fix: deploy frontend to coolify (#779)

* Ignore act secrets * Deploy frontend container to ECR * Use published image * Remove ecr workflows * Trigger coolify deployment * Deploy on release please pr merge * Upgrade nextjs * Update secrets example
2025-12-20 12:19:06 +00:00 · 2025-12-10 13:35:53 +01:00
parent 61f0e29d4c
commit 91650ec65f
8 changed files with 104 additions and 159 deletions
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -1,90 +0,0 @@
-name: Build container/push to container registry
-
-on: [workflow_dispatch]
-
-env:
-  # 950402358378.dkr.ecr.us-east-1.amazonaws.com/reflector
-  AWS_REGION: us-east-1
-  ECR_REPOSITORY: reflector
-
-jobs:
-  build:
-    strategy:
-      matrix:
-        include:
-          - platform: linux/amd64
-            runner: linux-amd64
-            arch: amd64
-          - platform: linux/arm64
-            runner: linux-arm64
-            arch: arm64
-
-    runs-on: ${{ matrix.runner }}
-
-    permissions:
-      contents: read
-
-    outputs:
-      registry: ${{ steps.login-ecr.outputs.registry }}
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ${{ env.AWS_REGION }}
-
-      - name: Login to Amazon ECR
-        id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v2
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Build and push ${{ matrix.arch }}
-        uses: docker/build-push-action@v5
-        with:
-          context: server
-          platforms: ${{ matrix.platform }}
-          push: true
-          tags: ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:latest-${{ matrix.arch }}
-          cache-from: type=gha,scope=${{ matrix.arch }}
-          cache-to: type=gha,mode=max,scope=${{ matrix.arch }}
-          github-token: ${{ secrets.GHA_CACHE_TOKEN }}
-          provenance: false
-
-  create-manifest:
-    runs-on: ubuntu-latest
-    needs: [build]
-
-    permissions:
-      deployments: write
-      contents: read
-
-    steps:
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ${{ env.AWS_REGION }}
-
-      - name: Login to Amazon ECR
-        uses: aws-actions/amazon-ecr-login@v2
-
-      - name: Create and push multi-arch manifest
-        run: |
-          # Get the registry URL (since we can't easily access job outputs in matrix)
-          ECR_REGISTRY=$(aws ecr describe-registry --query 'registryId' --output text).dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com
-
-          docker manifest create \
-            $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:latest \
-            $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:latest-amd64 \
-            $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:latest-arm64
-
-          docker manifest push $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:latest
-
-          echo "✅ Multi-arch manifest pushed: $ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:latest"
--- a/.github/workflows/dockerhub-backend.yml
+++ b/.github/workflows/dockerhub-backend.yml
@@ -1,13 +1,12 @@
 name: Build and Push Backend Docker Image (Docker Hub)

 on:
-  push:
-    branches:
-      - main
-      - dockerhub-2
+  pull_request:
+    types:
+      - closed
    paths:
-      - 'server/**'
-      - '.github/workflows/dockerhub-backend.yml'
+      - "server/**"
+      - ".github/workflows/dockerhub-backend.yml"
  workflow_dispatch:

 env:
@@ -17,6 +16,10 @@ env:
 jobs:
  build-and-push:
    runs-on: ubuntu-latest
+    if: |
+      github.event_name == 'workflow_dispatch' ||
+      (github.event.pull_request.merged == true &&
+       startsWith(github.event.pull_request.head.ref, 'release-please--branches--'))

    permissions:
      contents: read
--- a/.github/workflows/dockerhub-frontend.yml
+++ b/.github/workflows/dockerhub-frontend.yml
@@ -1,13 +1,12 @@
 name: Build and Push Frontend Docker Image

 on:
-  push:
-    branches:
-      - main
-      - dockerhub-2
+  pull_request:
+    types:
+      - closed
    paths:
-      - 'www/**'
-      - '.github/workflows/dockerhub-frontend.yml'
+      - "www/**"
+      - ".github/workflows/dockerhub-frontend.yml"
  workflow_dispatch:

 env:
@@ -17,6 +16,10 @@ env:
 jobs:
  build-and-push:
    runs-on: ubuntu-latest
+    if: |
+      github.event_name == 'workflow_dispatch' ||
+      (github.event.pull_request.merged == true &&
+       startsWith(github.event.pull_request.head.ref, 'release-please--branches--'))

    permissions:
      contents: read
@@ -41,6 +44,7 @@ jobs:
            type=ref,event=branch
            type=sha,prefix={{branch}}-
            type=raw,value=latest,enable={{is_default_branch}}
+          github-token: ${{ secrets.GITHUB_TOKEN }}

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
@@ -55,4 +59,12 @@ jobs:
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64
+
+      - name: Trigger Coolify deployment
+        if: success()
+        run: |
+          curl -X POST "${{ secrets.COOLIFY_WEBHOOK_URL }}" \
+            -H "Content-Type: application/json" \
+            -H "Authorization: Bearer ${{ secrets.COOLIFY_WEBHOOK_TOKEN }}" \
+            -f || (echo "Failed to trigger Coolify deployment" && exit 1)