ClickerZ/.gitea/workflows/deploy.yml

name: CI/CD — Build & Deploy

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  build-and-deploy:
    name: Build & Deploy
    runs-on: vps-runner

    steps:
      - uses: actions/checkout@v4

      # ── Backend ──────────────────────────────────────────────────────────────
      - name: Install backend deps
        working-directory: Backend
        run: npm ci --omit=dev

      - name: Deploy backend
        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
        run: |
          mkdir -p /var/www/clickerz/backend
          rsync -a --delete --exclude=node_modules --exclude=.env Backend/ /var/www/clickerz/backend/
          cd /var/www/clickerz/backend && npm ci --omit=dev

      - name: Restart pm2
        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
        run: |
          su - tetardtek-brain -c 'pm2 reload clickerz-backend --update-env'

      # ── Frontend ─────────────────────────────────────────────────────────────
      - name: Install & build frontend
        working-directory: Frontend
        env:
          VITE_BACKEND_URL: https://clickerz.tetardtek.com
          VITE_OAUTH_URL: https://superoauth.tetardtek.com
          VITE_OAUTH_CLIENT_ID: clickerz
        run: |
          npm ci
          npm run build

      - name: Deploy frontend
        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
        run: |
          mkdir -p /var/www/clickerz/frontend/dist
          rsync -a --delete Frontend/dist/ /var/www/clickerz/frontend/dist/

      # ── Smoke test ───────────────────────────────────────────────────────────
      - name: Smoke test API
        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
        run: |
          sleep 3
          curl -sf http://localhost:3520/api/auth/me 2>&1 | grep -q '401\|session\|Not authenticated'
          echo "✅ API responds OK"