# build 0 labels: location: manager clone: git: image: woodpeckerci/plugin-git settings: partial: false depth: 1 steps: # Build and Push for Staging build-push-staging: name: build-push-staging image: woodpeckerci/plugin-docker-buildx environment: REGISTRY_USER: from_secret: REGISTRY_USER REGISTRY_PASSWORD: from_secret: REGISTRY_PASSWORD DOCKER_REGISTRY_USER: from_secret: DOCKER_REGISTRY_USER DOCKER_REGISTRY_PASSWORD: from_secret: DOCKER_REGISTRY_PASSWORD volumes: - /var/run/docker.sock:/var/run/docker.sock commands: - echo "Logging into registries" - echo "$${DOCKER_REGISTRY_PASSWORD}" | docker login -u "$${DOCKER_REGISTRY_USER}" --password-stdin - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us - echo "Building and pushing application for staging" - docker compose -f docker-compose.staging.yml build --no-cache - docker compose -f docker-compose.staging.yml push when: branch: main event: [push, cron] # Deploy Staging deploy-staging: name: deploy-staging image: woodpeckerci/plugin-docker-buildx environment: REGISTRY_USER: from_secret: REGISTRY_USER REGISTRY_PASSWORD: from_secret: REGISTRY_PASSWORD volumes: - /var/run/docker.sock:/var/run/docker.sock commands: - echo "Deploying to staging environment" - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us - docker stack deploy --with-registry-auth -c ./stack.staging.yml $${CI_REPO_NAME}-staging when: branch: main event: [push, cron] # Cleanup Staging cleanup-staging: name: cleanup-staging image: woodpeckerci/plugin-docker-buildx environment: REGISTRY_USER: from_secret: REGISTRY_USER REGISTRY_PASSWORD: from_secret: REGISTRY_PASSWORD volumes: - /var/run/docker.sock:/var/run/docker.sock commands: - echo "Cleaning up staging environment" - for i in {1..5}; do docker stack rm ${CI_REPO_NAME}-staging && break || sleep 10; done - docker compose -f docker-compose.staging.yml down - docker compose -f docker-compose.staging.yml rm -f when: branch: main event: [push, cron] # Build and Push for Production build-push-production: name: build-push-production image: woodpeckerci/plugin-docker-buildx environment: REGISTRY_USER: from_secret: REGISTRY_USER REGISTRY_PASSWORD: from_secret: REGISTRY_PASSWORD DOCKER_REGISTRY_USER: from_secret: DOCKER_REGISTRY_USER DOCKER_REGISTRY_PASSWORD: from_secret: DOCKER_REGISTRY_PASSWORD volumes: - /var/run/docker.sock:/var/run/docker.sock commands: - echo "Logging into registries" - echo "$${DOCKER_REGISTRY_PASSWORD}" | docker login -u "$${DOCKER_REGISTRY_USER}" --password-stdin - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us - echo "Building and pushing application for production" - docker compose -f docker-compose.production.yml build --no-cache - docker compose -f docker-compose.production.yml push when: branch: main event: [push, cron] # Deploy Production deploy-production: name: deploy-production image: woodpeckerci/plugin-docker-buildx environment: REGISTRY_USER: from_secret: REGISTRY_USER REGISTRY_PASSWORD: from_secret: REGISTRY_PASSWORD # Add production secrets POSTGRES_PASSWORD: from_secret: PROD_POSTGRES_PASSWORD POSTGRES_USER: from_secret: PROD_POSTGRES_USER POSTGRES_DB: from_secret: PROD_POSTGRES_DB JWT_SECRET: from_secret: PROD_JWT_SECRET MAIN_URL: from_secret: PROD_MAIN_URL FRONTEND_URL: from_secret: PROD_FRONTEND_URL NEXT_PUBLIC_BACKEND_URL: from_secret: PROD_NEXT_PUBLIC_BACKEND_URL LINKEDIN_CLIENT_ID: from_secret: PROD_LINKEDIN_CLIENT_ID LINKEDIN_CLIENT_SECRET: from_secret: PROD_LINKEDIN_CLIENT_SECRET volumes: - /var/run/docker.sock:/var/run/docker.sock commands: - echo "Deploying to production environment" - echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us - envsubst < ./stack.production.yml > ./stack.production.env.yml - docker stack deploy --with-registry-auth -c ./stack.production.env.yml $${CI_REPO_NAME} when: branch: main event: [push, cron]