Merge pull request 'build' (#10 ) from build into dev

Reviewed-on: #10
fix: restrict build workflow to trigger only on master branch
2025-11-30 04:47:42 +00:00 · 2025-11-30 09:46:58 +05:00 · 2025-11-30 00:33:50 +05:00 · 2025-11-30 00:30:44 +05:00 · 2025-11-30 00:26:44 +05:00 · 2025-11-30 00:18:19 +05:00
5 changed files with 186 additions and 0 deletions
--- a/.gitea/workflows/build.yml
+++ b/.gitea/workflows/build.yml
@ -0,0 +1,59 @@
+name: Build and deploy
+
+on:
+  push:
+    branches:
+      - master
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Login to registry
+        run: echo "${{ secrets.TOKEN }}" | docker login ${{ secrets.GIT_HOST }} -u ${{ secrets.USERNAME }} --password-stdin
+
+      - name: Build and push app
+        run: |
+          docker build -t ${{ secrets.GIT_HOST }}/${{ gitea.repository }}:app -f app/Dockerfile .
+          docker push ${{ secrets.GIT_HOST }}/${{ gitea.repository }}:app
+
+      - name: Build and push migrations image
+        run: |
+          docker build -t ${{ secrets.GIT_HOST }}/${{ gitea.repository }}:migrations -f migrations/Dockerfile .
+          docker push ${{ secrets.GIT_HOST }}/${{ gitea.repository }}:migrations
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install SSH key
+        uses: webfactory/ssh-agent@v0.9.0
+        with:
+          ssh-private-key: ${{ secrets.DEPLOY_SSH_KEY }}
+
+      - name: Add host to known_hosts
+        run: ssh-keyscan -H ${{ secrets.LXC_HOST }} >> ~/.ssh/known_hosts
+      
+      - name: Create remote deployment directory
+        run: ssh ${{ secrets.LXC_USER }}@${{ secrets.LXC_HOST }} "mkdir -p /srv/app"
+
+      - name: Deploy docker-compose-ci.yml
+        run: scp docker-compose-ci.yml ${{ secrets.LXC_USER }}@${{ secrets.LXC_HOST }}:/srv/app/docker-compose.yml
+      
+      - name: Restart services
+        run: |
+          ssh ${{ secrets.LXC_USER }}@${{ secrets.LXC_HOST }} << 'EOF'
+            echo "${{ secrets.TOKEN }}" | docker login ${{ secrets.GIT_HOST }} -u ${{ secrets.USERNAME }} --password-stdin
+            docker pull ${{ secrets.GIT_HOST }}/${{ gitea.repository }}:app
+            docker pull ${{ secrets.GIT_HOST }}/${{ gitea.repository }}:migrations
+            cd /srv/app
+            docker compose up -d --force-recreate
+            docker image prune -f
+          EOF
--- a/app/main.py
+++ b/app/main.py
@ -10,6 +10,8 @@ from app.api.routes import api_router
 from app.core.cache import init_cache, shutdown_cache
 from app.core.config import settings
 from app.core.middleware.cache_monitor import CacheAvailabilityMiddleware
+from fastapi.middleware.cors import CORSMiddleware
+


 def create_app() -> FastAPI:
@ -25,6 +27,13 @@ def create_app() -> FastAPI:
    application = FastAPI(title=settings.project_name, version=settings.version, lifespan=lifespan)
    application.include_router(api_router)
    application.add_middleware(CacheAvailabilityMiddleware)
+    application.add_middleware(
+        CORSMiddleware,
+        allow_origins=["https://kitchen-crm.k1nq.tech", "http://192.168.31.51"],
+        allow_credentials=True,
+        allow_methods=["*"],  # Разрешить все HTTP-методы
+        allow_headers=["*"],  # Разрешить все заголовки
+    )
    return application


--- a/docker-compose-ci.yml
+++ b/docker-compose-ci.yml
@ -0,0 +1,91 @@
+services:
+  app:
+    image: ${GIT_HOST}/${GIT_USER}/${GIT_REPO}:app
+    restart: unless-stopped
+    command: uvicorn app.main:app --host 0.0.0.0 --port 8000
+    env_file:
+      - .env
+    environment:
+      PROJECT_NAME: ${PROJECT_NAME}
+      VERSION: ${VERSION}
+      API_V1_PREFIX: ${API_V1_PREFIX}
+      DB_HOST: postgres
+      DB_PORT: ${DB_PORT}
+      DB_NAME: ${DB_NAME}
+      DB_USER: ${DB_USER}
+      DB_PASSWORD: ${DB_PASSWORD}
+      SQLALCHEMY_ECHO: ${SQLALCHEMY_ECHO}
+      JWT_SECRET_KEY: ${JWT_SECRET_KEY}
+      JWT_ALGORITHM: ${JWT_ALGORITHM}
+      ACCESS_TOKEN_EXPIRE_MINUTES: ${ACCESS_TOKEN_EXPIRE_MINUTES}
+      REFRESH_TOKEN_EXPIRE_DAYS: ${REFRESH_TOKEN_EXPIRE_DAYS}
+      REDIS_ENABLED: ${REDIS_ENABLED}
+      REDIS_URL: redis://redis:6379/0
+      ANALYTICS_CACHE_TTL_SECONDS: ${ANALYTICS_CACHE_TTL_SECONDS}
+      ANALYTICS_CACHE_BACKOFF_MS: ${ANALYTICS_CACHE_BACKOFF_MS}
+    ports:
+      - "80:8000"
+    healthcheck:
+      test: ["CMD", "wget", "-qO-", "http://localhost:8000/health"]
+      interval: 30s
+      timeout: 5s
+      retries: 5
+      start_period: 10s
+    depends_on:
+      postgres:
+        condition: service_started
+      redis:
+        condition: service_started
+      migrations:
+        condition: service_completed_successfully
+
+  migrations:
+    image: ${GIT_HOST}/${GIT_USER}/${GIT_REPO}:migrations
+    restart: "no"
+    env_file:
+      - .env
+    environment:
+      DB_HOST: postgres
+      REDIS_URL: redis://redis:6379/0
+    depends_on:
+      postgres:
+        condition: service_started
+
+  postgres:
+    image: postgres:16-alpine
+    environment:
+      POSTGRES_DB: ${DB_NAME}
+      POSTGRES_USER: ${DB_USER}
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+    ports:
+      - "5432:5432"
+    volumes:
+      - /mnt/data/postgres:/var/lib/postgresql/data
+    restart: unless-stopped
+    healthcheck:
+      test:
+        [
+          "CMD",
+          "pg_isready",
+          "-U",
+          "${DB_USER}",
+          "-d",
+          "${DB_NAME}",
+        ]
+      interval: 30s
+      timeout: 5s
+      retries: 5
+      start_period: 10s
+
+  redis:
+    image: redis:7-alpine
+    command: redis-server --save "" --appendonly no
+    restart: unless-stopped
+    ports:
+      - "6379:6379"
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 30s
+      timeout: 5s
+      retries: 5
+      start_period: 5s
--- a/docker-compose-dev.yml
+++ b/docker-compose-dev.yml
--- a/migrations/Dockerfile
+++ b/migrations/Dockerfile
@ -0,0 +1,27 @@
+# syntax=docker/dockerfile:1.7
+
+FROM ghcr.io/astral-sh/uv:python3.14-alpine AS builder
+WORKDIR /opt/app
+
+COPY pyproject.toml uv.lock ./
+RUN uv sync --frozen --no-dev
+
+COPY app ./app
+COPY migrations ./migrations
+COPY alembic.ini .
+
+FROM python:3.14-alpine AS runtime
+
+ENV PYTHONUNBUFFERED=1 PYTHONDONTWRITEBYTECODE=1
+ENV PATH="/opt/app/.venv/bin:${PATH}"
+
+WORKDIR /opt/app
+
+RUN apk add --no-cache libpq
+
+COPY --from=builder /opt/app/.venv /opt/app/.venv
+COPY --from=builder /opt/app/app ./app
+COPY --from=builder /opt/app/migrations ./migrations
+COPY --from=builder /opt/app/alembic.ini .
+
+ENTRYPOINT ["alembic", "upgrade", "head"]
Author	SHA1	Message	Date
k1nq	c58a08bc9c	Merge pull request 'build' (#10 ) from build into dev Test / test (push) Successful in 15s Details Test / test (pull_request) Successful in 15s Details Reviewed-on: #10	2025-11-30 04:47:42 +00:00
k1nq	4956039ae8	fix: restrict build workflow to trigger only on master branch Test / test (pull_request) Successful in 17s Details	2025-11-30 09:46:58 +05:00
k1nq	2fcf75b859	fix: add healthcheck configurations for app, postgres, and redis services in docker-compose Build and deploy / build (push) Successful in 11s Details Build and deploy / deploy (push) Successful in 17s Details	2025-11-30 00:33:50 +05:00
k1nq	373b42768c	fix: update Dockerfile to set correct working directory for migrations Build and deploy / build (push) Successful in 18s Details Build and deploy / deploy (push) Successful in 17s Details	2025-11-30 00:30:44 +05:00
k1nq	755547b7bf	fix: replace postgresql-libs with libpq in Dockerfile and streamline file copying Build and deploy / build (push) Failing after 11s Details Build and deploy / deploy (push) Has been skipped Details	2025-11-30 00:26:44 +05:00
k1nq	0e48023258	fix: add migrations service to docker-compose and update build workflow for migrations image Build and deploy / build (push) Successful in 20s Details Build and deploy / deploy (push) Successful in 15s Details	2025-11-30 00:18:19 +05:00
k1nq	ef6b6d598e	fix: add restart policy and volume mapping for postgres and redis services in docker-compose Build and deploy / build (push) Successful in 10s Details Build and deploy / deploy (push) Successful in 15s Details	2025-11-30 00:03:21 +05:00
k1nq	82812ecf72	fix: correct middleware reference in FastAPI application setup Build and deploy / build (push) Successful in 6s Details Test / test (push) Successful in 15s Details Build and deploy / deploy (push) Successful in 11s Details	2025-11-29 23:58:53 +05:00
k1nq	03831499ca	fix: add CORS middleware to allow specific origins and methods Build and deploy / build (push) Successful in 11s Details Test / test (push) Failing after 11s Details Build and deploy / deploy (push) Successful in 12s Details	2025-11-29 23:57:50 +05:00
k1nq	31d1d8de1e	fix: update port mapping for app service in docker-compose configuration Build and deploy / build (push) Successful in 10s Details Build and deploy / deploy (push) Successful in 21s Details	2025-11-29 23:36:17 +05:00
k1nq	9083d9d23c	fix: remove unnecessary protocol from image URL in docker-compose configuration Build and deploy / build (push) Successful in 10s Details Build and deploy / deploy (push) Successful in 19s Details	2025-11-29 23:30:17 +05:00
k1nq	4c0b162112	fix: remove unnecessary braces from image URL in docker-compose configuration Build and deploy / build (push) Successful in 10s Details Build and deploy / deploy (push) Successful in 15s Details	2025-11-29 20:02:59 +05:00
k1nq	54de35d403	fix: update deployment step to create directory on remote host Build and deploy / build (push) Successful in 13s Details Build and deploy / deploy (push) Successful in 10s Details	2025-11-29 19:55:41 +05:00
k1nq	1e4bea46c2	fix: add step to create deployment directory in build workflow Build and deploy / build (push) Successful in 10s Details Build and deploy / deploy (push) Failing after 4s Details	2025-11-29 19:38:19 +05:00
k1nq	e1b15f57a0	fix: update build and deploy steps in workflow and refine docker-compose configuration Build and deploy / build (push) Successful in 10s Details Build and deploy / deploy (push) Failing after 4s Details	2025-11-29 19:32:12 +05:00
k1nq	3f071a7f36	fix: correct Docker build context path in build workflow Build and deploy / build (push) Successful in 26s Details	2025-11-29 19:24:56 +05:00
k1nq	d35bc3cc6c	fix: remove colon from 'Restart services' step in build workflow Build and deploy / build (push) Failing after 12s Details Build and deploy / deploy (push) Has been skipped Details	2025-11-29 17:45:10 +05:00
k1nq	b9c77f2766	fix: uncomment branches filter in build workflow trigger	2025-11-29 17:44:34 +05:00
k1nq	276c40ce6c	fix: add missing login step for Docker registry and correct SSH agent version	2025-11-29 12:33:28 +05:00
k1nq	4bdc575892	fix: remove extra spaces in docker push command and SSH key configuration	2025-11-29 12:32:08 +05:00
k1nq	a06a6eb834	fix: correct workflow_dispatch syntax in build configuration	2025-11-29 12:22:13 +05:00
k1nq	ecc23321ba	fix: comment out branches filter in build workflow trigger	2025-11-29 12:20:36 +05:00
k1nq	dc2046cc1a	feat: add CI/CD workflow for building and deploying application with Docker	2025-11-29 12:19:44 +05:00