Merge pull request '20 - docker-deploy-workflow' (#20) from docker-deploy-workflow into main

Reviewed-on: Trez.One/rinoa-docker#20

.gitea/workflow/build.yaml

@@ -0,0 +1,96 @@
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+      types: [opened, synchronize, reopened]
+
+name: Docker Scan, Lint, & Deploy via Compose
+jobs:
+  sonarqube:
+    name: SonarQube Scanning & Quality Gate
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checking out
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: SonarQube Scan
+      id: sonarqube-scan
+      uses: SonarSource/sonarqube-scan-action@v4.0.0
+      env:
+        SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
+        SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+
+    - name: SonarQube Quality Gate Check
+      id: quality-gate
+      uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
+      env:
+        SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
+        SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+
+  docker-compose-dry-run:
+    name: Dry Run Docker Compose
+    runs-on: ubuntu-latest
+    needs: quality-gate
+    if: ${{ steps.quality-gate.outputs.quality-gate-status }} == 'PASSED'
+    steps:  
+    - name: Checking out
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Generate ephemeral env
+      run: |
+        echo "${{ secrets.RINOA_DOCKER_ENV }}" > ./.env        
+
+    - name: Validate Docker Compose Configuration
+      id: docker-lint
+      run: |
+        docker compose config --no-interpolate --quiet --dry-run
+        EXIT_CODE=$?
+        if [ $? -ne 0 ]; then
+          echo "Docker Compose configuration validation failed."
+          exit 1
+        else
+          echo "Docker Compose configuration is valid."
+        fi
+        echo "::set-output name=exit_code::$EXIT_CODE"        
+
+  deploy-changes:
+    name: Merge and Deploy Changes
+    runs-on: ubuntu-latest
+    needs: docker-lint
+    if: steps.docker-lint.outputs.exit_code == 0
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      # - name: Install & Setup Tea CLI
+      #   run: |
+      #     curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
+      #     chmod +x /usr/local/bin/tea
+      #     tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_SERVER }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token "${{ secrets.BOT_GITEA_TOKEN }}"          
+      
+      # - name: Merge PR with Tea CLI
+      #   run: |
+      #     echo "${{ gitea.event.pull_request.number }}"
+      #     tea pr m --repo "${{ gitea.repository.name }}" --message "Automatically merged by GitHub Actions" --output table "${{ gitea.event.pull_request.number }}"
+
+      - name: Git Merge & Push
+        uses: morbalint/git-merge-action@v1.1.0
+        with:
+          target: 'main'
+          source: ${{ gitea.event.pull_request.head.ref }}
+          dry-run: true
+
+      - name: Deploy Docker Compose Changes
+        uses: 5eqn/docker-compose-remote-action@v0.0.7
+        with:
+          ssh_host: 192.168.1.254
+          ssh_user: gitea-deploy
+          ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }}
+          ssh_host_public_key: ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }} 
+          docker_env: $ {{ secrets.RINOA_DOCKER_ENV }}
+          docker_args: -d --remove-orphans --build --dry-run