avm/state-corp-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: avm:cab7fe6673a5fa4023981f366d1db9138572b1c9
Branches Tags
avm:main avm:dev avm:feature/backend-endpoints-contract-implementation-plan avm:concatenate_files
...
compare: avm:main
Branches Tags
avm:dev avm:main avm:feature/backend-endpoints-contract-implementation-plan avm:concatenate_files

10 Commits
cab7fe6673 ... main

Author SHA1 Message Date
avm
60ea2304e6 Merge dev into main
Some checks failed
CI/CD Pipeline / Code Quality Checks (push) Failing after 10m17s
Details
Deploy Customer Main / Build, Push, Deploy (push) Successful in 7m59s
Details
CI/CD Pipeline / Run Tests (push) Failing after 13m58s
Details
CI/CD Pipeline / Build Docker Images (push) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been skipped
Details
CI/CD Pipeline / Deploy to Server (push) Has been skipped
Details 
Pin customer deploy workflow to backend runner.
 2026-05-05 10:20:12 +03:00
Aleksandr Meshchriakov
ed34603116 ci: pin customer deploy to backend runner
Some checks failed
CI/CD Pipeline / Code Quality Checks (push) Failing after 7m34s
Details
CI/CD Pipeline / Code Quality Checks (pull_request) Failing after 16m40s
Details
CI/CD Pipeline / Run Tests (push) Failing after 17m21s
Details
CI/CD Pipeline / Build Docker Images (push) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been skipped
Details
CI/CD Pipeline / Deploy to Server (push) Has been skipped
Details
CI/CD Pipeline / Run Tests (pull_request) Failing after 17m54s
Details
CI/CD Pipeline / Build Docker Images (pull_request) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (pull_request) Has been skipped
Details
CI/CD Pipeline / Deploy to Server (pull_request) Has been skipped
Details
2026-05-05 09:19:42 +02:00
avm
8907db1b84 Merge dev into main
Some checks failed
Deploy Customer Main / Build, Push, Deploy (push) Failing after 1s
Details
CI/CD Pipeline / Run Tests (push) Failing after 6m52s
Details
CI/CD Pipeline / Code Quality Checks (push) Failing after 10m33s
Details
CI/CD Pipeline / Build Docker Images (push) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been skipped
Details
CI/CD Pipeline / Deploy to Server (push) Has been skipped
Details 
Merge dev into main for customer deploy.
 2026-05-05 01:35:06 +03:00
Aleksandr Meshchriakov
c585d52e55 ci: serialize customer deploys
Some checks failed
CI/CD Pipeline / Run Tests (push) Failing after 7m13s
Details
CI/CD Pipeline / Code Quality Checks (pull_request) Failing after 5m12s
Details
CI/CD Pipeline / Code Quality Checks (push) Failing after 10m10s
Details
CI/CD Pipeline / Build Docker Images (push) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been skipped
Details
CI/CD Pipeline / Deploy to Server (push) Has been skipped
Details
CI/CD Pipeline / Run Tests (pull_request) Failing after 6m56s
Details
CI/CD Pipeline / Build Docker Images (pull_request) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (pull_request) Has been skipped
Details
CI/CD Pipeline / Deploy to Server (pull_request) Has been skipped
Details
2026-05-05 00:34:36 +02:00
avm
f4772d9016 Merge dev into main
Some checks failed
Deploy Customer Main / Build, Push, Deploy (push) Failing after 0s
Details
CI/CD Pipeline / Build Docker Images (push) Has been cancelled
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Server (push) Has been cancelled
Details
CI/CD Pipeline / Run Tests (push) Has been cancelled
Details
CI/CD Pipeline / Code Quality Checks (push) Has been cancelled
Details 
Merge dev into main for customer deploy.
 2026-05-05 01:20:04 +03:00
Aleksandr Meshchriakov
eb31b28b0a ci: push customer images with docker buildx
Some checks failed
CI/CD Pipeline / Run Tests (push) Failing after 11m26s
Details
CI/CD Pipeline / Code Quality Checks (push) Failing after 15m13s
Details
CI/CD Pipeline / Build Docker Images (push) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Server (push) Has been cancelled
Details
CI/CD Pipeline / Run Tests (pull_request) Failing after 7m21s
Details
CI/CD Pipeline / Code Quality Checks (pull_request) Failing after 13m37s
Details
CI/CD Pipeline / Build Docker Images (pull_request) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (pull_request) Has been skipped
Details
CI/CD Pipeline / Deploy to Server (pull_request) Has been skipped
Details
2026-05-05 00:18:04 +02:00
avm
afe5919a8a Merge dev into main
Some checks failed
Deploy Customer Main / Build, Push, Deploy (push) Failing after 1s
Details
CI/CD Pipeline / Build Docker Images (push) Has been cancelled
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Server (push) Has been cancelled
Details
CI/CD Pipeline / Code Quality Checks (push) Has been cancelled
Details
CI/CD Pipeline / Run Tests (push) Has been cancelled
Details 
Merge dev into main for customer deploy.
 2026-05-05 01:13:10 +03:00
Aleksandr Meshchriakov
b7b4a1bb26 ci: use https registry for customer deploy
Some checks failed
CI/CD Pipeline / Build Docker Images (push) Has been cancelled
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Server (push) Has been cancelled
Details
CI/CD Pipeline / Code Quality Checks (push) Has been cancelled
Details
CI/CD Pipeline / Run Tests (push) Has been cancelled
Details
CI/CD Pipeline / Code Quality Checks (pull_request) Failing after 8m40s
Details
CI/CD Pipeline / Run Tests (pull_request) Failing after 13m12s
Details
CI/CD Pipeline / Build Docker Images (pull_request) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (pull_request) Has been skipped
Details
CI/CD Pipeline / Deploy to Server (pull_request) Has been skipped
Details
2026-05-05 00:11:40 +02:00
avm
7e3cebaf19 Merge dev into main
Some checks failed
Deploy Customer Main / Build, Push, Deploy (push) Failing after 0s
Details
CI/CD Pipeline / Build Docker Images (push) Has been cancelled
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Server (push) Has been cancelled
Details
CI/CD Pipeline / Code Quality Checks (push) Has been cancelled
Details
CI/CD Pipeline / Run Tests (push) Has been cancelled
Details 
Merge dev into main for customer deploy.
 2026-05-05 01:06:24 +03:00
Aleksandr Meshchriakov
294b196012 ci: harden customer deploy auth
Some checks failed
CI/CD Pipeline / Build Docker Images (push) Has been cancelled
Details
CI/CD Pipeline / Push to Gitea Registry (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Server (push) Has been cancelled
Details
CI/CD Pipeline / Run Tests (push) Has been cancelled
Details
CI/CD Pipeline / Code Quality Checks (push) Has been cancelled
Details
CI/CD Pipeline / Run Tests (pull_request) Failing after 7m41s
Details
CI/CD Pipeline / Code Quality Checks (pull_request) Failing after 8m36s
Details
CI/CD Pipeline / Build Docker Images (pull_request) Has been skipped
Details
CI/CD Pipeline / Push to Gitea Registry (pull_request) Has been skipped
Details
CI/CD Pipeline / Deploy to Server (pull_request) Has been skipped
Details
2026-05-05 00:01:49 +02:00
1 changed files with 32 additions and 29 deletions
Expand all files Collapse all files

61
.gitea/workflows/deploy-customer-main.yml
View File

@@ -11,7 +11,7 @@ concurrency:
cancel-in-progress: true cancel-in-progress: true
env: env:
CUSTOMER_REGISTRY_HOST: registry.dev.nii-ecos.ru:80 CUSTOMER_REGISTRY_HOST: registry.dev.nii-ecos.ru
CUSTOMER_REGISTRY_NAMESPACE: avm CUSTOMER_REGISTRY_NAMESPACE: avm
CUSTOMER_WEB_IMAGE: state-corp-backend-web CUSTOMER_WEB_IMAGE: state-corp-backend-web
CUSTOMER_CELERY_IMAGE: state-corp-backend-celery CUSTOMER_CELERY_IMAGE: state-corp-backend-celery
@@ -24,7 +24,7 @@ env:
jobs: jobs:
deploy: deploy:
name: Build, Push, Deploy name: Build, Push, Deploy
runs-on: ubuntu-latest runs-on: [backend-docker]
timeout-minutes: 90 timeout-minutes: 90
steps: steps:
@@ -50,14 +50,16 @@ jobs:
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
GITEA_TOKEN: ${{ gitea.token }}
CUSTOMER_DEPLOY_SSH_KEY: ${{ secrets.CUSTOMER_DEPLOY_SSH_KEY }} CUSTOMER_DEPLOY_SSH_KEY: ${{ secrets.CUSTOMER_DEPLOY_SSH_KEY }}
CUSTOMER_DEPLOY_SSH_KEY_B64: ${{ secrets.CUSTOMER_DEPLOY_SSH_KEY_B64 }} CUSTOMER_DEPLOY_SSH_KEY_B64: ${{ secrets.CUSTOMER_DEPLOY_SSH_KEY_B64 }}
DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }} DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
run: | run: |
set -euo pipefail set -euo pipefail
registry_user="${REGISTRY_USER:-${REGISTRY_USERNAME:-}}" registry_user="${REGISTRY_USER:-${REGISTRY_USERNAME:-${GITHUB_ACTOR:-}}}"
registry_password="${REGISTRY_TOKEN:-${REGISTRY_PASSWORD:-}}" registry_password="${REGISTRY_TOKEN:-${REGISTRY_PASSWORD:-${GITEA_TOKEN:-}}}"
home_dir="${HOME:-/root}"
if [ -z "${registry_user}" ]; then if [ -z "${registry_user}" ]; then
echo "Missing registry user secret: set REGISTRY_USER or REGISTRY_USERNAME" >&2 echo "Missing registry user secret: set REGISTRY_USER or REGISTRY_USERNAME" >&2
@@ -70,18 +72,21 @@ jobs:
if [ -z "${CUSTOMER_DEPLOY_SSH_KEY:-}" ] \ if [ -z "${CUSTOMER_DEPLOY_SSH_KEY:-}" ] \
&& [ -z "${CUSTOMER_DEPLOY_SSH_KEY_B64:-}" ] \ && [ -z "${CUSTOMER_DEPLOY_SSH_KEY_B64:-}" ] \
&& [ -z "${DEPLOY_SSH_KEY:-}" ] \ && [ -z "${DEPLOY_SSH_KEY:-}" ] \
&& [ ! -f "${HOME}/.ssh/ci-key" ] \ && [ ! -f "${home_dir}/.ssh/ci-key" ] \
&& [ ! -f "/root/.ssh/ci-key" ]; then && [ ! -f "/root/.ssh/ci-key" ]; then
echo "Missing customer SSH key: set CUSTOMER_DEPLOY_SSH_KEY_B64, CUSTOMER_DEPLOY_SSH_KEY, DEPLOY_SSH_KEY, or install ~/.ssh/ci-key on the runner" >&2 echo "Missing customer SSH key: set CUSTOMER_DEPLOY_SSH_KEY_B64, CUSTOMER_DEPLOY_SSH_KEY, DEPLOY_SSH_KEY, or install ~/.ssh/ci-key on the runner" >&2
exit 1 exit 1
fi fi
- name: Install crane - name: Setup Docker Buildx
run: | run: |
set -euo pipefail set -euo pipefail
curl -fsSL https://github.com/google/go-containerregistry/releases/download/v0.19.0/go-containerregistry_Linux_x86_64.tar.gz \ if ! docker buildx inspect customer-builder >/dev/null 2>&1; then
| tar xz crane docker buildx create --name customer-builder --driver docker-container --use
chmod +x crane else
docker buildx use customer-builder
fi
docker buildx inspect --bootstrap
- name: Build and push customer images - name: Build and push customer images
env: env:
@@ -89,42 +94,41 @@ jobs:
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
GITEA_TOKEN: ${{ gitea.token }}
run: | run: |
set -euo pipefail set -euo pipefail
registry_user="${REGISTRY_USER:-${REGISTRY_USERNAME:-}}" registry_user="${REGISTRY_USER:-${REGISTRY_USERNAME:-${GITHUB_ACTOR:-}}}"
registry_password="${REGISTRY_TOKEN:-${REGISTRY_PASSWORD:-}}" registry_password="${REGISTRY_TOKEN:-${REGISTRY_PASSWORD:-${GITEA_TOKEN:-}}}"
sha_short="$(printf '%s' "${GITHUB_SHA}" | cut -c1-12)" sha_short="$(printf '%s' "${GITHUB_SHA}" | cut -c1-12)"
registry_path="${CUSTOMER_REGISTRY_HOST}/${CUSTOMER_REGISTRY_NAMESPACE}" registry_path="${CUSTOMER_REGISTRY_HOST}/${CUSTOMER_REGISTRY_NAMESPACE}"
web_ref="${registry_path}/${CUSTOMER_WEB_IMAGE}" web_ref="${registry_path}/${CUSTOMER_WEB_IMAGE}"
celery_ref="${registry_path}/${CUSTOMER_CELERY_IMAGE}" celery_ref="${registry_path}/${CUSTOMER_CELERY_IMAGE}"
printf '%s' "${registry_password}" \ printf '%s' "${registry_password}" \
| ./crane auth login --insecure "${CUSTOMER_REGISTRY_HOST}" \ | docker login "${CUSTOMER_REGISTRY_HOST}" \
-u "${registry_user}" \ -u "${registry_user}" \
--password-stdin --password-stdin
docker build \ docker buildx build \
--platform linux/amd64 \ --platform linux/amd64 \
-f ./docker/Dockerfile \ -f ./docker/Dockerfile \
--target runtime-web \ --target runtime-web \
--build-arg INSTALL_DEV=false \ --build-arg INSTALL_DEV=false \
-t customer-state-corp-backend-web:local \ --push \
-t "${web_ref}:latest" \
-t "${web_ref}:${sha_short}" \
. .
docker save customer-state-corp-backend-web:local -o /tmp/customer-state-corp-backend-web.tar
./crane push --insecure /tmp/customer-state-corp-backend-web.tar "${web_ref}:latest"
./crane push --insecure /tmp/customer-state-corp-backend-web.tar "${web_ref}:${sha_short}"
docker build \ docker buildx build \
--platform linux/amd64 \ --platform linux/amd64 \
-f ./docker/Dockerfile \ -f ./docker/Dockerfile \
--target runtime-celery \ --target runtime-celery \
--build-arg INSTALL_DEV=false \ --build-arg INSTALL_DEV=false \
-t customer-state-corp-backend-celery:local \ --push \
-t "${celery_ref}:latest" \
-t "${celery_ref}:${sha_short}" \
. .
docker save customer-state-corp-backend-celery:local -o /tmp/customer-state-corp-backend-celery.tar
./crane push --insecure /tmp/customer-state-corp-backend-celery.tar "${celery_ref}:latest"
./crane push --insecure /tmp/customer-state-corp-backend-celery.tar "${celery_ref}:${sha_short}"
- name: Deploy customer stack - name: Deploy customer stack
env: env:
@@ -134,16 +138,17 @@ jobs:
run: | run: |
set -euo pipefail set -euo pipefail
mkdir -p "${HOME}/.ssh" home_dir="${HOME:-/root}"
key_path="${HOME}/.ssh/customer_deploy_key" mkdir -p "${home_dir}/.ssh"
key_path="${home_dir}/.ssh/customer_deploy_key"
if [ -n "${CUSTOMER_DEPLOY_SSH_KEY_B64:-}" ]; then if [ -n "${CUSTOMER_DEPLOY_SSH_KEY_B64:-}" ]; then
printf '%s' "${CUSTOMER_DEPLOY_SSH_KEY_B64}" | base64 -d > "${key_path}" printf '%s' "${CUSTOMER_DEPLOY_SSH_KEY_B64}" | base64 -d > "${key_path}"
elif [ -n "${DEPLOY_SSH_KEY:-}" ]; then elif [ -n "${DEPLOY_SSH_KEY:-}" ]; then
printf '%s' "${DEPLOY_SSH_KEY}" | base64 -d > "${key_path}" printf '%s' "${DEPLOY_SSH_KEY}" | base64 -d > "${key_path}"
elif [ -n "${CUSTOMER_DEPLOY_SSH_KEY:-}" ]; then elif [ -n "${CUSTOMER_DEPLOY_SSH_KEY:-}" ]; then
printf '%s\n' "${CUSTOMER_DEPLOY_SSH_KEY}" > "${key_path}" printf '%s\n' "${CUSTOMER_DEPLOY_SSH_KEY}" > "${key_path}"
elif [ -f "${HOME}/.ssh/ci-key" ]; then elif [ -f "${home_dir}/.ssh/ci-key" ]; then
cp "${HOME}/.ssh/ci-key" "${key_path}" cp "${home_dir}/.ssh/ci-key" "${key_path}"
else else
cp "/root/.ssh/ci-key" "${key_path}" cp "/root/.ssh/ci-key" "${key_path}"
fi fi
@@ -161,9 +166,7 @@ jobs:
) )
proxy_command="ssh -i ${key_path} -o BatchMode=yes -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o GlobalKnownHostsFile=/dev/null -o LogLevel=ERROR -o ConnectTimeout=15 -W %h:%p ${CUSTOMER_SSH_PROXY_HOST}" proxy_command="ssh -i ${key_path} -o BatchMode=yes -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o GlobalKnownHostsFile=/dev/null -o LogLevel=ERROR -o ConnectTimeout=15 -W %h:%p ${CUSTOMER_SSH_PROXY_HOST}"
remote_command="set -euo pipefail remote_command="set -euo pipefail
cd /ecos flock -w 1800 /tmp/ecos-customer-deploy.lock /bin/sh -c 'cd /ecos && FORCE_PULL=1 COMPOSE_FILE=\"${CUSTOMER_COMPOSE_FILE}\" \"${CUSTOMER_DEPLOY_SCRIPT}\" && docker image prune -f'"
FORCE_PULL=1 COMPOSE_FILE='${CUSTOMER_COMPOSE_FILE}' '${CUSTOMER_DEPLOY_SCRIPT}'
docker image prune -f"
ssh "${ssh_common[@]}" -o "ProxyCommand=${proxy_command}" "${CUSTOMER_DEPLOY_USER}@${CUSTOMER_DEPLOY_HOST}" "true" ssh "${ssh_common[@]}" -o "ProxyCommand=${proxy_command}" "${CUSTOMER_DEPLOY_USER}@${CUSTOMER_DEPLOY_HOST}" "true"
ssh "${ssh_common[@]}" -o "ProxyCommand=${proxy_command}" "${CUSTOMER_DEPLOY_USER}@${CUSTOMER_DEPLOY_HOST}" "${remote_command}" ssh "${ssh_common[@]}" -o "ProxyCommand=${proxy_command}" "${CUSTOMER_DEPLOY_USER}@${CUSTOMER_DEPLOY_HOST}" "${remote_command}"