From 9b7226272c18f774d3783945d837da9d35a92426 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Tue, 24 Dec 2024 06:43:53 -0500 Subject: [PATCH] Starting new deployment pipeline. --- .../workflows/branch-sonarscan-pr-merge.yml | 163 ------------------ .gitea/workflows/deployment.yml | 24 +++ 2 files changed, 24 insertions(+), 163 deletions(-) delete mode 100644 .gitea/workflows/branch-sonarscan-pr-merge.yml create mode 100644 .gitea/workflows/deployment.yml diff --git a/.gitea/workflows/branch-sonarscan-pr-merge.yml b/.gitea/workflows/branch-sonarscan-pr-merge.yml deleted file mode 100644 index 0c6bd62f..00000000 --- a/.gitea/workflows/branch-sonarscan-pr-merge.yml +++ /dev/null @@ -1,163 +0,0 @@ -name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow - -on: - push: - branches-ignore: - - main - -jobs: - # Job 1: Check if PR exists and create one if the branch is new - check-and-create-pr: - name: Check and Create PR - runs-on: ubuntu-latest - outputs: - pr_created: ${{ steps.cc-pr.outputs.pr_created }} - pr_number: ${{ steps.cc-pr.outputs.pr_index }} - steps: - - name: Checkout Code - uses: actions/checkout@v4 - - - name: PR Check/Create - id: cc-pr - run: | - echo "Checking for existing PR..." - pr_check=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/main/${{ github.ref_name }} \ - -X 'GET' \ - -H 'Accept: application/json' \ - -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \ - -s | jq '{index: .number, state: .state}') - pr_status=$(echo ${pr_check} | jq -r '.state') - if [ "${pr_status}" == "open" ]; then - echo "PR already exists. PR number: $(echo ${pr_check} | jq -r '.index')" - echo "pr_created=false" >> "$GITHUB_OUTPUT" - echo "pr_index=$(echo ${pr_check} | jq -r '.index')" >> "$GITHUB_OUTPUT" - elif [ "${pr_status}" == "closed" ]; then - echo "PR does not exist. Creating PR..." - pr_response=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls -s \ - -X 'POST' \ - -H 'Accept: application/json' \ - -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \ - -H 'Content-Type: application/json' \ - -d '{ - "base": "main", - "head": "'"${{ github.ref_name }}"'", - "title": "Automated PR for branch '"${{ github.ref_name }}"'", - "body": "This is an automated PR created for branch '"${{ github.ref_name }}"'." - }') - pr_index=$(echo ${pr_response} | jq -r '.number') - echo "PR created. PR number: ${pr_index}" - echo "pr_created=true" >> "$GITHUB_OUTPUT" - echo "pr_index=${pr_index}" >> "$GITHUB_OUTPUT" - else - echo "Error checking for existing PR. Exiting..." - exit 1 - fi - - sonarqube-analysis: - name: SonarQube Analysis - runs-on: ubuntu-latest - needs: check-and-create-pr - outputs: - qg_status: ${{ steps.quality-gate.outputs.quality-gate-status }} - steps: - - name: Checkout Code - uses: actions/checkout@v4 - - - name: SonarQube Scan - uses: sonarsource/sonarqube-scan-action@v4.1.0 - env: - SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} - SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} - - - name: SonarQube Quality Gate - id: quality-gate - uses: sonarsource/sonarqube-quality-gate-action@v1.1.0 - env: - SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} - SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} - - - name: Custom Quality Gate Check - uses: DesarrolloORT/sonarqube-quality-gate-action@v1.0.1 - id: quality-gate-check - with: - sonar-project-key: rinoa-docker - sonar-host-url: ${{ secrets.SONARQUBE_HOST }} - sonar-token: ${{ secrets.SONARQUBE_TOKEN }} - - - name: JSON clean-up for proccessing... - id: json-cleanup - run: | - echo "Cleaning up quality gate response..." - echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt - sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json - jq -c '.' qg_raw.json > qg_fixed_json.json - projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json) - caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json) - conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json) - echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT - echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT - echo "conditions=${conditions}" >> $GITHUB_OUTPUT - - - name: Convert JSON to Markdown Table - id: convert-json-to-md - uses: buildingcash/json-to-markdown-table-action@v1.1.0 - with: - json: "${{ steps.json-cleanup.outputs.conditions }}" - - - name: Post SonarQube Results as Comment - env: - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - SQ_RESULTS: ${{ steps.convert-json-to-md.outputs.table }} - QG_STATUS: ${{ steps.quality-gate.outputs.quality-gate-status }} - RINOA_GITEA_URL: ${{ vars.RINOA_GITEA_URL }} - GITHUB_REPOSITORY: ${{ github.repository }} - BOT_GITEA_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} - run: | - formatted_results=$(echo "${SQ_RESULTS}" | sed 's/\\n/\ - /g') - payload=$(jq -n \ - --arg body "SonarQube analysis results: -
- ${{ env.SQ_RESULTS }}" \ - '{ body: $body }') - - response=$(curl -s -o response.json -w "%{http_code}" \ - -X POST \ - -H "Accept: application/json" \ - -H "Authorization: token ${BOT_GITEA_TOKEN}" \ - -H "Content-Type: application/json" \ - -d "$payload" \ - "${RINOA_GITEA_URL}/api/v1/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}/reviews") - - dry-run-merge-pr: - runs-on: ubuntu-latest - name: Dry Run & PR Merge - needs: sonarqube-analysis - if: needs.sonarqube-analysis.outputs.qg_status == 'PASSED' - steps: - - name: Checkout Code - uses: actions/checkout@v4 - - - name: Generate Ephemeral .env for Docker Compose Dry Run - run: | - echo "${{ secrets.RINOA_ENV }}" > .env - - - name: Docker Compose Dry Run - uses: s3i7h/spin-up-docker-compose-action@v1.2 - env: - DOCKER_HOST: tcp://dockerproxy:2375 - with: - file: docker-compose.yml - pull: true - pull-opts: --dry-run - up: true - up-opts: -d --dry-run - - - name: Tea CLI Setup & PR Merge - run: | - curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea - chmod +x /usr/local/bin/tea - echo "Merging PR..." - tea login add --name gitea-rinoa --url "${{ vars.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token "${{ secrets.BOT_GITEA_TOKEN }}" - pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --output csv | egrep "${{ gitea.ref_name }}" | awk -F, '{print $1}' | sed -e 's|"||g') - tea pr m --repo ${{ github.repository }} --title "Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index} \ No newline at end of file diff --git a/.gitea/workflows/deployment.yml b/.gitea/workflows/deployment.yml new file mode 100644 index 00000000..79e87074 --- /dev/null +++ b/.gitea/workflows/deployment.yml @@ -0,0 +1,24 @@ +name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow + +on: + push: + branches-ignore: + - main + +jobs: + # Job 1: Check if PR exists and create one if the branch is new + check-and-create-pr: + name: Check and Create PR + runs-on: ubuntu-latest + outputs: + pr_created: ${{ steps.cc-pr.outputs.pr_created }} + pr_number: ${{ steps.cc-pr.outputs.pr_index }} + steps: + - name: Checkout Code + uses: actions/checkout@v4 + + - name: PR Check + id: cc-pr + uses: vicamo/gitea-list-pull-requests@v1.0.1 + with: + state: open