From b70d781a6771c6febc58dadcd53a47262dd9681d Mon Sep 17 00:00:00 2001 From: tinqs-limited Date: Fri, 22 May 2026 10:11:41 +0100 Subject: [PATCH] =?UTF-8?q?ci:=20build.yml=20=E2=86=92=20Docker=20build=20?= =?UTF-8?q?+=20ECR=20push=20+=20deploy=20staging=20&=20prod?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Push to main (platform code) now: 1. Builds Docker image via Dockerfile.rootless 2. Pushes to ECR (tinqs-git:tag + :latest) 3. Triggers ECS deploy on both tinqs-studio-staging and tinqs-git-prod 4. Archives binary to S3 as backup Staging and prod deploy from the same image on every push. release.yml remains for manual rollback/specific version deploys. Co-Authored-By: Claude Opus 4.6 (1M context) --- .gitea/workflows/build.yml | 85 ++++++++++++++++++++++++++++++-------- 1 file changed, 68 insertions(+), 17 deletions(-) diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index 8f5d61a839..3a45c4a469 100644 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -1,4 +1,4 @@ -name: Build Platform +name: Build & Deploy Platform on: push: @@ -14,6 +14,7 @@ on: - 'go.mod' - 'go.sum' - 'Makefile' + - 'Dockerfile*' - '.gitea/workflows/build.yml' paths-ignore: - 'cmd/tstudio/**' @@ -24,27 +25,77 @@ on: - 'SETUP.md' - '*.md' +env: + AWS_REGION: eu-west-1 + ECR_REPO: 149751500842.dkr.ecr.eu-west-1.amazonaws.com/tinqs-git + ECS_CLUSTER: tinqs-git + jobs: build: runs-on: host steps: - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 - with: - go-version: '1.26.2' - - uses: actions/setup-node@v4 - with: - node-version: '22' - - run: npm install -g pnpm - - name: Build tinqs-git - run: TAGS="bindata sqlite sqlite_unlock_notify" make build - - name: Verify binary - run: ls -lh gitea && echo "Build successful" - - name: Upload to S3 + - name: Set version + id: version run: | SHORT_SHA=$(echo "${GITHUB_SHA:-$(git rev-parse --short HEAD)}" | cut -c1-10) - echo "Uploading tinqs-git ($SHORT_SHA) to S3..." - aws s3 cp gitea "s3://tinqs-cli-releases/tinqs-git/$SHORT_SHA/tinqs-git" - aws s3 cp gitea "s3://tinqs-cli-releases/tinqs-git/latest/tinqs-git" - echo "OK tinqs-git ($SHORT_SHA) → s3://tinqs-cli-releases/tinqs-git/" + echo "sha=$SHORT_SHA" >> "$GITHUB_OUTPUT" + echo "tag=main-$SHORT_SHA" >> "$GITHUB_OUTPUT" + + - name: Login to ECR + run: | + aws ecr get-login-password --region $AWS_REGION | \ + docker login --username AWS --password-stdin $ECR_REPO + + - name: Build Docker image + run: | + TAG="${{ steps.version.outputs.tag }}" + docker build \ + --build-arg GITEA_VERSION="$TAG" \ + --build-arg TAGS="bindata sqlite sqlite_unlock_notify" \ + -f Dockerfile.rootless \ + -t $ECR_REPO:$TAG \ + -t $ECR_REPO:latest \ + . + + - name: Push to ECR + run: | + TAG="${{ steps.version.outputs.tag }}" + docker push $ECR_REPO:$TAG + docker push $ECR_REPO:latest + echo "Pushed $ECR_REPO:$TAG + :latest" + + - name: Deploy to staging + run: | + aws ecs update-service \ + --cluster $ECS_CLUSTER \ + --service tinqs-studio-staging \ + --force-new-deployment \ + --region $AWS_REGION \ + --no-cli-pager + echo "Staging deploy triggered" + + - name: Deploy to prod + run: | + aws ecs update-service \ + --cluster $ECS_CLUSTER \ + --service tinqs-git-prod \ + --force-new-deployment \ + --region $AWS_REGION \ + --no-cli-pager + echo "Prod deploy triggered" + + - name: Upload binary to S3 (backup) + run: | + SHORT_SHA="${{ steps.version.outputs.sha }}" + # Extract binary from image for S3 archive + CONTAINER=$(docker create $ECR_REPO:latest) + docker cp $CONTAINER:/usr/local/bin/gitea ./gitea 2>/dev/null || \ + docker cp $CONTAINER:/app/gitea/gitea ./gitea 2>/dev/null || true + docker rm $CONTAINER + if [ -f gitea ]; then + aws s3 cp gitea "s3://tinqs-cli-releases/tinqs-git/$SHORT_SHA/tinqs-git" --region $AWS_REGION + aws s3 cp gitea "s3://tinqs-cli-releases/tinqs-git/latest/tinqs-git" --region $AWS_REGION + echo "Binary archived to S3" + fi