Tweaking yet again (losing count here...).

.gitea/workflows/docker-compose-pr-workflow.yml

@@ -9,129 +9,73 @@ on:
       - '*'
 
 jobs:
-  sonarqube:
-    name: SonarQube Scanning & Status
+  create-pr-and-validate:
+    name: Create PR and Validate Docker Compose
     runs-on: ubuntu-latest
     steps:
-    - name: Checking out
-      uses: actions/checkout@v4
-      with:
-        # Disabling shallow clone is recommended for improving relevancy of reporting
-        fetch-depth: 0
-
-    - name: SonarQube Scan
-      uses: SonarSource/sonarqube-scan-action@v4.0.0
-      env:
-        SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
-        SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
-
-    - name: SonarQube Quality Gate Check
-      id: quality-gate
-      uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
-      env:
-        SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
-        SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
-
-    # - name: Comment on Pull Request with Quality Gate Status
-    #   id: comment-pr
-    #   uses: prasiman/gocurl@v1
-    #   with:
-    #     method: POST
-    #     url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/issues/${{ github.event.pull_request.number }}/reviews"
-    #     headers: >
-    #       Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
-    #     body: |
-    #       {
-    #         "body": "SonarQube Quality Gate Status: ${{ steps.quality-gate.outputs.quality-gate-status }}"
-    #       }
-
-  docker-compose-dry-run:
-    name: Dry Run Docker Compose
-    runs-on: ubuntu-latest
-    needs: quality-gate
-    if: ${{ steps.quality-gate.outputs.quality-gate-status }} == 'PASSED'
-    steps:  
-    - name: Checking out
-      uses: actions/checkout@v4
-      with:
-        # Disabling shallow clone is recommended for improving relevancy of reporting
-        fetch-depth: 0
-
-    - name: Generate ephemeral env
-      run: |
-        echo "${{ secrets.RINOA_DOCKER_ENV }}" > ./.env
-
-    - name: Validate Docker Compose Configuration
-      id: docker-lint
-      run: |
-        docker compose config --no-interpolate --quiet --dry-run
-        EXIT_CODE=$?
-        if [ $? -ne 0 ]; then
-          echo "Docker Compose configuration validation failed."
-          exit 1
-        else
-          echo "Docker Compose configuration is valid."
-        fi
-        echo "::set-output name=exit_code::$EXIT_CODE"
-
-    # - name: Docker Compose Lint
-    #   uses: sjafferali/docker-compose-lint-action@v0.1.2
-    #   with:
-    #     compose-file: './docker-compose.yml'
-
-  # manual-approval:
-  #   name: Manual Approval
-  #   needs: docker-compose-test
-  #   if: always()
-  #   runs-on: self-hosted
-  #   steps:
-  #     - name: Approval Required
-  #       run: |
-  #         echo "Manual approval step reached. Please approve to proceed."
-  #         exit 1
-
-  deploy-changes:
-    name: Merge and Deploy Changes
-    runs-on: ubuntu-latest
-    needs: docker-lint
-    if: steps.docker-lint.outputs.exit_code == 0
-    steps:
-      - name: Checkout Code
+      - name: Checkout Repository
         uses: actions/checkout@v4
-
-      - name: Install & Setup Tea CLI
-        run: |
-          curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
-          chmod +x /usr/local/bin/tea
-          tea login add --n gitea-rinoa --u "${{ secrets.RINOA_GITEA_SERVER }}" --user gitea-sonarqube-bot --pwd "${{ secrets.BOT_GITEA_PASSWORD }}" --t "${{ secrets.BOT_GITEA_TOKEN }}"
-      
-      - name: Merge PR with Tea CLI
-        run: |
-          echo "${{ gitea.event.pull_request.number }}"
-          tea pr m --message "Automatically merged by GitHub Actions" "${{ gitea.event.pull_request.number }}"
-
-  #     - name: Merge Pull Request
-  #       uses: prasiman/gocurl@v1
-  #       with:
-  #         method: POST
-  #         url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge"
-  #         headers: >
-  #           Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
-
-      - name: Deploy Docker Compose Changes
-        uses: astappiev/docker-compose-remote-action@master
+      - name: Check if Pull Request Exists
+        id: check-pr
+        uses: prasiman/gocurl@v1.2.0
         with:
-          ssh_host: 192.168.1.254
-          ssh_user: gitea-deploy
-          ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }}
-          ssh_host_public_key: ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }} 
-          docker_env: $ {{ secrets.RINOA_DOCKER_ENV }}
-          docker_args: -d --remove-orphans --build --dry-run
+          url: ${{ secrets.RINOA_GITEA_SERVER }}/repos/${{ github.repository_owner }}/pulls?state=open&head=${{ github.repository_owner }}:${{ github.ref_name }}
+          method: GET
+          headers: |
+            Authorization: token ${{ secrets.GITEA_API_TOKEN }}
+        outputs:
+          response: ${{ steps.check-pr.outputs.response }}
+      - name: Create Pull Request
+        if: env.PR_EXISTS != 'true'
+        uses: arifer612/Gitea-PR-action@v1.2.0
+        with:
+          url: ${{ secrets.RINOA_GITEA_SERVER }}
+          token: ${{ secrets.BOT_GITEA_TOKEN }}
+      - name: Run SonarQube Analysis
+        uses: sonarsource/sonarqube-scan-action@v4.1.0
+        with:
+          SONARQUBE_HOST: ${{ secrets.SONARQUBE_HOST }}
+          sonar_token: ${{ secrets.SONARQUBE_TOKEN }}
+      - name: Check SonarQube Quality Gate
+        id: quality-gate
+        uses: sonarsource/sonarqube-quality-gate-check-action@v2.0.0
+        with:
+          SONARQUBE_HOST: ${{ secrets.SONARQUBE_HOST }}
+          sonar_token: ${{ secrets.SONARQUBE_TOKEN }}
 
-      #   uses: alex-ac/github-action-ssh-docker-compose@master
-      #   with:
-      #     ssh_host: ${{ secrets.DOCKER_HOST }}
-      #     ssh_user: ${{ secrets.DOCKER_USER }}
-      #     ssh_key: ${{ secrets.DOCKER_SSH_KEY }}
-      #     compose_file_path: /path/to/docker-compose.yml
-      #     docker_compose_command: "up -d --remove-orphans"
+      - name: Validate Docker Compose Configuration
+        if: steps.quality-gate.outputs.quality-gate-status == 'PASSED'
+        id: docker-lint
+        run: |
+          echo "${{ secrets.DOCKER_ENV }}" > .env
+          docker compose config --no-interpolate --quiet --dry-run
+
+      - name: Merge Pull Request
+        if: steps.docker-lint.outcome == 'success'
+        uses: prasiman/gocurl@v1.2.0
+        with:
+          url: ${{ secrets.GITEA_API_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge
+          method: POST
+          headers: |
+            Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
+            Content-Type: application/json
+          body: |
+            {
+              "Do": "merge"
+            }
+
+  deploy-main:
+    name: Deploy to Remote Host
+    needs: create-pr-and-validate
+    if: github.ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+    steps:
+      - name: SSH to Remote Host and Deploy Docker Compose
+        uses: keatonLiu/docker-compose-remote-action@v1.2
+        with:
+          ssh_user: gitea-deploy
+          ssh_host: 192.168.1.254
+          ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }}
+          ssh_host_public_key: $ ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }}
+          compose_file_path: docker-compose.yml
+          args: "-d --remove-orphans --build --dry-run"