Trez.One
88fe3fdc9a
Gitea Branch PR & Docker Deployment / Check and Create PR (push) Successful in 14s
Gitea Branch PR & Docker Deployment / Generate list of added/modified/deleted services (push) Successful in 9s
Gitea Branch PR & Docker Deployment / Docker Compose Dry Run (push) Failing after 40s
250 lines
9.4 KiB
YAML
250 lines
9.4 KiB
YAML
name: Gitea Branch PR & Docker Deployment
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
branches-ignore:
|
|
- 'main'
|
|
paths:
|
|
- 'docker-compose.misc.yml'
|
|
- 'compose/docker-compose*.yml'
|
|
- '**/pr-docker-deploy.yml'
|
|
|
|
env:
|
|
HC_VAULT_VERSION: '1.20.0'
|
|
TEA_VERSION: '0.10.1'
|
|
|
|
jobs:
|
|
check-and-create-pr:
|
|
if: github.ref != 'refs/heads/main'
|
|
name: Check and Create PR
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 1
|
|
|
|
- name: Cache tea CLI
|
|
id: cache-tea
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: /opt/hostedtoolcache/tea/${{ env.TEA_VERSION }}/x64
|
|
key: tea-${{ runner.os }}-${{ env.TEA_VERSION }}
|
|
|
|
- name: Install tea
|
|
uses: supplypike/setup-bin@v4
|
|
with:
|
|
uri: https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64
|
|
name: tea
|
|
version: ${{ env.TEA_VERSION }}
|
|
|
|
- name: Gotify Notification
|
|
uses: eikendev/gotify-action@master
|
|
with:
|
|
gotify_api_base: '${{ secrets.GOTIFY_URL }}'
|
|
gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}'
|
|
notification_title: 'GITEA: PR Check'
|
|
notification_message: 'Checking for existing PR... 🔍'
|
|
|
|
- name: Check if open PR exists
|
|
id: check-opened-pr-step
|
|
continue-on-error: true
|
|
run: |
|
|
tea login add --name gitea-rinoa --url "${{ secrets.BDIKTA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
|
|
pr_exists=$(tea pr list --repo ${{ github.repository }} --state open --fields index,title,head | egrep '\[DOCKER\].*${{ github.ref_name }}' | tail -1 | wc -l)
|
|
echo "exists=$pr_exists" >> $GITHUB_OUTPUT
|
|
|
|
- name: Create PR
|
|
if: ${{ steps.check-opened-pr-step.outputs.exists == '0' }}
|
|
run: |
|
|
tea login default gitea-rinoa
|
|
pr_index_old=$(tea pr ls --repo ${{ github.repository }} --state all --fields index,title,head --output csv | sed -e 's|"||g' | egrep '^[0-9]' | head -1 | awk -F"," '{print $1}')
|
|
pr_index_new=$(expr ${pr_index_old} + 1)
|
|
tea pr c -r ${{ github.repository }} -t "[DOCKER] Automated PR for ${{ github.ref_name }} - #${pr_index_new}" -d "Automatically created PR for branch: ${{ github.ref_name }}" -a ${{ github.actor }} -L "Docker Compose"
|
|
|
|
- name: Gotify Notification
|
|
uses: eikendev/gotify-action@master
|
|
with:
|
|
gotify_api_base: '${{ secrets.GOTIFY_URL }}'
|
|
gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}'
|
|
notification_title: 'GITEA: PR Check'
|
|
notification_message: 'PR Created 🎟️'
|
|
|
|
generate-service-list:
|
|
name: Generate list of added/modified/deleted services
|
|
runs-on: ubuntu-latest
|
|
needs: [check-and-create-pr]
|
|
outputs:
|
|
svc_deploy_list: ${{ steps.detect_services.outputs.docker_svc_list }}
|
|
steps:
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Fetch base branch
|
|
run: |
|
|
git fetch origin ${{ github.event.pull_request.base.ref }}
|
|
|
|
- name: Gotify Notification
|
|
uses: eikendev/gotify-action@master
|
|
with:
|
|
gotify_api_base: '${{ secrets.GOTIFY_URL }}'
|
|
gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}'
|
|
notification_title: 'GITEA: Services TBD'
|
|
notification_message: 'Generating list of services to deploy...'
|
|
|
|
- name: Detect added, deleted, and modified services
|
|
id: detect_services
|
|
run: |
|
|
echo "Getting services from main and ${{ github.ref_name }}"
|
|
|
|
# Dynamically find all docker-compose YAML files (root + compose folder)
|
|
COMPOSE_FILES=($(find . -maxdepth 2 -type f -name 'docker-compose*.yml' | sort))
|
|
|
|
echo "Found Compose files:"
|
|
printf '%s\n' "${COMPOSE_FILES[@]}"
|
|
|
|
# Temp files to store all services
|
|
touch services_main_all.txt services_head_all.txt
|
|
|
|
for f in "${COMPOSE_FILES[@]}"; do
|
|
echo "Processing $f"
|
|
|
|
# Create a safe filename by replacing slashes with underscores
|
|
safe_f=$(echo "$f" | sed 's|[./]|_|g')
|
|
|
|
# Fetch main version
|
|
git show origin/main:"$f" > "main_${safe_f}" 2>/dev/null || touch "main_${safe_f}"
|
|
cp "$f" "head_${safe_f}"
|
|
|
|
# Extract services and append to global list
|
|
yq '.services | keys | .[]' "main_${safe_f}" >> services_main_all.txt 2>/dev/null || true
|
|
yq '.services | keys | .[]' "head_${safe_f}" >> services_head_all.txt 2>/dev/null || true
|
|
done
|
|
|
|
# Sort and deduplicate
|
|
sort -u services_main_all.txt -o services_main_all.txt
|
|
sort -u services_head_all.txt -o services_head_all.txt
|
|
|
|
echo "Creating list of modified services..."
|
|
touch service_changes.txt
|
|
|
|
# Added services
|
|
comm -13 services_main_all.txt services_head_all.txt | while read service; do
|
|
echo "$service: added" >> service_changes.txt
|
|
done
|
|
|
|
# Modified services (parallelized)
|
|
comm -12 services_main_all.txt services_head_all.txt | xargs -n1 -P4 -I{} bash -c '
|
|
service="{}"
|
|
modified=0
|
|
for f in "${COMPOSE_FILES[@]}"; do
|
|
safe_f=$(echo "$f" | sed "s|[./]|_|g")
|
|
yq ".services[\"$service\"]" "main_${safe_f}" > tmp_main.yml 2>/dev/null || continue
|
|
yq ".services[\"$service\"]" "head_${safe_f}" > tmp_head.yml 2>/dev/null || continue
|
|
if ! diff -q tmp_main.yml tmp_head.yml > /dev/null; then
|
|
modified=1
|
|
break
|
|
fi
|
|
done
|
|
if [[ $modified -eq 1 ]]; then
|
|
echo "$service: modified" >> service_changes.txt
|
|
fi
|
|
'
|
|
|
|
echo "Detected service changes:"
|
|
cat service_changes.txt
|
|
|
|
mod_svcs=$(cut -d':' -f1 service_changes.txt | sort | uniq)
|
|
echo "docker_svc_list<<EOF" >> "$GITHUB_OUTPUT"
|
|
echo "$mod_svcs" >> "$GITHUB_OUTPUT"
|
|
echo "EOF" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: List of Services for (Re)Deployment
|
|
run: |
|
|
echo -e "${{ steps.detect_services.outputs.docker_svc_list }}"
|
|
|
|
docker-compose-dry-run:
|
|
name: Docker Compose Dry Run
|
|
needs: [generate-service-list]
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
compose_file_list: ${{ steps.compose_file_list.outputs.compose_list }}
|
|
env:
|
|
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
|
VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
|
|
VAULT_NAMESPACE: ""
|
|
REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
|
|
DOCKER_SVC_LIST: ${{ needs.generate-service-list.outputs.svc_deploy_list }}
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Login to Gitea Container Registry
|
|
run: |
|
|
docker login -u gitea-sonarqube-bot -p ${REGISTRY_PASSWORD} git.trez.wtf
|
|
|
|
- name: Cache Vault install
|
|
id: cache-vault
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: /opt/hostedtoolcache/vault/${{ env.HC_VAULT_VERSION }}/x64
|
|
key: vault-${{ runner.os }}-${{ env.HC_VAULT_VERSION }}
|
|
|
|
- name: Install Vault (only if not cached)
|
|
if: steps.cache-vault.outputs.cache-hit != 'true'
|
|
uses: cpanato/vault-installer@main
|
|
with:
|
|
version: ${{ env.HC_VAULT_VERSION }}
|
|
|
|
- name: Gotify Notification
|
|
uses: eikendev/gotify-action@master
|
|
with:
|
|
gotify_api_base: '${{ secrets.GOTIFY_URL }}'
|
|
gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}'
|
|
notification_title: 'GITEA: Docker Compose Dry Run @ Rikku'
|
|
notification_message: 'Starting Docker Compose dry run...'
|
|
|
|
- name: Generate .env file for Docker Compose
|
|
run: |
|
|
vault kv get -format=json benedikta-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
|
|
|
|
- name: Get list of Compose files
|
|
id: compose_file_list
|
|
run: |
|
|
compose_list=$(find . -type f -name "docker-compose*.yml" \
|
|
-a ! -name "*windows*" \
|
|
-a ! -name "*gui*" \
|
|
-a ! -name "*macos*" \
|
|
-a ! -name "*hivemind*" \
|
|
-a ! -name "*server*" \
|
|
| sed -e ':a;N;$!ba;s/[\r\n]/ -f /g')
|
|
|
|
echo "compose_list=$compose_list" >> "$GITHUB_OUTPUT"
|
|
echo "Compose files: $compose_list"
|
|
|
|
- name: Docker Compose Dry Run
|
|
uses: cssnr/stack-deploy-action@v1.3.2
|
|
with:
|
|
mode: compose
|
|
file: ${{ steps.compose_file_list.outputs.compose_list }}
|
|
name: 'ovosmisc'
|
|
host: 192.168.1.252
|
|
user: ovos
|
|
ssh_key: ${{ secrets.BDIKTA_GITEA_PRIVATE_SSH_KEY }}
|
|
args: --remove-orphans -d --dry-run ${{ needs.generate-service-list.outputs.svc_deploy_list }}
|
|
env_file: '.env'
|
|
registry_host: 'ghcr.io'
|
|
registry_user: TrezOne
|
|
registry_pass: ${{ secrets.GHCR_LOGIN_TOKEN }}
|
|
summary: true
|
|
|
|
- name: Gotify Notification
|
|
uses: eikendev/gotify-action@master
|
|
with:
|
|
gotify_api_base: '${{ secrets.GOTIFY_URL }}'
|
|
gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}'
|
|
notification_title: 'GITEA: Docker Compose Dry Run @ Rikku'
|
|
notification_message: 'Docker Compose dry run completed successfully.' |