From 1b95fd9e5511e646d490850d1f09d5a378b2d4db Mon Sep 17 00:00:00 2001
From: vigdorov <n.vigdorov@yandex.ru>
Date: Thu, 15 Jan 2026 12:20:29 +0300
Subject: [PATCH] fix CI for template

---
 .drone.yml | 125 ++++++++++++++++++++++++++++-------------------------
 1 file changed, 66 insertions(+), 59 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 001f235..106534b 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -70,30 +70,6 @@ steps:
       from_secret: HARBOR_PASSWORD
     no_push_metadata: true
 
-# --- Сборка Keycloak темы (только при изменениях в keycloak-theme/) ---
-- name: build-keycloak-theme
-  image: plugins/kaniko
-  when:
-    changeset:
-      includes:
-        - keycloak-theme/**
-      excludes:
-        - keycloak-theme/README.md
-        - keycloak-theme/**/*.md
-  settings:
-    registry: registry.vigdorov.ru
-    repo: registry.vigdorov.ru/library/keycloak-team-planner
-    dockerfile: keycloak-theme/Dockerfile
-    context: keycloak-theme
-    tags:
-      - ${DRONE_COMMIT_SHA:0:7}
-      - "26.5.0"
-      - latest
-    username:
-      from_secret: HARBOR_USER
-    password:
-      from_secret: HARBOR_PASSWORD
-    no_push_metadata: true
 
 # ============================================================
 # ДЕПЛОЙ (только после завершения ОБЕИХ сборок)
@@ -219,41 +195,6 @@ steps:
       fi
     - echo "✅ Frontend deployed to PROD (image:$IMAGE_TAG)"
 
-# --- Развертывание Keycloak темы (только при изменениях в keycloak-theme/) ---
-- name: deploy-keycloak-theme
-  image: alpine/k8s:1.28.2
-  depends_on:
-    - build-keycloak-theme
-  when:
-    changeset:
-      includes:
-        - keycloak-theme/**
-      excludes:
-        - keycloak-theme/README.md
-        - keycloak-theme/**/*.md
-  environment:
-    KUBE_CONFIG_CONTENT:
-      from_secret: KUBE_CONFIG
-  commands:
-    - mkdir -p ~/.kube
-    - echo "$KUBE_CONFIG_CONTENT" > ~/.kube/config
-    - chmod 600 ~/.kube/config
-    - sed -i "s|https://127.0.0.1:6443|https://10.10.10.100:6443|g" ~/.kube/config
-    - export KEYCLOAK_NAMESPACE="auth"
-    - export IMAGE_TAG="${DRONE_COMMIT_SHA:0:7}"
-    - export KEYCLOAK_IMAGE="registry.vigdorov.ru/library/keycloak-team-planner:$IMAGE_TAG"
-    - kubectl cluster-info
-    - kubectl set image statefulset/keycloak-keycloakx keycloak=$KEYCLOAK_IMAGE -n $KEYCLOAK_NAMESPACE
-    - echo "📋 Waiting for rollout..."
-    - |
-      if ! kubectl rollout status statefulset/keycloak-keycloakx -n $KEYCLOAK_NAMESPACE --timeout=180s; then
-        echo "❌ Rollout failed! Collecting diagnostics..."
-        kubectl get pods -n $KEYCLOAK_NAMESPACE -l app.kubernetes.io/name=keycloakx -o wide
-        kubectl describe statefulset keycloak-keycloakx -n $KEYCLOAK_NAMESPACE
-        exit 1
-      fi
-    - echo "✅ Keycloak theme deployed (image:$IMAGE_TAG)"
-
 ---
 kind: pipeline
 type: kubernetes
@@ -324,3 +265,69 @@ steps:
     - kubectl apply -n $APP_NAMESPACE -f k8s/frontend-service.yaml
     - sed -e "s|__HOSTNAME__|$HOSTNAME|g" -e "s|__SECRET_NAME__|$SECRET_NAME|g" k8s/ingress.yaml | kubectl apply -n $APP_NAMESPACE -f -
     - echo "✅ Infrastructure updated"
+
+---
+kind: pipeline
+type: kubernetes
+name: keycloak-theme-pipeline
+
+# Триггер: запускать ТОЛЬКО при изменениях в keycloak-theme/
+trigger:
+  branch:
+    - main
+    - master
+  event:
+    - push
+  paths:
+    include:
+      - keycloak-theme/**
+    exclude:
+      - keycloak-theme/README.md
+      - keycloak-theme/**/*.md
+
+steps:
+# --- Сборка Keycloak темы ---
+- name: build-keycloak-theme
+  image: plugins/kaniko
+  settings:
+    registry: registry.vigdorov.ru
+    repo: registry.vigdorov.ru/library/keycloak-team-planner
+    dockerfile: keycloak-theme/Dockerfile
+    context: keycloak-theme
+    tags:
+      - ${DRONE_COMMIT_SHA:0:7}
+      - "26.5.0"
+      - latest
+    username:
+      from_secret: HARBOR_USER
+    password:
+      from_secret: HARBOR_PASSWORD
+    no_push_metadata: true
+
+# --- Развертывание Keycloak темы ---
+- name: deploy-keycloak-theme
+  image: alpine/k8s:1.28.2
+  depends_on:
+    - build-keycloak-theme
+  environment:
+    KUBE_CONFIG_CONTENT:
+      from_secret: KUBE_CONFIG
+  commands:
+    - mkdir -p ~/.kube
+    - echo "$KUBE_CONFIG_CONTENT" > ~/.kube/config
+    - chmod 600 ~/.kube/config
+    - sed -i "s|https://127.0.0.1:6443|https://10.10.10.100:6443|g" ~/.kube/config
+    - export KEYCLOAK_NAMESPACE="auth"
+    - export IMAGE_TAG="${DRONE_COMMIT_SHA:0:7}"
+    - export KEYCLOAK_IMAGE="registry.vigdorov.ru/library/keycloak-team-planner:$IMAGE_TAG"
+    - kubectl cluster-info
+    - kubectl set image statefulset/keycloak-keycloakx keycloak=$KEYCLOAK_IMAGE -n $KEYCLOAK_NAMESPACE
+    - echo "📋 Waiting for rollout..."
+    - |
+      if ! kubectl rollout status statefulset/keycloak-keycloakx -n $KEYCLOAK_NAMESPACE --timeout=180s; then
+        echo "❌ Rollout failed! Collecting diagnostics..."
+        kubectl get pods -n $KEYCLOAK_NAMESPACE -l app.kubernetes.io/name=keycloakx -o wide
+        kubectl describe statefulset keycloak-keycloakx -n $KEYCLOAK_NAMESPACE
+        exit 1
+      fi
+    - echo "✅ Keycloak theme deployed (image:$IMAGE_TAG)"