fix: Simplify deployment to build from source instead of using pre-built images

- Remove complex GHCR image pulling logic that was causing deployment failures - Always build containers from source code on production server - Remove unused build job that pushes to container registry - Use docker-compose up -d --build to ensure latest code is built and deployed - This ensures all new features like quarterly confirmations are available in production
2025-09-24 00:13:54 +02:00
parent 126f68ec68
commit d3ed13dda0
1 changed files with 6 additions and 80 deletions
--- a/.github/workflows/ci-cd.yml
+++ b/.github/workflows/ci-cd.yml
@@ -6,10 +6,6 @@ on:
  pull_request:
    branches: [ main ]

-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}
-
 jobs:
  test:
    runs-on: ubuntu-latest
@@ -135,54 +131,8 @@ jobs:
      run: |
        python manage.py collectstatic --noinput

-  build:
-    needs: test
-    runs-on: ubuntu-latest
-    if: github.event_name == 'push'
-    
-    permissions:
-      contents: read
-      packages: write
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    - name: Log in to Container Registry
-      uses: docker/login-action@v3
-      with:
-        registry: ${{ env.REGISTRY }}
-        username: ${{ github.actor }}
-        password: ${{ secrets.GITHUB_TOKEN }}
-
-    - name: Extract metadata
-      id: meta
-      uses: docker/metadata-action@v5
-      with:
-        images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-        tags: |
-          type=ref,event=branch
-          type=ref,event=pr
-          type=sha,prefix={{branch}}-
-
-    - name: Build and push Docker images
-      uses: docker/build-push-action@v5
-      with:
-        context: ./app
-        push: true
-        tags: ${{ steps.meta.outputs.tags }}
-        labels: ${{ steps.meta.outputs.labels }}
-
-    - name: Build and push Paperless image
-      uses: docker/build-push-action@v5
-      with:
-        context: ./paperless
-        push: true
-        tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-paperless:latest
-        labels: ${{ steps.meta.outputs.labels }}
-
  deploy:
-    needs: build
+    needs: test
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/main'  # Auto-deploy when pushing to main branch
    
@@ -193,13 +143,11 @@ jobs:
      uses: appleboy/ssh-action@v1.0.3
      env:
        DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        GITHUB_ACTOR: ${{ github.actor }}
      with:
        host: ${{ secrets.PROD_HOST }}
        username: ${{ secrets.PROD_USERNAME }}
        key: ${{ secrets.PROD_SSH_KEY }}
-        envs: DEPLOY_TOKEN,GITHUB_TOKEN,GITHUB_ACTOR
+        envs: DEPLOY_TOKEN
        script: |
          cd /opt/stiftung
          
@@ -225,39 +173,17 @@ jobs:
          # No need to copy from deploy-production since we use compose.yml directly
          echo "Using main compose.yml for production deployment"
          
-          # Try to login to GitHub Container Registry and pull images
-          echo "Attempting to pull images from GitHub Container Registry..."
-          if echo $DEPLOY_TOKEN | docker login ghcr.io -u remmerinio --password-stdin; then
-            echo "✅ Successfully logged into GHCR"
-            if docker-compose -f compose.yml pull web worker beat paperless; then
-              echo "✅ Successfully pulled web and paperless images from GHCR"
-              USE_REMOTE_IMAGES=true
-            else
-              echo "⚠️ Failed to pull images from GHCR, will build locally"
-              USE_REMOTE_IMAGES=false
-            fi
-          else
-            echo "⚠️ Failed to login to GHCR, will build locally"
-            USE_REMOTE_IMAGES=false
-          fi
-          
-          # Pull other standard images (redis, postgres, grampsweb)
+          # Pull standard images (redis, postgres, grampsweb) but build our app from source
          echo "Pulling standard Docker images..."
          docker-compose -f compose.yml pull db redis grampsweb || echo "Some standard images failed to pull, will use cached versions"
          
-          # If we couldn't pull from GHCR, build locally
-          if [ "$USE_REMOTE_IMAGES" = "false" ]; then
-            echo "🔨 Building images locally from source code..."
-            docker build -t ghcr.io/remmerinio/stiftung-management-system:latest ./app
-            docker build -t ghcr.io/remmerinio/stiftung-management-system-paperless:latest ./paperless
-          fi
-          
          # Stop containers and clean up
          docker-compose -f compose.yml down
          docker system prune -f
          
-          # Start containers with latest images
-          docker-compose -f compose.yml up -d --no-build
+          # Build and start containers from source code
+          echo "🔨 Building and starting containers from source code..."
+          docker-compose -f compose.yml up -d --build
          
          # Wait for containers to be ready
          echo "Waiting for containers to start..."