feat: PKCE auth + CI/CD deploy
Some checks failed
CI/CD — Build & Deploy / Build & Deploy (push) Failing after 25s
Some checks failed
CI/CD — Build & Deploy / Build & Deploy (push) Failing after 25s
- Frontend: PKCE flow (oauth.js, api.js centralized, cookie-based AuthContext) - Backend: token introspection, cookies httpOnly, refresh endpoint - Replaced localStorage JWT with httpOnly session cookies - useSaveSync migrated to cookie auth - cookie-parser added - Gitea CI workflow (vps-runner pattern)
This commit is contained in:
57
.gitea/workflows/deploy.yml
Normal file
57
.gitea/workflows/deploy.yml
Normal file
@@ -0,0 +1,57 @@
|
||||
name: CI/CD — Build & Deploy
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: [main]
|
||||
|
||||
jobs:
|
||||
build-and-deploy:
|
||||
name: Build & Deploy
|
||||
runs-on: vps-runner
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
# ── Backend ──────────────────────────────────────────────────────────────
|
||||
- name: Install backend deps
|
||||
working-directory: Backend
|
||||
run: npm ci --omit=dev
|
||||
|
||||
- name: Deploy backend
|
||||
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
||||
run: |
|
||||
mkdir -p /var/www/clickerz/backend
|
||||
rsync -a --delete --exclude=node_modules --exclude=.env Backend/ /var/www/clickerz/backend/
|
||||
cd /var/www/clickerz/backend && npm ci --omit=dev
|
||||
|
||||
- name: Restart pm2
|
||||
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
||||
run: |
|
||||
su - tetardtek-brain -c 'pm2 reload clickerz-backend --update-env'
|
||||
|
||||
# ── Frontend ─────────────────────────────────────────────────────────────
|
||||
- name: Install & build frontend
|
||||
working-directory: Frontend
|
||||
env:
|
||||
VITE_BACKEND_URL: https://clickerz.tetardtek.com
|
||||
VITE_OAUTH_URL: https://superoauth.tetardtek.com
|
||||
VITE_OAUTH_CLIENT_ID: clickerz
|
||||
run: |
|
||||
npm ci
|
||||
npm run build
|
||||
|
||||
- name: Deploy frontend
|
||||
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
||||
run: |
|
||||
mkdir -p /var/www/clickerz/frontend/dist
|
||||
rsync -a --delete Frontend/dist/ /var/www/clickerz/frontend/dist/
|
||||
|
||||
# ── Smoke test ───────────────────────────────────────────────────────────
|
||||
- name: Smoke test API
|
||||
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
||||
run: |
|
||||
sleep 3
|
||||
curl -sf http://localhost:3520/api/auth/me 2>&1 | grep -q '401\|session\|Not authenticated'
|
||||
echo "✅ API responds OK"
|
||||
Reference in New Issue
Block a user