API endpoint tweaks; using gocurl to comment on PR.
This commit is contained in:
+90
-32
@@ -1,39 +1,97 @@
|
|||||||
|
name: Docker Compose PR Check and Deploy
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
pull_request:
|
||||||
|
types: [opened, synchronize, reopened]
|
||||||
branches:
|
branches:
|
||||||
- main
|
- main
|
||||||
pull_request:
|
|
||||||
types: [opened, synchronize, reopened]
|
|
||||||
|
|
||||||
name: SonarQube Scan
|
|
||||||
jobs:
|
jobs:
|
||||||
sonarqube:
|
setup-sonarqube:
|
||||||
name: SonarQube Scanning & Status
|
name: Setup SonarQube Project and Analyze
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checking out
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
with:
|
|
||||||
# Disabling shallow clone is recommended for improving relevancy of reporting
|
|
||||||
fetch-depth: 0
|
|
||||||
|
|
||||||
- name: SonarQube Scan
|
|
||||||
uses: SonarSource/sonarqube-scan-action@v4.0.0
|
|
||||||
env:
|
|
||||||
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|
|
||||||
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
|
||||||
|
|
||||||
- name: SonarQube Quality Gate Check
|
|
||||||
id: quality-gate
|
|
||||||
uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
|
|
||||||
env:
|
|
||||||
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|
|
||||||
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
|
||||||
|
|
||||||
dry-run:
|
|
||||||
runs-on: self-hosted
|
runs-on: self-hosted
|
||||||
steps:
|
steps:
|
||||||
- name: Tests
|
- name: Checkout Code
|
||||||
uses: cloudposse/github-action-docker-compose-test-run@main
|
uses: actions/checkout@v3
|
||||||
with:
|
|
||||||
file: docker-compose.yml
|
- name: Configure Git Credentials
|
||||||
|
run: |
|
||||||
|
git config --global url."https://${{ secrets.GITEA_TOKEN }}@${{ secrets.GITEA_SERVER }}".insteadOf "https://${{ secrets.GITEA_SERVER }}"
|
||||||
|
|
||||||
|
- name: Run SonarQube Analysis
|
||||||
|
uses: sonarsource/sonarqube-scan-action@v1.0.0
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.SONARQUBE_URL }}
|
||||||
|
login: ${{ secrets.SONARQUBE_TOKEN }}
|
||||||
|
projectKey: ${{ github.event.repository.name }}
|
||||||
|
projectName: ${{ github.event.repository.name }}
|
||||||
|
|
||||||
|
- name: Check SonarQube Quality Gate
|
||||||
|
id: quality-gate
|
||||||
|
uses: sonarsource/sonarqube-quality-gate-check@v1.1.0
|
||||||
|
with:
|
||||||
|
host: ${{ secrets.SONARQUBE_URL }}
|
||||||
|
login: ${{ secrets.SONARQUBE_TOKEN }}
|
||||||
|
|
||||||
|
- name: Comment on Pull Request with Quality Gate Status
|
||||||
|
id: comment-pr
|
||||||
|
uses: prasiman/gocurl@v0.5.0
|
||||||
|
with:
|
||||||
|
method: POST
|
||||||
|
url: "https://${{ secrets.GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/issues/${{ github.event.pull_request.number }}/reviews"
|
||||||
|
headers: >
|
||||||
|
Authorization: token ${{ secrets.GITEA_TOKEN }}
|
||||||
|
body: |
|
||||||
|
{
|
||||||
|
"body": "SonarQube Quality Gate Status: ${{ steps.quality-gate.outputs.quality-gate-status }}"
|
||||||
|
}
|
||||||
|
|
||||||
|
docker-compose-test:
|
||||||
|
name: Dry Run Docker Compose
|
||||||
|
needs: setup-sonarqube
|
||||||
|
if: needs.setup-sonarqube.outputs.quality-gate == 'true'
|
||||||
|
runs-on: self-hosted
|
||||||
|
steps:
|
||||||
|
- name: Checkout Code
|
||||||
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: Validate Docker Compose Configuration
|
||||||
|
uses: alexesdev/docker-compose-tests-run@v1
|
||||||
|
with:
|
||||||
|
compose_file: docker-compose.yml
|
||||||
|
|
||||||
|
manual-approval:
|
||||||
|
name: Manual Approval
|
||||||
|
needs: docker-compose-test
|
||||||
|
if: always()
|
||||||
|
runs-on: self-hosted
|
||||||
|
steps:
|
||||||
|
- name: Approval Required
|
||||||
|
run: |
|
||||||
|
echo "Manual approval step reached. Please approve to proceed."
|
||||||
|
exit 1
|
||||||
|
|
||||||
|
deploy-changes:
|
||||||
|
name: Merge and Deploy Changes
|
||||||
|
needs: manual-approval
|
||||||
|
runs-on: self-hosted
|
||||||
|
steps:
|
||||||
|
- name: Checkout Code
|
||||||
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: Merge Pull Request
|
||||||
|
uses: prasiman/gocurl@v0.5.0
|
||||||
|
with:
|
||||||
|
method: POST
|
||||||
|
url: "https://${{ secrets.GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge"
|
||||||
|
headers: >
|
||||||
|
Authorization: token ${{ secrets.GITEA_TOKEN }}
|
||||||
|
|
||||||
|
- name: Deploy Docker Compose Changes
|
||||||
|
uses: alexesdev/ssh-docker-compose@v1.0.0
|
||||||
|
with:
|
||||||
|
ssh_host: ${{ secrets.DOCKER_HOST }}
|
||||||
|
ssh_user: ${{ secrets.DOCKER_USER }}
|
||||||
|
ssh_key: ${{ secrets.DOCKER_SSH_KEY }}
|
||||||
|
compose_file_path: /path/to/docker-compose.yml
|
||||||
|
docker_compose_command: "up -d --remove-orphans"
|
||||||
|
|||||||
Reference in New Issue
Block a user