Reverting back to an earlier iteration of the build (from 183e3130ee).
This commit is contained in:
@@ -3,87 +3,134 @@ name: Docker Compose PR Workflow
|
|||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- '*'
|
- main
|
||||||
create:
|
pull_request:
|
||||||
branches:
|
types: [opened, synchronize, reopened]
|
||||||
- '*'
|
|
||||||
|
|
||||||
|
name: SonarQube Scan
|
||||||
jobs:
|
jobs:
|
||||||
create-pr-and-validate:
|
sonarqube:
|
||||||
name: Create PR and Validate Docker Compose
|
name: SonarQube Scanning & Status
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout Repository
|
- name: Checking out
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
- name: URL check
|
with:
|
||||||
run: |
|
# Disabling shallow clone is recommended for improving relevancy of reporting
|
||||||
echo "${{ secrets.RINOA_GITEA_SERVER }}"
|
fetch-depth: 0
|
||||||
- name: Gitea List Pull Requests
|
|
||||||
id: gitea-check-pr
|
|
||||||
uses: vicamo/gitea-list-pull-requests@v1.0.1
|
|
||||||
with:
|
|
||||||
token: "${{ secrets.BOT_GITEA_TOKEN }}"
|
|
||||||
server_url: "${{ secrets.RINOA_GITEA_SERVER }}"
|
|
||||||
state: 'all'
|
|
||||||
|
|
||||||
# - name: Set PR_EXISTS environment variable
|
|
||||||
# run: echo "PR_EXISTS=${{ steps.gitea-check-pr.outputs.exists }}" >> $GITHUB_ENV
|
|
||||||
# - name: Create Pull Request
|
|
||||||
# if: env.PR_EXISTS != 'true'
|
|
||||||
# uses: arifer612/Gitea-PR-action@v1.2.0
|
|
||||||
# with:
|
|
||||||
# url: ${{ secrets.RINOA_GITEA_SERVER }}
|
|
||||||
# token: ${{ secrets.BOT_GITEA_TOKEN }}
|
|
||||||
# # - name: Run SonarQube Analysis
|
|
||||||
# uses: SonarSource/sonarqube-scan-action@v4.1.0
|
|
||||||
# with:
|
|
||||||
# SONARQUBE_HOST: ${{ secrets.SONARQUBE_HOST }}
|
|
||||||
# sonar_token: ${{ secrets.SONARQUBE_TOKEN }}
|
|
||||||
# extra_args: |
|
|
||||||
# -Dsonar.projectKey=${{ github.repository }}
|
|
||||||
# -Dsonar.sources=.
|
|
||||||
# -Dsonar.inclusions=docker-compose.yml
|
|
||||||
# -Dsonar.language=yaml,docker
|
|
||||||
# - name: Check SonarQube Quality Gate
|
|
||||||
# id: quality-gate
|
|
||||||
# uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
|
|
||||||
# with:
|
|
||||||
# SONARQUBE_HOST: ${{ secrets.SONARQUBE_HOST }}
|
|
||||||
# sonar_token: ${{ secrets.SONARQUBE_TOKEN }}
|
|
||||||
|
|
||||||
# - name: Validate Docker Compose Configuration
|
- name: SonarQube Scan
|
||||||
# if: steps.quality-gate.outputs.quality-gate-status == 'PASSED'
|
uses: SonarSource/sonarqube-scan-action@v4.0.0
|
||||||
# id: docker-lint
|
env:
|
||||||
|
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|
||||||
|
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
||||||
|
|
||||||
|
- name: SonarQube Quality Gate Check
|
||||||
|
id: quality-gate
|
||||||
|
uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
|
||||||
|
env:
|
||||||
|
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|
||||||
|
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
||||||
|
|
||||||
|
# - name: Comment on Pull Request with Quality Gate Status
|
||||||
|
# id: comment-pr
|
||||||
|
# uses: prasiman/gocurl@v1
|
||||||
|
# with:
|
||||||
|
# method: POST
|
||||||
|
# url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/issues/${{ github.event.pull_request.number }}/reviews"
|
||||||
|
# headers: >
|
||||||
|
# Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||||
|
# body: |
|
||||||
|
# {
|
||||||
|
# "body": "SonarQube Quality Gate Status: ${{ steps.quality-gate.outputs.quality-gate-status }}"
|
||||||
|
# }
|
||||||
|
|
||||||
|
docker-compose-dry-run:
|
||||||
|
name: Dry Run Docker Compose
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
needs: quality-gate
|
||||||
|
if: ${{ steps.quality-gate.outputs.quality-gate-status }} == 'PASSED'
|
||||||
|
steps:
|
||||||
|
- name: Checking out
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
# Disabling shallow clone is recommended for improving relevancy of reporting
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
|
- name: Generate ephemeral env
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.RINOA_DOCKER_ENV }}" > ./.env
|
||||||
|
|
||||||
|
- name: Validate Docker Compose Configuration
|
||||||
|
id: docker-lint
|
||||||
|
run: |
|
||||||
|
docker compose config --no-interpolate --quiet --dry-run
|
||||||
|
EXIT_CODE=$?
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
echo "Docker Compose configuration validation failed."
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
echo "Docker Compose configuration is valid."
|
||||||
|
fi
|
||||||
|
echo "::set-output name=exit_code::$EXIT_CODE"
|
||||||
|
|
||||||
|
# - name: Docker Compose Lint
|
||||||
|
# uses: sjafferali/docker-compose-lint-action@v0.1.2
|
||||||
|
# with:
|
||||||
|
# compose-file: './docker-compose.yml'
|
||||||
|
|
||||||
|
# manual-approval:
|
||||||
|
# name: Manual Approval
|
||||||
|
# needs: docker-compose-test
|
||||||
|
# if: always()
|
||||||
|
# runs-on: self-hosted
|
||||||
|
# steps:
|
||||||
|
# - name: Approval Required
|
||||||
# run: |
|
# run: |
|
||||||
# echo "${{ secrets.DOCKER_ENV }}" > .env
|
# echo "Manual approval step reached. Please approve to proceed."
|
||||||
# docker compose config --no-interpolate --quiet --dry-run
|
# exit 1
|
||||||
|
|
||||||
|
deploy-changes:
|
||||||
|
name: Merge and Deploy Changes
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
needs: docker-lint
|
||||||
|
if: steps.docker-lint.outputs.exit_code == 0
|
||||||
|
steps:
|
||||||
|
- name: Checkout Code
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install & Setup Tea CLI
|
||||||
|
run: |
|
||||||
|
curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
|
||||||
|
chmod +x /usr/local/bin/tea
|
||||||
|
tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_SERVER }}"" --user gitea-sonarqube-bot --token "${{ secrets.BOT_GITEA_TOKEN }}"
|
||||||
|
|
||||||
|
- name: Merge PR with Tea CLI
|
||||||
|
run: |
|
||||||
|
tea pr m "${{ gitea.event.pull_request.number }}"
|
||||||
|
|
||||||
# - name: Merge Pull Request
|
# - name: Merge Pull Request
|
||||||
# if: steps.docker-lint.outcome == 'success'
|
|
||||||
# uses: prasiman/gocurl@v1
|
# uses: prasiman/gocurl@v1
|
||||||
# with:
|
# with:
|
||||||
# url: "${{ secrets.GITEA_API_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge"
|
|
||||||
# method: POST
|
# method: POST
|
||||||
# headers: |
|
# url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge"
|
||||||
|
# headers: >
|
||||||
# Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
|
# Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
|
||||||
# Content-Type: application/json
|
|
||||||
# body: |
|
|
||||||
# {
|
|
||||||
# "Do": "merge"
|
|
||||||
# }
|
|
||||||
|
|
||||||
# deploy-main:
|
- name: Deploy Docker Compose Changes
|
||||||
# name: Deploy to Remote Host
|
uses: astappiev/docker-compose-remote-action@master
|
||||||
# needs: create-pr-and-validate
|
with:
|
||||||
# if: github.ref == 'refs/heads/main'
|
ssh_host: 192.168.1.254
|
||||||
# runs-on: ubuntu-latest
|
ssh_user: gitea-deploy
|
||||||
# steps:
|
ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }}
|
||||||
# - name: SSH to Remote Host and Deploy Docker Compose
|
ssh_host_public_key: ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }}
|
||||||
# uses: keatonLiu/docker-compose-remote-action@v1.2
|
docker_env: $ {{ secrets.RINOA_DOCKER_ENV }}
|
||||||
# with:
|
docker_args: -d --remove-orphans --build --dry-run
|
||||||
# ssh_user: gitea-deploy
|
|
||||||
# ssh_host: 192.168.1.254
|
# uses: alex-ac/github-action-ssh-docker-compose@master
|
||||||
# ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }}
|
# with:
|
||||||
# ssh_host_public_key: $ ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }}
|
# ssh_host: ${{ secrets.DOCKER_HOST }}
|
||||||
# compose_file_path: docker-compose.yml
|
# ssh_user: ${{ secrets.DOCKER_USER }}
|
||||||
# args: "-d --remove-orphans --build --dry-run"
|
# ssh_key: ${{ secrets.DOCKER_SSH_KEY }}
|
||||||
|
# compose_file_path: /path/to/docker-compose.yml
|
||||||
|
# docker_compose_command: "up -d --remove-orphans"
|
||||||
Reference in New Issue
Block a user