diff --git a/.gitea/workflows/branch-sonarscan-pr-merge.yml b/.gitea/workflows/branch-sonarscan-pr-merge.yml deleted file mode 100644 index 0c6bd62f..00000000 --- a/.gitea/workflows/branch-sonarscan-pr-merge.yml +++ /dev/null @@ -1,163 +0,0 @@ -name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow - -on: - push: - branches-ignore: - - main - -jobs: - # Job 1: Check if PR exists and create one if the branch is new - check-and-create-pr: - name: Check and Create PR - runs-on: ubuntu-latest - outputs: - pr_created: ${{ steps.cc-pr.outputs.pr_created }} - pr_number: ${{ steps.cc-pr.outputs.pr_index }} - steps: - - name: Checkout Code - uses: actions/checkout@v4 - - - name: PR Check/Create - id: cc-pr - run: | - echo "Checking for existing PR..." - pr_check=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/main/${{ github.ref_name }} \ - -X 'GET' \ - -H 'Accept: application/json' \ - -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \ - -s | jq '{index: .number, state: .state}') - pr_status=$(echo ${pr_check} | jq -r '.state') - if [ "${pr_status}" == "open" ]; then - echo "PR already exists. PR number: $(echo ${pr_check} | jq -r '.index')" - echo "pr_created=false" >> "$GITHUB_OUTPUT" - echo "pr_index=$(echo ${pr_check} | jq -r '.index')" >> "$GITHUB_OUTPUT" - elif [ "${pr_status}" == "closed" ]; then - echo "PR does not exist. Creating PR..." - pr_response=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls -s \ - -X 'POST' \ - -H 'Accept: application/json' \ - -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \ - -H 'Content-Type: application/json' \ - -d '{ - "base": "main", - "head": "'"${{ github.ref_name }}"'", - "title": "Automated PR for branch '"${{ github.ref_name }}"'", - "body": "This is an automated PR created for branch '"${{ github.ref_name }}"'." - }') - pr_index=$(echo ${pr_response} | jq -r '.number') - echo "PR created. PR number: ${pr_index}" - echo "pr_created=true" >> "$GITHUB_OUTPUT" - echo "pr_index=${pr_index}" >> "$GITHUB_OUTPUT" - else - echo "Error checking for existing PR. Exiting..." - exit 1 - fi - - sonarqube-analysis: - name: SonarQube Analysis - runs-on: ubuntu-latest - needs: check-and-create-pr - outputs: - qg_status: ${{ steps.quality-gate.outputs.quality-gate-status }} - steps: - - name: Checkout Code - uses: actions/checkout@v4 - - - name: SonarQube Scan - uses: sonarsource/sonarqube-scan-action@v4.1.0 - env: - SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} - SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} - - - name: SonarQube Quality Gate - id: quality-gate - uses: sonarsource/sonarqube-quality-gate-action@v1.1.0 - env: - SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} - SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} - - - name: Custom Quality Gate Check - uses: DesarrolloORT/sonarqube-quality-gate-action@v1.0.1 - id: quality-gate-check - with: - sonar-project-key: rinoa-docker - sonar-host-url: ${{ secrets.SONARQUBE_HOST }} - sonar-token: ${{ secrets.SONARQUBE_TOKEN }} - - - name: JSON clean-up for proccessing... - id: json-cleanup - run: | - echo "Cleaning up quality gate response..." - echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt - sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json - jq -c '.' qg_raw.json > qg_fixed_json.json - projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json) - caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json) - conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json) - echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT - echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT - echo "conditions=${conditions}" >> $GITHUB_OUTPUT - - - name: Convert JSON to Markdown Table - id: convert-json-to-md - uses: buildingcash/json-to-markdown-table-action@v1.1.0 - with: - json: "${{ steps.json-cleanup.outputs.conditions }}" - - - name: Post SonarQube Results as Comment - env: - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - SQ_RESULTS: ${{ steps.convert-json-to-md.outputs.table }} - QG_STATUS: ${{ steps.quality-gate.outputs.quality-gate-status }} - RINOA_GITEA_URL: ${{ vars.RINOA_GITEA_URL }} - GITHUB_REPOSITORY: ${{ github.repository }} - BOT_GITEA_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} - run: | - formatted_results=$(echo "${SQ_RESULTS}" | sed 's/\\n/\ - /g') - payload=$(jq -n \ - --arg body "SonarQube analysis results: -
- ${{ env.SQ_RESULTS }}" \ - '{ body: $body }') - - response=$(curl -s -o response.json -w "%{http_code}" \ - -X POST \ - -H "Accept: application/json" \ - -H "Authorization: token ${BOT_GITEA_TOKEN}" \ - -H "Content-Type: application/json" \ - -d "$payload" \ - "${RINOA_GITEA_URL}/api/v1/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}/reviews") - - dry-run-merge-pr: - runs-on: ubuntu-latest - name: Dry Run & PR Merge - needs: sonarqube-analysis - if: needs.sonarqube-analysis.outputs.qg_status == 'PASSED' - steps: - - name: Checkout Code - uses: actions/checkout@v4 - - - name: Generate Ephemeral .env for Docker Compose Dry Run - run: | - echo "${{ secrets.RINOA_ENV }}" > .env - - - name: Docker Compose Dry Run - uses: s3i7h/spin-up-docker-compose-action@v1.2 - env: - DOCKER_HOST: tcp://dockerproxy:2375 - with: - file: docker-compose.yml - pull: true - pull-opts: --dry-run - up: true - up-opts: -d --dry-run - - - name: Tea CLI Setup & PR Merge - run: | - curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea - chmod +x /usr/local/bin/tea - echo "Merging PR..." - tea login add --name gitea-rinoa --url "${{ vars.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token "${{ secrets.BOT_GITEA_TOKEN }}" - pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --output csv | egrep "${{ gitea.ref_name }}" | awk -F, '{print $1}' | sed -e 's|"||g') - tea pr m --repo ${{ github.repository }} --title "Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index} \ No newline at end of file diff --git a/.gitea/workflows/deployment.yml b/.gitea/workflows/deployment.yml new file mode 100644 index 00000000..b65eb9ae --- /dev/null +++ b/.gitea/workflows/deployment.yml @@ -0,0 +1,75 @@ +name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow + +on: + push: + branches-ignore: + - main + +jobs: + # Job 1: Check if PR exists and create one if the branch is new + check-and-create-pr: + name: Check and Create PR + runs-on: ubuntu-latest + steps: + - name: Checkout Code + uses: actions/checkout@v4 + + - name: PR list + id: list-prs + run: | + curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea + chmod +x /usr/local/bin/tea + echo "Listing PRs..." + tea login add --name gitea-rinoa --url ${{ vars.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} + pr_state=$(tea pr ls --repo ${{ github.repository }} --state open --output csv | egrep 'open|closed|merged' | awk -F, '{print $3}' | sed -e 's|"||g') + echo "pr_state=$(echo ${pr_state})" >> "$GITHUB_OUTPUT" + + - name: Create PR + if: steps.list-prs.outputs.pr_state == 'closed' + uses: arifer612/Gitea-PR-action@v1.2.0 + with: + url: ${{ gitea.server_url }} + token: ${{ secrets.BOT_GITEA_TOKEN }} + assignee: ${{ gitea.actor }} + + docker-compose-test: + name: Docker Compose Test + needs: [create-pr] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Generate ephemeral .env compose file + id: generate-env-file-pr + run: | + echo "${{ secrets.RINOA_ENV }}" > .env + + - name: Docker Compose Lint + uses: yu-ichiro/spin-up-docker-compose-action@v1 + with: + file: docker-compose.yml + pull: true + pull-opts: --dry-run + up: true + up-opts: --dry-run -d --remove-orphans + env: + DOCKER_HOST: tcp://dockerproxy:2375 + + merge-pr: + name: PR Merge + runs-on: ubuntu-latest + needs: [docker-compose-test] + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Tea CLI Setup & PR Merge + run: | + curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea + chmod +x /usr/local/bin/tea + echo "Merging PR..." + tea login add --name gitea-rinoa --url ${{ vars.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} + echo ${{ gitea.ref_name }} + pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ gitea.ref_name }} | awk -F, '{print $1}' | sed -e 's|"||g') + tea pr m --repo ${{ github.repository }} --title "Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index} \ No newline at end of file