quartermaster/.forgejo/workflows/deploy.yml

name: deploy

on:
  push:
    branches:
      - main

jobs:
  build-push-deploy:
    runs-on: homelab
    env:
      REGISTRY: forgejo.labbity.unbiasedgeek.com
      IMAGE: forgejo.labbity.unbiasedgeek.com/archeious/quartermaster/quartermaster
      COMPOSE_PROJECT_NAME: quartermaster
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Login to Forgejo registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: archeious
          password: ${{ secrets.REGISTRY_TOKEN }}

      - name: Build and push image
        uses: docker/build-push-action@v6
        with:
          context: .
          push: true
          tags: |
            ${{ env.IMAGE }}:${{ github.sha }}
            ${{ env.IMAGE }}:latest            

      - name: Deploy
        run: |
          set -euo pipefail
          printf 'QUARTERMASTER_TAG=%s\n' '${{ github.sha }}' > .env
          docker compose pull
          docker compose up -d          

      - name: Smoke test
        env:
          SMOKE_PASSWORD: ${{ secrets.QUARTERMASTER_SMOKE_PASSWORD }}
        run: |
          set -eu
          for attempt in 1 2 3 4 5 6 7 8 9 10; do
            code=$(curl -sS -o /dev/null -w '%{http_code}' \
              -u "admin:$SMOKE_PASSWORD" \
              https://quartermaster.unbiasedgeek.com/healthz || echo "000")
            if [ "$code" = "200" ]; then
              echo "smoke OK after $attempt attempt(s)"
              exit 0
            fi
            echo "attempt $attempt: got $code, retrying"
            sleep 3
          done
          echo "smoke FAILED — last code $code"
          exit 1