# Gitea Actions CI/CD — build + deploy SOLUTION_ERP lên IIS Windows Server. # Trigger: push vào branch main, hoặc manual. # # Chạy trên Windows self-hosted runner (vì cần IIS + Word COM cho .doc convert optional). # Secrets cần set trong Gitea repo settings: # - IIS_HOST (hostname hoặc IP) # - IIS_USER (Windows user có admin + WinRM) # - IIS_PASSWORD # - JWT_SECRET (64+ chars random — dùng trong appsettings.Production.json) # - DB_CONNECTION (connection string production) name: Deploy SOLUTION_ERP on: push: branches: [main] workflow_dispatch: jobs: build-backend: runs-on: windows-latest steps: - uses: actions/checkout@v4 - name: Setup .NET 10 uses: actions/setup-dotnet@v4 with: dotnet-version: '10.0.x' - name: Restore + Build BE run: | dotnet restore SolutionErp.slnx dotnet build SolutionErp.slnx --no-restore --configuration Release - name: Publish Api run: > dotnet publish src/Backend/SolutionErp.Api/SolutionErp.Api.csproj --no-build --configuration Release --output artifacts/api --runtime win-x64 --self-contained false - uses: actions/upload-artifact@v4 with: name: backend-api path: artifacts/api/ build-fe-admin: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version-file: 'fe-admin/.nvmrc' # pin 20.x (gotcha NamGroup) cache: 'npm' cache-dependency-path: 'fe-admin/package-lock.json' - run: npm ci working-directory: fe-admin - run: npm run build working-directory: fe-admin - uses: actions/upload-artifact@v4 with: name: fe-admin-dist path: fe-admin/dist/ build-fe-user: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version-file: 'fe-user/.nvmrc' cache: 'npm' cache-dependency-path: 'fe-user/package-lock.json' - run: npm ci working-directory: fe-user - run: npm run build working-directory: fe-user - uses: actions/upload-artifact@v4 with: name: fe-user-dist path: fe-user/dist/ deploy-iis: needs: [build-backend, build-fe-admin, build-fe-user] runs-on: windows-latest if: github.ref == 'refs/heads/main' steps: - uses: actions/download-artifact@v4 with: path: artifacts/ - name: Zip artifacts shell: pwsh run: | Compress-Archive -Path artifacts/backend-api/* -DestinationPath api.zip -Force Compress-Archive -Path artifacts/fe-admin-dist/* -DestinationPath fe-admin.zip -Force Compress-Archive -Path artifacts/fe-user-dist/* -DestinationPath fe-user.zip -Force - name: Copy + deploy via WinRM shell: pwsh env: IIS_HOST: ${{ secrets.IIS_HOST }} IIS_USER: ${{ secrets.IIS_USER }} IIS_PASSWORD: ${{ secrets.IIS_PASSWORD }} run: | $secure = ConvertTo-SecureString $env:IIS_PASSWORD -AsPlainText -Force $cred = New-Object PSCredential($env:IIS_USER, $secure) $session = New-PSSession -ComputerName $env:IIS_HOST -Credential $cred Copy-Item -Path api.zip, fe-admin.zip, fe-user.zip -Destination "C:\Deploy\" -ToSession $session Invoke-Command -Session $session -ScriptBlock { & C:\Deploy\scripts\deploy-iis.ps1 -Artifact "C:\Deploy\api.zip" -Site "SolutionErpApi" Expand-Archive "C:\Deploy\fe-admin.zip" "C:\inetpub\solution-erp\fe-admin" -Force Expand-Archive "C:\Deploy\fe-user.zip" "C:\inetpub\solution-erp\fe-user" -Force } Remove-PSSession $session