feat: improve CI/CD workflows and code quality checks

- ci.yml: fix workflow_dispatch (was missing options), add pull_request trigger - deploy.yml: add dry_run option for safe testing deployments - Makefile: improve code quality targets to include bots subdirectories - docker-compose.yml: clean up telegram-bot env vars (use env_file) Made-with: Cursor
2026-03-01 01:01:54 +03:00
parent e35415d3d1
commit 7d12bebb6e
4 changed files with 83 additions and 54 deletions
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -16,6 +16,14 @@ on:
        description: 'Commit hash to rollback to (optional, uses last successful if empty)'
        required: false
        type: string
+      dry_run:
+        description: 'Dry run (only for deploy — no SSH, only show planned steps)'
+        required: false
+        type: choice
+        default: 'no'
+        options:
+          - 'no'
+          - 'yes'

 jobs:
  deploy:
@@ -24,6 +32,8 @@ jobs:
    if: |
      github.event_name == 'push' || 
      (github.event_name == 'workflow_dispatch' && github.event.inputs.action == 'deploy')
+    env:
+      DRY_RUN: ${{ github.event.inputs.dry_run == 'yes' }}
    concurrency:
      group: production-deploy
      cancel-in-progress: false
@@ -36,7 +46,25 @@ jobs:
        with:
          ref: main
      
+      - name: Dry run (simulate deploy steps)
+        if: github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'yes'
+        run: |
+          echo "🔍 DRY RUN — no SSH, no changes on server"
+          echo "Would run on server:"
+          echo "  1. cd /home/prod"
+          echo "  2. CURRENT_COMMIT + history; git fetch origin main && git reset --hard origin/main"
+          echo "  3. docker-compose config (validate)"
+          echo "  4. docker-compose stop prometheus grafana uptime-kuma alertmanager"
+          echo "  5. docker-compose build --pull prometheus grafana uptime-kuma alertmanager"
+          echo "  6. docker-compose up -d prometheus grafana uptime-kuma alertmanager"
+          echo ""
+          echo "Secrets/vars required: SERVER_HOST, SERVER_USER, SSH_PRIVATE_KEY, SSH_PORT"
+          if [ -f docker-compose.yml ]; then
+            echo "✅ docker-compose.yml present in repo (validation would run on server)"
+          fi
+      
      - name: Deploy to server
+        if: github.event_name != 'workflow_dispatch' || github.event.inputs.dry_run != 'yes'
        uses: appleboy/ssh-action@v1.0.0
        with:
          host: ${{ vars.SERVER_HOST || secrets.SERVER_HOST }}
@@ -105,7 +133,7 @@ jobs:
            echo "✅ Infrastructure containers rebuilt and started (bots remain running)"
      
      - name: Update deploy history
-        if: always()
+        if: always() && env.DRY_RUN != 'true'
        uses: appleboy/ssh-action@v1.0.0
        with:
          host: ${{ vars.SERVER_HOST || secrets.SERVER_HOST }}
@@ -126,7 +154,7 @@ jobs:
            fi
      
      - name: Send deployment notification
-        if: always()
+        if: always() && env.DRY_RUN != 'true'
        uses: appleboy/telegram-action@v1.0.0
        with:
          to: ${{ secrets.TELEGRAM_CHAT_ID }}