Reverting back to an earlier iteration of the build (from 183e3130ee).

.gitea/workflows/docker-compose-pr-workflow.yml

@@ -3,87 +3,134 @@ name: Docker Compose PR Workflow
 on:
   push:
     branches:
-      - '*'
-  create:
-    branches:
-      - '*'
+      - main
+  pull_request:
+      types: [opened, synchronize, reopened]
 
+name: SonarQube Scan
 jobs:
-  create-pr-and-validate:
-    name: Create PR and Validate Docker Compose
+  sonarqube:
+    name: SonarQube Scanning & Status
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout Repository
-        uses: actions/checkout@v4
-      - name: URL check
-        run: |
-          echo "${{ secrets.RINOA_GITEA_SERVER }}"
-      - name: Gitea List Pull Requests
-        id: gitea-check-pr
-        uses: vicamo/gitea-list-pull-requests@v1.0.1
-        with:
-          token: "${{ secrets.BOT_GITEA_TOKEN }}"
-          server_url: "${{ secrets.RINOA_GITEA_SERVER }}"
-          state: 'all'
- 
-  #     - name: Set PR_EXISTS environment variable
-  #       run: echo "PR_EXISTS=${{ steps.gitea-check-pr.outputs.exists }}" >> $GITHUB_ENV
-  #     - name: Create Pull Request
-  #       if: env.PR_EXISTS != 'true'
-  #       uses: arifer612/Gitea-PR-action@v1.2.0
-  #       with:
-  #         url: ${{ secrets.RINOA_GITEA_SERVER }}
-  #         token: ${{ secrets.BOT_GITEA_TOKEN }}
-  # #     - name: Run SonarQube Analysis
-  #       uses: SonarSource/sonarqube-scan-action@v4.1.0
-  #       with:
-  #         SONARQUBE_HOST: ${{ secrets.SONARQUBE_HOST }}
-  #         sonar_token: ${{ secrets.SONARQUBE_TOKEN }}
-  #         extra_args: |
-  #           -Dsonar.projectKey=${{ github.repository }}
-  #           -Dsonar.sources=.
-  #           -Dsonar.inclusions=docker-compose.yml
-  #           -Dsonar.language=yaml,docker
-  #     - name: Check SonarQube Quality Gate
-  #       id: quality-gate
-  #       uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
-  #       with:
-  #         SONARQUBE_HOST: ${{ secrets.SONARQUBE_HOST }}
-  #         sonar_token: ${{ secrets.SONARQUBE_TOKEN }}
+    - name: Checking out
+      uses: actions/checkout@v4
+      with:
+        # Disabling shallow clone is recommended for improving relevancy of reporting
+        fetch-depth: 0
 
-  #     - name: Validate Docker Compose Configuration
-  #       if: steps.quality-gate.outputs.quality-gate-status == 'PASSED'
-  #       id: docker-lint
+    - name: SonarQube Scan
+      uses: SonarSource/sonarqube-scan-action@v4.0.0
+      env:
+        SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
+        SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+
+    - name: SonarQube Quality Gate Check
+      id: quality-gate
+      uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
+      env:
+        SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
+        SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+
+    # - name: Comment on Pull Request with Quality Gate Status
+    #   id: comment-pr
+    #   uses: prasiman/gocurl@v1
+    #   with:
+    #     method: POST
+    #     url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/issues/${{ github.event.pull_request.number }}/reviews"
+    #     headers: >
+    #       Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
+    #     body: |
+    #       {
+    #         "body": "SonarQube Quality Gate Status: ${{ steps.quality-gate.outputs.quality-gate-status }}"
+    #       }
+
+  docker-compose-dry-run:
+    name: Dry Run Docker Compose
+    runs-on: ubuntu-latest
+    needs: quality-gate
+    if: ${{ steps.quality-gate.outputs.quality-gate-status }} == 'PASSED'
+    steps:  
+    - name: Checking out
+      uses: actions/checkout@v4
+      with:
+        # Disabling shallow clone is recommended for improving relevancy of reporting
+        fetch-depth: 0
+
+    - name: Generate ephemeral env
+      run: |
+        echo "${{ secrets.RINOA_DOCKER_ENV }}" > ./.env
+
+    - name: Validate Docker Compose Configuration
+      id: docker-lint
+      run: |
+        docker compose config --no-interpolate --quiet --dry-run
+        EXIT_CODE=$?
+        if [ $? -ne 0 ]; then
+          echo "Docker Compose configuration validation failed."
+          exit 1
+        else
+          echo "Docker Compose configuration is valid."
+        fi
+        echo "::set-output name=exit_code::$EXIT_CODE"
+
+    # - name: Docker Compose Lint
+    #   uses: sjafferali/docker-compose-lint-action@v0.1.2
+    #   with:
+    #     compose-file: './docker-compose.yml'
+
+  # manual-approval:
+  #   name: Manual Approval
+  #   needs: docker-compose-test
+  #   if: always()
+  #   runs-on: self-hosted
+  #   steps:
+  #     - name: Approval Required
   #       run: |
-  #         echo "${{ secrets.DOCKER_ENV }}" > .env
-  #         docker compose config --no-interpolate --quiet --dry-run
+  #         echo "Manual approval step reached. Please approve to proceed."
+  #         exit 1
+
+  deploy-changes:
+    name: Merge and Deploy Changes
+    runs-on: ubuntu-latest
+    needs: docker-lint
+    if: steps.docker-lint.outputs.exit_code == 0
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Install & Setup Tea CLI
+        run: |
+          curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
+          chmod +x /usr/local/bin/tea
+          tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_SERVER }}"" --user gitea-sonarqube-bot --token "${{ secrets.BOT_GITEA_TOKEN }}"
+      
+      - name: Merge PR with Tea CLI
+        run: |
+          tea pr m "${{ gitea.event.pull_request.number }}"
 
   #     - name: Merge Pull Request
-  #       if: steps.docker-lint.outcome == 'success'
   #       uses: prasiman/gocurl@v1
   #       with:
-  #         url: "${{ secrets.GITEA_API_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge"
   #         method: POST
-  #         headers: |
+  #         url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge"
+  #         headers: >
   #           Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
-  #           Content-Type: application/json
-  #         body: |
-  #           {
-  #             "Do": "merge"
-  #           }
 
-  # deploy-main:
-  #   name: Deploy to Remote Host
-  #   needs: create-pr-and-validate
-  #   if: github.ref == 'refs/heads/main'
-  #   runs-on: ubuntu-latest
-  #   steps:
-  #     - name: SSH to Remote Host and Deploy Docker Compose
-  #       uses: keatonLiu/docker-compose-remote-action@v1.2
-  #       with:
-  #         ssh_user: gitea-deploy
-  #         ssh_host: 192.168.1.254
-  #         ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }}
-  #         ssh_host_public_key: $ ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }}
-  #         compose_file_path: docker-compose.yml
-  #         args: "-d --remove-orphans --build --dry-run"
+      - name: Deploy Docker Compose Changes
+        uses: astappiev/docker-compose-remote-action@master
+        with:
+          ssh_host: 192.168.1.254
+          ssh_user: gitea-deploy
+          ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }}
+          ssh_host_public_key: ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }} 
+          docker_env: $ {{ secrets.RINOA_DOCKER_ENV }}
+          docker_args: -d --remove-orphans --build --dry-run
+
+      #   uses: alex-ac/github-action-ssh-docker-compose@master
+      #   with:
+      #     ssh_host: ${{ secrets.DOCKER_HOST }}
+      #     ssh_user: ${{ secrets.DOCKER_USER }}
+      #     ssh_key: ${{ secrets.DOCKER_SSH_KEY }}
+      #     compose_file_path: /path/to/docker-compose.yml
+      #     docker_compose_command: "up -d --remove-orphans"