name: Build & Deploy on: push: branches: [main] paths-ignore: ['**.md', 'docs/**'] env: REGISTRY: gitea.agiliton.internal:3000 IMAGE: gitea.agiliton.internal:3000/christian/matrix-ai-agent TARGET_VM: matrix.agiliton.internal DEPLOY_PATH: /opt/matrix-ai-agent jobs: test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v5 with: python-version: '3.11' - name: Install dependencies run: pip install -r requirements.txt -r requirements-test.txt - name: Run tests run: pytest tests/ -v --cov=device_trust --cov-report=term build-and-deploy: needs: [test] runs-on: ubuntu-latest steps: - name: Setup SSH run: | mkdir -p ~/.ssh && chmod 700 ~/.ssh echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -p 2222 gitea-ssh.agiliton.internal >> ~/.ssh/known_hosts 2>/dev/null || true ssh-keyscan -H ${{ env.TARGET_VM }} >> ~/.ssh/known_hosts 2>/dev/null || true - uses: actions/checkout@v4 with: submodules: true - name: Login & Build & Push run: | echo "${{ secrets.REGISTRY_TOKEN }}" | docker login ${{ env.REGISTRY }} -u christian --password-stdin DOCKER_BUILDKIT=1 docker build --pull -t ${{ env.IMAGE }}:latest . docker push ${{ env.IMAGE }}:latest - name: Deploy run: | ssh root@${{ env.TARGET_VM }} << 'EOF' cd ${{ env.DEPLOY_PATH }} && git pull origin main --ff-only 2>/dev/null || true docker pull ${{ env.IMAGE }}:latest docker compose up -d --force-recreate --remove-orphans EOF - name: Smoke test run: | ssh root@${{ env.TARGET_VM }} << 'EOF' sleep 15 docker exec matrix-ai-agent-bot-1 python3 -c " from bot import BOT_USER print(f'Bot user: {BOT_USER}') print('Smoke test passed') " || exit 1 EOF - name: Cleanup if: always() run: docker builder prune -f --filter "until=24h" 2>/dev/null || true