Commit Graph

6 Commits

Author SHA1 Message Date
Marc Campbell
b537597c95 Switch from GAR to GHCR for container images
- Update docker-compose.yaml to use ghcr.io/replicatedhq/ttlsh-* images
- Simplify CI auth using GITHUB_TOKEN (no GCP credentials needed)
- Update ansible to use docker login for GHCR instead of gcloud
- Remove google.cloud ansible collection (no longer needed for registry)

GHCR is simpler: automatic auth via GITHUB_TOKEN in Actions,
and packages can be made public for pull access on servers.

Signed-off-by: Marc Campbell <marc.e.campbell@gmail.com>
2026-02-03 11:55:06 +00:00
Marc Campbell
4ba01e35fc Fix CI: create empty .env file for docker-compose build
docker-compose.yaml references env_file: .env which is created by
Ansible on the server but doesn't exist in the repo. Create an empty
file during CI build to satisfy the reference.

Signed-off-by: Marc Campbell <marc.e.campbell@gmail.com>
2026-02-03 11:45:31 +00:00
Marc Campbell
fa9959bff1 Target prerelease branch for deployment testing
Temporarily deploy on merge to prerelease branch instead of main.
This allows testing the deploy workflow without requiring PR approval.

TODO: Switch back to main after testing is complete.
Signed-off-by: Marc Campbell <marc.e.campbell@gmail.com>
2026-02-03 11:02:50 +00:00
Marc Campbell
d15a431aab Enable real deploys
- Remove dry run flags
- Build and push images to Artifact Registry
- Run Ansible without --check flag

Deploys will now happen automatically on merge to main.

Signed-off-by: Marc Campbell <marc.e.campbell@gmail.com>
2026-02-03 00:20:42 +00:00
Marc Campbell
233df3c8cb Make workflow dry run only for testing
- Build images but skip push
- Run Ansible with --check flag (no changes made)
- Renamed workflow to indicate dry run mode

This lets us verify credentials and workflow before enabling real deploys.

Signed-off-by: Marc Campbell <marc.e.campbell@gmail.com>
2026-02-02 20:43:42 +00:00
Marc Campbell
48ea9b9f2d Add GitHub Actions workflow for automated deployment
- Triggers on merge to main
- Uses Doppler for secrets management
- Builds and pushes Docker images to GCP Artifact Registry
- Runs Ansible playbook to deploy to production

Required GitHub secrets:
- DOPPLER_TOKEN: Service token for Doppler ttl-sh project
- SSH_PRIVATE_KEY: Private key for SSH access to production server

Signed-off-by: Marc Campbell <marc.e.campbell@gmail.com>
2026-02-02 20:31:20 +00:00