name: Build and Deploy MoneyMaker on: push: branches: - main workflow_dispatch: jobs: build-and-deploy: runs-on: debian-host env: PATH: /usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/bin:/snap/bin DOCKER_HOST: unix:///var/run/docker.sock IMAGE: registry.i80.dk/gitea/mmd steps: - name: Checkout code uses: actions/checkout@v4 - name: System info run: | uname -a whoami docker --version - name: Log in to Harbor Registry run: | echo "${{ secrets.HARBOR_ROBOT_TOKEN }}" | docker login registry.i80.dk -u "robot\$gitserver" --password-stdin - name: Build Docker image run: | docker build \ --build-arg BUILD_VERSION="${{ github.ref_name }}-${{ github.sha }}" \ --build-arg GIT_COMMIT="${{ github.sha }}" \ --build-arg BUILD_TIME="${{ github.event.head_commit.timestamp }}" \ -t $IMAGE:latest \ -t $IMAGE:${{ github.sha }} \ . - name: Push Docker image run: | docker push $IMAGE:latest docker push $IMAGE:${{ github.sha }} - name: Substitute secrets into Nomad job run: | sed \ -e "s|__DATABASE_URL__|${{ secrets.DATABASE_URL }}|g" \ -e "s|__ANTHROPIC_API_KEY__|${{ secrets.ANTHROPIC_API_KEY }}|g" \ -e "s|__SAXO_APP_KEY__|${{ secrets.SAXO_APP_KEY }}|g" \ -e "s|__SAXO_APP_SECRET_1__|${{ secrets.SAXO_APP_SECRET_1 }}|g" \ mmd.nomad > mmd_deploy.nomad - name: Validate Nomad job run: nomad job validate mmd_deploy.nomad env: NOMAD_ADDR: "https://nomad.i80.dk:4646" - name: Deploy to Nomad run: nomad job run mmd_deploy.nomad env: NOMAD_ADDR: "https://nomad.i80.dk:4646" - name: Wait for deployment run: | sleep 15 nomad job status moneymaker nomad job allocs moneymaker env: NOMAD_ADDR: "https://nomad.i80.dk:4646" - name: Health check run: | sleep 30 curl -f https://mmd.i80.dk/health || echo "Not yet via Traefik — check Nomad UI" - name: Deployment summary run: | echo "Done! Dashboard: https://mmd.i80.dk Health: https://mmd.i80.dk/health"