Trez/rinoa-docker
4
0
Fork 0
Code Issues 1 Pull Requests 9 Actions Activity

Regenerating from ChatGPT and will tweak accordingly...

Browse Source
This commit is contained in:
Trez.One
2024-12-06 12:14:33 -05:00
parent 14f5d5ed5e
commit 550f425e86
1 changed files with 74 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflow/build.yaml
+74 -83
View File
@@ -1,96 +1,87 @@
name: Docker Compose PR Workflow
on:
push:
branches:
- '*'
pull_request:
types: [opened, synchronize, reopened]
branches:
- main
create:
branches:
- '*'
name: Docker Scan, Lint, & Deploy via Compose
jobs:
sonarqube:
name: SonarQube Scanning & Quality Gate
create-pr-and-validate:
name: Create PR and Validate Docker Compose
runs-on: ubuntu-latest
steps:
- name: Checking out
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: SonarQube Scan
id: sonarqube-scan
uses: SonarSource/sonarqube-scan-action@v4.1.0
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
- name: SonarQube Quality Gate Check
id: quality-gate
uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
docker-compose-dry-run:
name: Dry Run Docker Compose
runs-on: ubuntu-latest
needs: quality-gate
if: ${{ steps.quality-gate.outputs.quality-gate-status }} == 'PASSED'
steps:
- name: Checking out
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Generate ephemeral env
run: |
echo "${{ secrets.RINOA_DOCKER_ENV }}" > ./.env
- name: Validate Docker Compose Configuration
id: docker-lint
run: |
docker compose config --no-interpolate --quiet --dry-run
EXIT_CODE=$?
if [ $? -ne 0 ]; then
echo "Docker Compose configuration validation failed."
exit 1
else
echo "Docker Compose configuration is valid."
fi
echo "::set-output name=exit_code::$EXIT_CODE"
- name: Merge PR in Gitea
needs: docker-lint
if: steps.docker-lint.outputs.exit_code == 0
uses: prasiman/gocurl@v1
if: ${{ github.event.pull_request.merged == false }} # Only merge if PR is not already merged
with:
method: "POST"
url: "${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge"
headers: >
Authorization: token "${{ secrets.BOT_GITEA_TOKEN }}
Content-Type: application/json
body: |
{
"Do": "merge"
}
deploy-changes:
name: Merge and Deploy Changes
runs-on: ubuntu-latest
needs: docker-lint
if: steps.docker-lint.outputs.exit_code == 0
steps:
- name: Checkout Code
- name: Checkout Repository
uses: actions/checkout@v4
- name: Git Merge & Push
uses: morbalint/git-merge-action@v1.1.0
- name: Check if Pull Request Exists
id: check-pr
uses: prasiman/gocurl@v1.2.0
with:
target: 'main'
source: ${{ gitea.event.pull_request.head.ref }}
dry-run: true
- name: Deploy Docker Compose Changes
uses: 5eqn/docker-compose-remote-action@v0.0.7
url: ${{ secrets.GITEA_API_URL }}/repos/${{ github.repository_owner }}/pulls?state=open&head=${{ github.repository_owner }}:${{ github.ref_name }}
method: GET
headers: |
Authorization: token ${{ secrets.GITEA_API_TOKEN }}
outputs:
response: ${{ steps.check-pr.outputs.response }}
- name: Create Pull Request
if: env.PR_EXISTS != 'true'
uses: arifer612/Gitea-PR-action@v1.2.0
with:
url: ${{ secrets.RINOA_GITEA_SERVER }}
token: ${{ secrets.BOT_GITEA_TOKEN }}
- name: Run SonarQube Analysis
uses: sonarsource/sonarqube-scan-action@v2.0.0
with:
SONARQUBE_HOST: ${{ secrets.SONARQUBE_HOST }}
sonar_token: ${{ secrets.SONARQUBE_TOKEN }}
extra_args: |
-Dsonar.projectKey=${{ github.repository }}
-Dsonar.sources=.
-Dsonar.inclusions=docker-compose.yml
-Dsonar.language=yaml,docker
- name: Check SonarQube Quality Gate
id: quality-gate
uses: sonarsource/sonarqube-quality-gate-check-action@v2.0.0
with:
SONARQUBE_HOST: ${{ secrets.SONARQUBE_HOST }}
sonar_token: ${{ secrets.SONARQUBE_TOKEN }}
- name: Validate Docker Compose Configuration
if: steps.quality-gate.outputs.quality-gate-status == 'PASSED'
id: docker-lint
run: |
echo "${{ secrets.DOCKER_ENV }}" > .env
docker compose config --no-interpolate --quiet --dry-run
continue-on-error: true
- name: Merge Pull Request
if: steps.docker-lint.outcome == 'success'
uses: prasiman/gocurl@v1.2.0
with:
url: ${{ secrets.GITEA_API_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge
method: POST
headers: |
Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
Content-Type: application/json
body: |
{
"Do": "merge"
}
deploy-main:
name: Deploy to Remote Host
needs: create-pr-and-validate
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- name: SSH to Remote Host and Deploy Docker Compose
uses: keatonLiu/docker-compose-remote-action@v1.2
with:
ssh_host: 192.168.1.254
ssh_user: gitea-deploy
ssh_host: 192.168.1.254
ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }}
ssh_host_public_key: ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }}
docker_env: $ {{ secrets.RINOA_DOCKER_ENV }}
docker_args: -d --remove-orphans --build --dry-run
ssh_host_public_key: $ ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }}
compose_file_path: docker-compose.yml
args: "-d --remove-orphans --build --dry-run"