From c3b75a0eb7a9402ea184817fd08f09dc6c1e2617 Mon Sep 17 00:00:00 2001
From: Andrey <j3tears100@gmail.com>
Date: Sun, 1 Mar 2026 00:03:31 +0300
Subject: [PATCH] fix deploy

---
 .github/workflows/deploy.yml | 41 +++++++++++++++++++++++++++++-------
 1 file changed, 33 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 98d39eb..a1dbc1c 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -16,6 +16,11 @@ on:
         description: 'Commit hash to rollback to (optional, uses last successful if empty)'
         required: false
         type: string
+      dry_run:
+        description: 'Dry run (deploy only — no SSH, just show what would run)'
+        required: false
+        type: boolean
+        default: false
 
 jobs:
   deploy:
@@ -24,6 +29,8 @@ jobs:
     if: |
       github.event_name == 'push' || 
       (github.event_name == 'workflow_dispatch' && github.event.inputs.action == 'deploy')
+    env:
+      DRY_RUN: ${{ github.event.inputs.dry_run == 'true' }}
     concurrency:
       group: production-deploy-telegram-helper-bot
       cancel-in-progress: false
@@ -35,8 +42,27 @@ jobs:
         uses: actions/checkout@v4
         with:
           ref: main
+
+      - name: Dry run (simulate deploy steps)
+        if: github.event_name == 'workflow_dispatch' && github.event.inputs.dry_run == 'true'
+        run: |
+          echo "🔍 DRY RUN — no SSH, no changes on server"
+          echo "Would run on server:"
+          echo "  1. cd /home/prod/bots/telegram-helper-bot"
+          echo "  2. CURRENT_COMMIT=\$(git rev-parse HEAD); write to .deploy_history_telegram_helper_bot.txt"
+          echo "  3. git fetch origin main && git reset --hard origin/main"
+          echo "  4. python3 scripts/apply_migrations.py --db ... (if DB exists)"
+          echo "  5. docker-compose -f /home/prod/docker-compose.yml config (validate)"
+          echo "  6. docker-compose stop telegram-bot; build --pull telegram-bot; up -d telegram-bot"
+          echo "  7. sleep 10; check container bots_telegram_bot"
+          echo ""
+          echo "Secrets/vars required: SERVER_HOST, SERVER_USER, SSH_PRIVATE_KEY, SSH_PORT, TELEGRAM_BOT_TOKEN, TELEGRAM_TEST_BOT_TOKEN"
+          if [ -f docker-compose.yml ]; then
+            echo "✅ docker-compose.yml present in repo (validation would run on server from /home/prod)"
+          fi
       
       - name: Deploy to server
+        if: github.event_name != 'workflow_dispatch' || github.event.inputs.dry_run != 'true'
         uses: appleboy/ssh-action@v1.0.0
         with:
           host: ${{ vars.SERVER_HOST || secrets.SERVER_HOST }}
@@ -50,9 +76,10 @@ jobs:
             
             echo "🚀 Starting deployment to production..."
             
-            cd /home/prod
+            sudo chown -R deploy:deploy /home/prod/bots/telegram-helper-bot || true
+            cd /home/prod/bots/telegram-helper-bot
             
-            # Сохраняем информацию о коммите
+            # Сохраняем информацию о коммите (до pull) — из репо telegram-helper-bot
             CURRENT_COMMIT=$(git rev-parse HEAD)
             COMMIT_MESSAGE=$(git log -1 --pretty=format:"%s" || echo "Unknown")
             COMMIT_AUTHOR=$(git log -1 --pretty=format:"%an" || echo "Unknown")
@@ -70,8 +97,6 @@ jobs:
             
             # Обновляем код
             echo "📥 Pulling latest changes from main..."
-            sudo chown -R deploy:deploy /home/prod/bots/telegram-helper-bot || true
-            cd /home/prod/bots/telegram-helper-bot
             git fetch origin main
             git reset --hard origin/main
             sudo chown -R deploy:deploy /home/prod/bots/telegram-helper-bot || true
@@ -134,7 +159,7 @@ jobs:
             fi
       
       - name: Update deploy history
-        if: always()
+        if: always() && env.DRY_RUN != 'true'
         uses: appleboy/ssh-action@v1.0.0
         with:
           host: ${{ vars.SERVER_HOST || secrets.SERVER_HOST }}
@@ -155,7 +180,7 @@ jobs:
             fi
       
       - name: Send deployment notification
-        if: always()
+        if: always() && env.DRY_RUN != 'true'
         uses: appleboy/telegram-action@v1.0.0
         with:
           to: ${{ secrets.TELEGRAM_CHAT_ID }}
@@ -174,7 +199,7 @@ jobs:
         continue-on-error: true
       
       - name: Get PR body from merged PR
-        if: job.status == 'success' && github.event_name == 'push'
+        if: job.status == 'success' && github.event_name == 'push' && env.DRY_RUN != 'true'
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
@@ -209,7 +234,7 @@ jobs:
         continue-on-error: true
       
       - name: Send PR body to important logs
-        if: job.status == 'success' && github.event_name == 'push' && env.PR_BODY != ''
+        if: job.status == 'success' && github.event_name == 'push' && env.DRY_RUN != 'true' && env.PR_BODY != ''
         uses: appleboy/telegram-action@v1.0.0
         with:
           to: ${{ secrets.IMPORTANT_LOGS_CHAT }}