Update runner

2026-06-22 15:53:51 -07:00
parent ef3731ba48
commit a537974edf
10 changed files with 278 additions and 221 deletions
@@ -1,77 +0,0 @@
-name: ci-cd-nas
-on:
-  push:
-    branches: [main]
-
-jobs:
-  # Runs on the DEV PC runner (label `builder`): Docker Desktop + .NET SDK.
-  # DS220+ (Celeron J4025 / 2GB RAM) cannot build these images, so all the heavy
-  # work (test, dotnet publish, ng build) happens here, then images are pushed
-  # to the Gitea registry on the NAS.
-  build-push:
-    # Label is registered on the dev PC as `windows:host`; runs-on matches the
-    # label NAME (before the colon). `:host` means it runs directly on the PC,
-    # using its installed Docker Desktop + .NET SDK (no container).
-    runs-on: windows
-    defaults:
-      run:
-        # Windows PowerShell (always present). NOTE: do NOT use `shell: bash`
-        # here — act_runner in Windows host mode mislocates the generated .sh
-        # script ("No such file or directory"). PowerShell avoids that bug.
-        shell: powershell
-    env:
-      REGISTRY: git.golife.love/chrischen
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Test API
-        run: dotnet test API/ROLAC.API.Tests/ROLAC.API.Tests.csproj -c Release
-
-      - name: Registry login
-        run: '"${{ secrets.REGISTRY_TOKEN }}" | docker login git.golife.love -u "${{ secrets.REGISTRY_USER }}" --password-stdin'
-
-      - name: Build images
-        run: |
-          docker build -t "$env:REGISTRY/rolac-api:latest" -t "$env:REGISTRY/rolac-api:${{ github.sha }}" ./API
-          if ($LASTEXITCODE -ne 0) { exit 1 }
-          docker build -t "$env:REGISTRY/rolac-app:latest" -t "$env:REGISTRY/rolac-app:${{ github.sha }}" ./APP
-          if ($LASTEXITCODE -ne 0) { exit 1 }
-
-      - name: Push images
-        run: |
-          docker push --all-tags "$env:REGISTRY/rolac-api"
-          if ($LASTEXITCODE -ne 0) { exit 1 }
-          docker push --all-tags "$env:REGISTRY/rolac-app"
-          if ($LASTEXITCODE -ne 0) { exit 1 }
-
-  # Runs on the NAS runner (label `nas`): host Docker socket mounted and
-  # /volume1/docker/rolac bind-mounted at the same path. Deploy ONLY — it just
-  # pulls the freshly-built images and (re)starts the stack. No building here.
-  deploy:
-    needs: build-push
-    runs-on: nas
-    defaults:
-      run:
-        shell: sh
-    env:
-      DEPLOY_DIR: /volume1/docker/rolac
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Registry login
-        run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.golife.love -u "${{ secrets.REGISTRY_USER }}" --password-stdin
-
-      - name: Sync compose + nginx to deploy dir
-        run: |
-          mkdir -p "$DEPLOY_DIR/nginx/conf.d" "$DEPLOY_DIR/data/api-storage"
-          cp deploy/nas/docker-compose.yml      "$DEPLOY_DIR/docker-compose.yml"
-          cp deploy/nas/nginx/conf.d/rolac.conf "$DEPLOY_DIR/nginx/conf.d/rolac.conf"
-
-      - name: Deploy
-        run: |
-          cd "$DEPLOY_DIR"
-          export TAG=${{ github.sha }}
-          docker compose pull
-          docker compose up -d
-          sleep 5
-          curl -fsS http://localhost:8080/api/health
@@ -0,0 +1,50 @@
+name: ci-cd-vm
+on:
+  push:
+    branches: [main]
+
+# Everything lives on the same Ubuntu VM (Gitea, the registry, the build, and the
+# runtime share one Docker daemon), so a single job on the `ubuntu` runner does
+# test -> build -> push -> deploy. No cross-machine pull is needed; deploy reuses
+# the images just built in the local Docker.
+jobs:
+  ci-cd:
+    runs-on: ubuntu
+    defaults:
+      run:
+        shell: bash
+    env:
+      REGISTRY: git.golife.love/chrischen
+      DEPLOY_DIR: /opt/rolac
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Test API
+        run: dotnet test API/ROLAC.API.Tests/ROLAC.API.Tests.csproj -c Release
+
+      - name: Registry login
+        run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.golife.love -u "${{ secrets.REGISTRY_USER }}" --password-stdin
+
+      - name: Build images
+        run: |
+          docker build -t "$REGISTRY/rolac-api:latest" -t "$REGISTRY/rolac-api:${{ github.sha }}" ./API
+          docker build -t "$REGISTRY/rolac-app:latest" -t "$REGISTRY/rolac-app:${{ github.sha }}" ./APP
+
+      - name: Push images
+        run: |
+          docker push --all-tags "$REGISTRY/rolac-api"
+          docker push --all-tags "$REGISTRY/rolac-app"
+
+      - name: Sync compose + nginx to deploy dir
+        run: |
+          mkdir -p "$DEPLOY_DIR/nginx/conf.d" "$DEPLOY_DIR/data/api-storage"
+          cp deploy/vm/docker-compose.yml      "$DEPLOY_DIR/docker-compose.yml"
+          cp deploy/vm/nginx/conf.d/rolac.conf "$DEPLOY_DIR/nginx/conf.d/rolac.conf"
+
+      - name: Deploy
+        run: |
+          cd "$DEPLOY_DIR"
+          export TAG=${{ github.sha }}
+          docker compose up -d
+          sleep 5
+          curl -fsS http://localhost:8080/api/health