# Build and deploy the solitaire server Docker image. name: Build and Deploy on: push: branches: [master] paths: - 'solitaire_server/**' - 'solitaire_wasm/**' - 'solitaire_web/**' - 'solitaire_sync/**' - 'solitaire_core/**' - 'solitaire_engine/**' - 'Cargo.toml' - 'Cargo.lock' - 'solitaire_server/Dockerfile' - '.gitea/workflows/docker-build.yml' env: REGISTRY: git.aleshym.co IMAGE: git.aleshym.co/funman300/solitaire-server jobs: build-and-push: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 with: # Need full history so we can push the tag-update commit back. fetch-depth: 0 token: ${{ secrets.CI_TOKEN }} - name: Set image tag id: meta run: echo "sha=${GITHUB_SHA::8}" >> "$GITHUB_OUTPUT" - name: Check wasm pkg drift run: | set -euo pipefail BASE_SHA="${{ github.event.before }}" HEAD_SHA="${{ github.sha }}" if [ -n "$BASE_SHA" ] && git cat-file -e "$BASE_SHA^{commit}" 2>/dev/null; then RANGE="$BASE_SHA..$HEAD_SHA" else RANGE="HEAD~1..HEAD" fi CHANGED="$(git diff --name-only "$RANGE")" echo "Changed files:" echo "$CHANGED" if echo "$CHANGED" | grep -Eq '^(solitaire_wasm/|solitaire_core/|Cargo\.toml|Cargo\.lock)$|^(solitaire_wasm/|solitaire_core/)'; then if ! echo "$CHANGED" | grep -Eq '^solitaire_server/web/pkg/solitaire_wasm\.js$|^solitaire_server/web/pkg/solitaire_wasm_bg\.wasm$'; then echo "error: wasm/core/Cargo changed but committed web pkg artifacts are missing." echo "Run: wasm-pack build --target web --out-dir solitaire_server/web/pkg --no-typescript solitaire_wasm" exit 1 fi fi # Hard check: solitaire_web/ is the direct Bevy WASM source — any # change there MUST rebuild canvas_bg.wasm or the binary goes stale. if echo "$CHANGED" | grep -Eq '^solitaire_web/'; then if ! echo "$CHANGED" | grep -Eq '^solitaire_server/web/pkg/canvas_bg\.wasm$'; then echo "error: solitaire_web/ changed but canvas_bg.wasm not updated." echo "Run: ./build_wasm.sh (requires wasm-bindgen-cli + wasm32-unknown-unknown target)" exit 1 fi fi # Advisory notice: solitaire_engine/ and solitaire_core/ changes often # require a Bevy WASM rebuild but are not enforced (formatting-only # commits should not be blocked). if echo "$CHANGED" | grep -Eq '^(solitaire_engine/|solitaire_core/)' && \ ! echo "$CHANGED" | grep -Eq '^solitaire_server/web/pkg/canvas_bg\.wasm$'; then echo "notice: solitaire_engine/core changed without a canvas_bg.wasm rebuild." echo " If the change affects gameplay run ./build_wasm.sh before pushing." fi - name: Log in to Gitea registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ gitea.actor }} password: ${{ secrets.CI_TOKEN }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: driver-opts: network=host - name: Build and push uses: docker/build-push-action@v5 with: context: . file: solitaire_server/Dockerfile push: true tags: | ${{ env.IMAGE }}:${{ steps.meta.outputs.sha }} ${{ env.IMAGE }}:latest cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max - name: Install kustomize run: | curl -sL https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.4.3/kustomize_v5.4.3_linux_amd64.tar.gz | tar xz sudo mv kustomize /usr/local/bin/kustomize - name: Pin image tag and push to deploy branch run: | git config user.email "ci@gitea.local" git config user.name "Gitea CI" # Switch to the deploy branch, creating it from the current HEAD if absent. # Use 'git switch' (branch-only) to avoid ambiguity with the deploy/ directory. if git fetch origin deploy 2>/dev/null; then git switch deploy else git switch -c deploy fi # Update the pinned image tag. cd deploy kustomize edit set image solitaire-server=${{ env.IMAGE }}:${{ steps.meta.outputs.sha }} cd .. git add deploy/kustomization.yaml git diff --cached --quiet && exit 0 git commit -m "chore(deploy): bump image to ${{ steps.meta.outputs.sha }} [skip ci]" git push origin deploy