSTOMER_DEPLOY_SSH_KEY:-}" ] \ if [ -z "${CUSTOMER_DEPLOY_SSH_KEY:-}" ] \
&& [ -z "${CUSTOMER_DEPLOY_SSH_KEY_B64:-}" ] \ && [ -z "${CUSTOMER_DEPLOY_SSH_KEY_B64:-}" ] \
&& [ -z "${DEPLOY_SSH_KEY:-}" ] \ && [ -z "${DEPLOY_SSH_KEY:-}" ] \
&& [ ! -f "${HOME}/.ssh/ci-key" ] \ && [ ! -f "${home_dir}/.ssh/ci-key" ] \
&& [ ! -f "/root/.ssh/ci-key" ]; then && [ ! -f "/root/.ssh/ci-key" ]; then
echo "Missing customer SSH key: set CUSTOMER_DEPLOY_SSH_KEY_B64, CUSTOMER_DEPLOY_SSH_KEY, DEPLOY_SSH_KEY, or install ~/.ssh/ci-key on the runner" >&2 echo "Missing customer SSH key: set CUSTOMER_DEPLOY_SSH_KEY_B64, CUSTOMER_DEPLOY_SSH_KEY, DEPLOY_SSH_KEY, or install ~/.ssh/ci-key on the runner" >&2
exit 1 exit 1
fi fi
- name: Install crane - name: Setup Docker Buildx
run: | run: |
set -euo pipefail set -euo pipefail
curl -fsSL https://github.com/google/go-containerregistry/releases/download/v0.19.0/go-containerregistry_Linux_x86_64.tar.gz \ if ! docker buildx inspect customer-builder >/dev/null 2>&1; then
| tar xz crane docker buildx create --name customer-builder --driver docker-container --use
chmod +x crane else
docker buildx use customer-builder
fi
docker buildx inspect --bootstrap
- name: Build and push customer images - name: Build and push customer images
env: env:
@@ -89,42 +94,41 @@ jobs:
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
GITEA_TOKEN: ${{ gitea.token }}
run: | run: |
set -euo pipefail set -euo pipefail
registry_user="${REGISTRY_USER:-${REGISTRY_USERNAME:-}}" registry_user="${REGISTRY_USER:-${REGISTRY_USERNAME:-${GITHUB_ACTOR:-}}}"
registry_password="${REGISTRY_TOKEN:-${REGISTRY_PASSWORD:-}}" registry_password="${REGISTRY_TOKEN:-${REGISTRY_PASSWORD:-${GITEA_TOKEN:-}}}"
sha_short="$(printf '%s' "${GITHUB_SHA}" | cut -c1-12)" sha_short="$(printf '%s' "${GITHUB_SHA}" | cut -c1-12)"
registry_path="${CUSTOMER_REGISTRY_HOST}/${CUSTOMER_REGISTRY_NAMESPACE}" registry_path="${CUSTOMER_REGISTRY_HOST}/${CUSTOMER_REGISTRY_NAMESPACE}"
web_ref="${registry_path}/${CUSTOMER_WEB_IMAGE}" web_ref="${registry_path}/${CUSTOMER_WEB_IMAGE}"
celery_ref="${registry_path}/${CUSTOMER_CELERY_IMAGE}" celery_ref="${registry_path}/${CUSTOMER_CELERY_IMAGE}"
printf '%s' "${registry_password}" \ printf '%s' "${registry_password}" \
| ./crane auth login --insecure "${CUSTOMER_REGISTRY_HOST}" \ | docker login "${CUSTOMER_REGISTRY_HOST}" \
-u "${registry_user}" \ -u "${registry_user}" \
--password-stdin --password-stdin
docker build \ docker buildx build \
--platform linux/amd64 \ --platform linux/amd64 \
-f ./docker/Dockerfile \ -f ./docker/Dockerfile \
--target runtime-web \ --target runtime-web \
--build-arg INSTALL_DEV=false \ --build-arg INSTALL_DEV=false \
-t customer-mostovik-backend-web:local \ --push \
-t "${web_ref}:latest" \
-t "${web_ref}:${sha_short}" \
. .
docker save customer-mostovik-backend-web:local -o /tmp/customer-mostovik-backend-web.tar
./crane push --insecure /tmp/customer-mostovik-backend-web.tar "${web_ref}:latest"
./crane push --insecure /tmp/customer-mostovik-backend-web.tar "${web_ref}:${sha_short}"
docker build \ docker buildx build \
--platform linux/amd64 \ --platform linux/amd64 \
-f ./docker/Dockerfile \ -f ./docker/Dockerfile \
--target runtime-celery \ --target runtime-celery \
--build-arg INSTALL_DEV=false \ --build-arg INSTALL_DEV=false \
-t customer-mostovik-backend-celery:local \ --push \
-t "${celery_ref}:latest" \
-t "${celery_ref}:${sha_short}" \
. .
docker save customer-mostovik-backend-celery:local -o /tmp/customer-mostovik-backend-celery.tar
./crane push --insecure /tmp/customer-mostovik-backend-celery.tar "${celery_ref}:latest"
./crane push --insecure /tmp/customer-mostovik-backend-celery.tar "${celery_ref}:${sha_short}"
- name: Deploy customer stack - name: Deploy customer stack
env: env:
@@ -134,16 +138,17 @@ jobs:
run: | run: |
set -euo pipefail set -euo pipefail
mkdir -p "${HOME}/.ssh" home_dir="${HOME:-/root}"
key_path="${HOME}/.ssh/customer_deploy_key" mkdir -p "${home_dir}/.ssh"
key_path="${home_dir}/.ssh/customer_deploy_key"
if [ -n "${CUSTOMER_DEPLOY_SSH_KEY_B64:-}" ]; then if [ -n "${CUSTOMER_DEPLOY_SSH_KEY_B64:-}" ]; then
printf '%s' "${CUSTOMER_DEPLOY_SSH_KEY_B64}" | base64 -d > "${key_path}" printf '%s' "${CUSTOMER_DEPLOY_SSH_KEY_B64}" | base64 -d > "${key_path}"
elif [ -n "${DEPLOY_SSH_KEY:-}" ]; then elif [ -n "${DEPLOY_SSH_KEY:-}" ]; then
printf '%s' "${DEPLOY_SSH_KEY}" | base64 -d > "${key_path}" printf '%s' "${DEPLOY_SSH_KEY}" | base64 -d > "${key_path}"
elif [ -n "${CUSTOMER_DEPLOY_SSH_KEY:-}" ]; then elif [ -n "${CUSTOMER_DEPLOY_SSH_KEY:-}" ]; then
printf '%s\n' "${CUSTOMER_DEPLOY_SSH_KEY}" > "${key_path}" printf '%s\n' "${CUSTOMER_DEPLOY_SSH_KEY}" > "${key_path}"
elif [ -f "${HOME}/.ssh/ci-key" ]; then elif [ -f "${home_dir}/.ssh/ci-key" ]; then
cp "${HOME}/.ssh/ci-key" "${key_path}" cp "${home_dir}/.ssh/ci-key" "${key_path}"
else else
cp "/root/.ssh/ci-key" "${key_path}" cp "/root/.ssh/ci-key" "${key_path}"
fi fi
@@ -161,9 +166,7 @@ jobs:
) )
proxy_command="ssh -i ${key_path} -o BatchMode=yes -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o GlobalKnownHostsFile=/dev/null -o LogLevel=ERROR -o ConnectTimeout=15 -W %h:%p ${CUSTOMER_SSH_PROXY_HOST}" proxy_command="ssh -i ${key_path} -o BatchMode=yes -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o GlobalKnownHostsFile=/dev/null -o LogLevel=ERROR -o ConnectTimeout=15 -W %h:%p ${CUSTOMER_SSH_PROXY_HOST}"
remote_command="set -euo pipefail remote_command="set -euo pipefail
cd /ecos flock -w 1800 /tmp/ecos-customer-deploy.lock /bin/sh -c 'cd /ecos && FORCE_PULL=1 COMPOSE_FILE=\"${CUSTOMER_COMPOSE_FILE}\" \"${CUSTOMER_DEPLOY_SCRIPT}\" && docker image prune -f'"
FORCE_PULL=1 COMPOSE_FILE='${CUSTOMER_COMPOSE_FILE}' '${CUSTOMER_DEPLOY_SCRIPT}'
docker image prune -f"
ssh "${ssh_common[@]}" -o "ProxyCommand=${proxy_command}" "${CUSTOMER_DEPLOY_USER}@${CUSTOMER_DEPLOY_HOST}" "true" ssh "${ssh_common[@]}" -o "ProxyCommand=${proxy_command}" "${CUSTOMER_DEPLOY_USER}@${CUSTOMER_DEPLOY_HOST}" "true"
ssh "${ssh_common[@]}" -o "ProxyCommand=${proxy_command}" "${CUSTOMER_DEPLOY_USER}@${CUSTOMER_DEPLOY_HOST}" "${remote_command}" ssh "${ssh_common[@]}" -o "ProxyCommand=${proxy_command}" "${CUSTOMER_DEPLOY_USER}@${CUSTOMER_DEPLOY_HOST}" "${remote_command}"