name: CI/CD — Build & Deploy on: push: branches: [main] pull_request: branches: [main] jobs: build-and-deploy: name: Build & Deploy runs-on: vps-runner steps: - uses: actions/checkout@v4 # ── Backend ────────────────────────────────────────────────────────────── - name: Install & build backend working-directory: backend run: | npm ci npm run build - name: Deploy backend if: github.event_name == 'push' && github.ref == 'refs/heads/main' run: | mkdir -p /var/www/originsdigital/backend rsync -a --delete backend/dist/ /var/www/originsdigital/backend/dist/ rsync -a backend/package.json backend/package-lock.json /var/www/originsdigital/backend/ cd /var/www/originsdigital/backend && npm ci --omit=dev - name: Restart pm2 if: github.event_name == 'push' && github.ref == 'refs/heads/main' run: | su - tetardtek-brain -c 'pm2 reload originsdigital-backend --update-env' # ── Frontend ───────────────────────────────────────────────────────────── - name: Install & build frontend working-directory: frontend env: VITE_API_URL: ${{ secrets.VITE_API_URL }} VITE_SUPEROAUTH_URL: ${{ secrets.VITE_SUPEROAUTH_URL }} VITE_OAUTH_URL: ${{ secrets.VITE_SUPEROAUTH_URL }} VITE_OAUTH_CLIENT_ID: origins run: | npm ci npm run build - name: Deploy frontend if: github.event_name == 'push' && github.ref == 'refs/heads/main' run: | mkdir -p /var/www/originsdigital/frontend/dist rsync -a --delete frontend/dist/ /var/www/originsdigital/frontend/dist/ # ── Smoke test ─────────────────────────────────────────────────────────── - name: Smoke test API if: github.event_name == 'push' && github.ref == 'refs/heads/main' run: | sleep 3 curl -sf http://localhost:4001/api/health | grep -q '"ok"' echo "✅ API health OK"