From c0763f2c24e55a1e75258629f1297469dc9d5f74 Mon Sep 17 00:00:00 2001
From: "Trez.One" <charish.patel@trez.wtf>
Date: Thu, 2 Oct 2025 07:28:41 -0400
Subject: [PATCH] Docker image pre-pull.

---
 .gitea/actions/docker-img-pre-pull/action.yml | 37 ++++++++++++++++
 .../workflows/pr-cloudflare-docker-deploy.yml | 43 ++++++++-----------
 2 files changed, 56 insertions(+), 24 deletions(-)
 create mode 100644 .gitea/actions/docker-img-pre-pull/action.yml

diff --git a/.gitea/actions/docker-img-pre-pull/action.yml b/.gitea/actions/docker-img-pre-pull/action.yml
new file mode 100644
index 00000000..2bc2f6fc
--- /dev/null
+++ b/.gitea/actions/docker-img-pre-pull/action.yml
@@ -0,0 +1,37 @@
+name: "Pre-pull or Build Docker images"
+description: "Prepares all services for docker compose dry-run by pulling images or building them"
+inputs:
+  services:
+    description: "Space-separated list of docker-compose services"
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Install yq (if missing)
+      shell: bash
+      run: |
+        if ! command -v yq >/dev/null 2>&1; then
+          sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.44.1/yq_linux_amd64
+          sudo chmod +x /usr/local/bin/yq
+        fi
+
+    - name: Pre-pull/build images for services
+      shell: bash
+      run: |
+        echo "Services to resolve: ${{ inputs.services }}"
+        for svc in ${{ inputs.services }}; do
+          echo "Resolving image for service: $svc"
+          image=$(docker compose config | yq -r ".services[\"$svc\"].image // empty")
+          build_dir=$(docker compose config | yq -r ".services[\"$svc\"].build.context // empty")
+
+          if [ -n "$image" ]; then
+            echo "Pulling image: $image"
+            docker pull "$image"
+          elif [ -n "$build_dir" ]; then
+            echo "Building image for service: $svc from context: $build_dir"
+            docker compose build "$svc"
+          else
+            echo "⚠️ No image or build context for $svc — skipping"
+          fi
+        done
diff --git a/.gitea/workflows/pr-cloudflare-docker-deploy.yml b/.gitea/workflows/pr-cloudflare-docker-deploy.yml
index ee3e3008..70ec2a07 100644
--- a/.gitea/workflows/pr-cloudflare-docker-deploy.yml
+++ b/.gitea/workflows/pr-cloudflare-docker-deploy.yml
@@ -160,10 +160,6 @@ jobs:
       - name: Checkout
         uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
 
-      # - name: Login to Gitea Container Registry
-      #   run: |
-      #     docker login -u gitea-sonarqube-bot -p ${RINOA_REGISTRY_PASSWORD} git.trez.wtf
-
       - name: Login to Docker Hub
         uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
         with:
@@ -184,10 +180,18 @@ jobs:
           username: ${{ secrets.BOT_GITEA_USER }}
           password: ${{ secrets.BOT_GITEA_PASSWORD }}
 
-      - name: Install Vault (only if not cached)
-        uses: cpanato/vault-installer@main
+      # - name: Install Vault (only if not cached)
+      #   uses: cpanato/vault-installer@main
+      #   with:
+      #     version: ${{ env.HC_VAULT_VERSION }}
+
+      - name: Get env file
+        uses: Simporter/get-env-file-from-vault@v1.0.3
         with:
-          version: ${{ env.HC_VAULT_VERSION }}
+          VAULT_ADDR: ${{ secrets.TREZ_VAULT_ADDR }}
+          VAULT_USERNAME: ${{ secrets.VAULT_GITEA_USER }}
+          VAULT_PASSWORD: ${{ secrets.VAULT_GITEA_PASSWORD }}
+          VAULT_SECRETS_PATH: rinoa-docker/env
 
       - name: Gotify Notification
         uses: eikendev/gotify-action@master
@@ -197,24 +201,15 @@ jobs:
           notification_title: "GITEA: Docker Compose Dry Run @ Rinoa"
           notification_message: "Starting Docker Compose dry run..."
 
-      - name: Generate .env file for Docker Compose
-        run: |
-          vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
-          echo ${DOCKER_SVC_LIST}
+      # - name: Generate .env file for Docker Compose
+      #   run: |
+      #     vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
+      #     echo ${DOCKER_SVC_LIST}
 
-      - name: Pre-pull service images
-        run: |
-          # Pull only the images needed for this dry run
-          for svc in ${DOCKER_SVC_LIST}; do
-            echo "Resolving image for service: $svc"
-            image=$(docker compose config | yq -r ".services[\"$svc\"].image")
-            if [ -n "$image" ] && [ "$image" != "null" ]; then
-              echo "Pulling $image"
-              docker pull "$image"
-            else
-              echo "⚠️ No image defined for $svc (might be build-only)"
-            fi
-          done
+      - name: Pre-pull/build service images
+        uses: ./.gitea/actions/prepull-images
+        with:
+          services: ${{ env.DOCKER_SVC_LIST }}
 
       - name: Docker Compose Dry Run
         uses: hoverkraft-tech/compose-action@b716db5b717cb9b81e391fe638e5aceaa2299e43 # v2.4.0