Changing the check PR step.

Merged by Trez.One

.gitea/workflows/branch-sonarscan-pr-merge.yml

@@ -1,163 +0,0 @@
-name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow
-
-on:
-  push:
-    branches-ignore:
-      - main
-
-jobs:
-  # Job 1: Check if PR exists and create one if the branch is new
-  check-and-create-pr:
-    name: Check and Create PR
-    runs-on: ubuntu-latest
-    outputs:
-      pr_created: ${{ steps.cc-pr.outputs.pr_created }}
-      pr_number: ${{ steps.cc-pr.outputs.pr_index }}
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-
-      - name: PR Check/Create
-        id: cc-pr
-        run: |
-          echo "Checking for existing PR..."
-          pr_check=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/main/${{ github.ref_name }} \
-            -X 'GET' \
-            -H 'Accept: application/json' \
-            -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
-            -s | jq '{index: .number, state: .state}')
-          pr_status=$(echo ${pr_check} | jq -r '.state')
-          if [ "${pr_status}" == "open" ]; then
-            echo "PR already exists. PR number: $(echo ${pr_check} | jq -r '.index')"
-            echo "pr_created=false" >> "$GITHUB_OUTPUT"
-            echo "pr_index=$(echo ${pr_check} | jq -r '.index')" >> "$GITHUB_OUTPUT"
-          elif [ "${pr_status}" == "closed" ]; then
-            echo "PR does not exist. Creating PR..."
-            pr_response=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls -s \
-              -X 'POST' \
-              -H 'Accept: application/json' \
-              -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
-              -H 'Content-Type: application/json' \
-              -d '{
-                "base": "main",
-                "head": "'"${{ github.ref_name }}"'",
-                "title": "Automated PR for branch '"${{ github.ref_name }}"'",
-                "body": "This is an automated PR created for branch '"${{ github.ref_name }}"'."
-              }')
-            pr_index=$(echo ${pr_response} | jq -r '.number')
-            echo "PR created. PR number: ${pr_index}"
-            echo "pr_created=true" >> "$GITHUB_OUTPUT"
-            echo "pr_index=${pr_index}" >> "$GITHUB_OUTPUT"
-          else
-            echo "Error checking for existing PR. Exiting..."
-            exit 1
-          fi
-
-  sonarqube-analysis:
-    name: SonarQube Analysis
-    runs-on: ubuntu-latest
-    needs: check-and-create-pr
-    outputs:
-      qg_status: ${{ steps.quality-gate.outputs.quality-gate-status }}
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-
-      - name: SonarQube Scan
-        uses: sonarsource/sonarqube-scan-action@v4.1.0
-        env:
-          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
-          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
-
-      - name: SonarQube Quality Gate
-        id: quality-gate
-        uses: sonarsource/sonarqube-quality-gate-action@v1.1.0
-        env:
-          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
-          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
-
-      - name: Custom Quality Gate Check
-        uses: DesarrolloORT/sonarqube-quality-gate-action@v1.0.1
-        id: quality-gate-check
-        with:
-          sonar-project-key: rinoa-docker
-          sonar-host-url: ${{ secrets.SONARQUBE_HOST }}
-          sonar-token: ${{ secrets.SONARQUBE_TOKEN }}
-
-      - name: JSON clean-up for proccessing...
-        id: json-cleanup
-        run: |
-          echo "Cleaning up quality gate response..."
-          echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt
-          sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json
-          jq -c '.' qg_raw.json > qg_fixed_json.json
-          projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json)
-          caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json)
-          conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json)
-          echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT
-          echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT
-          echo "conditions=${conditions}" >> $GITHUB_OUTPUT
-
-      - name: Convert JSON to Markdown Table
-        id: convert-json-to-md
-        uses: buildingcash/json-to-markdown-table-action@v1.1.0
-        with:
-          json: "${{ steps.json-cleanup.outputs.conditions }}"
-
-      - name: Post SonarQube Results as Comment
-        env:
-          PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }}
-          SQ_RESULTS: ${{ steps.convert-json-to-md.outputs.table }}
-          QG_STATUS: ${{ steps.quality-gate.outputs.quality-gate-status }}
-          RINOA_GITEA_URL: ${{ vars.RINOA_GITEA_URL }}
-          GITHUB_REPOSITORY: ${{ github.repository }}
-          BOT_GITEA_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }}
-        run: |
-          formatted_results=$(echo "${SQ_RESULTS}" | sed 's/\\n/\
-          /g')
-          payload=$(jq -n \
-            --arg body "SonarQube analysis results:
-                <br>
-                ${{ env.SQ_RESULTS }}" \
-            '{ body: $body }')
-            
-          response=$(curl -s -o response.json -w "%{http_code}" \
-            -X POST \
-            -H "Accept: application/json" \
-            -H "Authorization: token ${BOT_GITEA_TOKEN}" \
-            -H "Content-Type: application/json" \
-            -d "$payload" \
-            "${RINOA_GITEA_URL}/api/v1/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}/reviews")
-
-  dry-run-merge-pr:
-    runs-on: ubuntu-latest
-    name: Dry Run & PR Merge
-    needs: sonarqube-analysis
-    if: needs.sonarqube-analysis.outputs.qg_status == 'PASSED'
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-        
-      - name: Generate Ephemeral .env for Docker Compose Dry Run
-        run: |
-          echo "${{ secrets.RINOA_ENV }}" > .env
-
-      - name: Docker Compose Dry Run
-        uses: s3i7h/spin-up-docker-compose-action@v1.2
-        env:
-          DOCKER_HOST: tcp://dockerproxy:2375
-        with:
-          file: docker-compose.yml
-          pull: true
-          pull-opts: --dry-run
-          up: true
-          up-opts: -d --dry-run
-
-      - name: Tea CLI Setup & PR Merge
-        run: |
-          curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
-          chmod +x /usr/local/bin/tea
-          echo "Merging PR..."
-          tea login add --name gitea-rinoa --url "${{ vars.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token "${{ secrets.BOT_GITEA_TOKEN }}"
-          pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --output csv | egrep "${{ gitea.ref_name }}" | awk -F, '{print $1}' | sed -e 's|"||g')
-          tea pr m --repo ${{ github.repository }} --title "Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index}

.gitea/workflows/deployment.yml

@@ -0,0 +1,75 @@
+name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow
+
+on:
+  push:
+    branches-ignore:
+      - main
+
+jobs:
+  # Job 1: Check if PR exists and create one if the branch is new
+  check-and-create-pr:
+    name: Check and Create PR
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: PR list
+        id: list-prs
+        run: |
+          pr_check=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/main/${{ github.ref_name }} \
+            -X 'GET' \
+            -H 'Accept: application/json' \
+            -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
+            -s | jq '{index: .number, state: .state}')
+          pr_state=$(echo ${pr_check} | jq -r '.state')
+
+      - name: Create PR
+        if: steps.list-prs.outputs.pr_state != 'open'
+        uses: arifer612/Gitea-PR-action@v1.2.0
+        with:
+          url: ${{ gitea.server_url }}
+          token: ${{ secrets.BOT_GITEA_TOKEN }}
+          assignee: ${{ gitea.actor }}
+
+  docker-compose-test:
+    name: Docker Compose Test
+    needs: [create-pr]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Generate ephemeral .env compose file
+        id: generate-env-file-pr
+        run: |
+          echo "${{ secrets.RINOA_ENV }}" > .env
+
+      - name: Docker Compose Lint
+        uses: yu-ichiro/spin-up-docker-compose-action@v1
+        with:
+          file: docker-compose.yml
+          pull: true
+          pull-opts: --dry-run
+          up: true
+          up-opts: --dry-run -d --remove-orphans
+        env:
+          DOCKER_HOST: tcp://dockerproxy:2375
+
+  merge-pr:
+    name: PR Merge
+    runs-on: ubuntu-latest
+    needs: [docker-compose-test]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Tea CLI Setup & PR Merge
+        run: |
+          curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
+          chmod +x /usr/local/bin/tea
+          echo "Merging PR..."
+          tea login add --name gitea-rinoa --url ${{ vars.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }}
+          echo ${{ gitea.ref_name }}
+          pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ gitea.ref_name }} | awk -F, '{print $1}' | sed -e 's|"||g')
+          tea pr m --repo ${{ github.repository }} --title "Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index}

.gitignore

@@ -1 +1,2 @@
-**/.env*
+**/.env*
+**/*env*

docker-compose.yml

@@ -877,6 +877,8 @@ services:
       - VOLUMES=1
       - LOG_LEVEL=debug
     image: ghcr.io/tecnativa/docker-socket-proxy:latest
+    labels:
+      komodo.skip: s
     networks:
       default: null
     ports:
@@ -1733,49 +1735,6 @@ services:
         target: /var/www/html/app/migrations
         type: volume
         volume: {}
-  huginn:
-    container_name: huginn
-    environment:
-      HUGINN_DATABASE_HOST: mariadb
-      HUGINN_DATABASE_NAME: huginn
-      HUGINN_DATABASE_PASSWORD: MLbKPT3j9TYcguYevFRcfEcrXtL4kcxujtrNdrq9eCig4WhUbxkyLoAiCPpm4zob
-      HUGINN_DATABASE_PORT: "3306"
-      HUGINN_DATABASE_USERNAME: huginn
-      PGID: "1000"
-      PUID: "1000"
-      TZ: America/New_York
-    hostname: Rinoa
-    image: ghcr.io/huginn/huginn
-    labels:
-      - homepage.group=Automation
-      - homepage.name=Huginn
-      - homepage.href=https://huginn.${MY_TLD}
-      - homepage.icon=huginn
-      - homepage.description=Agent/Web Automation
-      - swag=enable
-      - swag_port=3000
-      - swag_proto=http
-      - swag.uptime-kuma.enabled=true
-    networks:
-      default: null
-    ports:
-      - mode: ingress
-        protocol: tcp
-        published: "3005"
-        target: 3000
-    restart: unless-stopped
-    volumes:
-      - bind:
-          create_host_path: true
-        read_only: true
-        source: /etc/localtime
-        target: /etc/localtime
-        type: bind
-      - bind:
-          create_host_path: true
-        source: /rinoa-storage
-        target: /storage
-        type: bind
   hugo:
     command: hugo server --baseURL "it-services.trez.wtf" --bind 0.0.0.0 --appendPort=false --source=/src/it-services --configDir=/src/it-services/config/ -e production --logLevel debug
     container_name: hugo
@@ -2672,6 +2631,7 @@ services:
       homepage.href: https://komodo.${MY_TLD}
       homepage.icon: /icons/komodo.png
       homepage.description: Open-source note taking & to-do
+      komodo.skip: a
       swag: enable
       swag_url: komodo.${MY_TLD}
       swag_port: 9120
@@ -2687,7 +2647,7 @@ services:
       - komodo-pg-db
     image: ghcr.io/ferretdb/ferretdb
     labels:
-      komodo.skip: # Prevent Komodo from stopping with StopAllContainers
+      komodo.skip: a
     restart: unless-stopped
     expose:
       - 27017
@@ -2705,7 +2665,7 @@ services:
       - 8120
     image: ghcr.io/mbecker20/periphery:latest
     labels:
-      komodo.skip: 
+      komodo.skip: a
     restart: always
     volumes:
       - /proc:/proc
@@ -2717,6 +2677,8 @@ services:
       POSTGRES_DB: komodo
     expose:
       - 5432
+    labels:
+      komodo.skip: a
     image: postgres:17-alpine
     restart: unless-stopped
     volumes:
@@ -3163,7 +3125,7 @@ services:
       - homepage.description=
       - swag=enable
       - swag_proto=http
-      - swag_port=46717
+      - swag_port=80
       - swag_url=mesh.${MY_TLD}
     ports:
       - 46717:80 # HTTP
@@ -3235,6 +3197,14 @@ services:
       - TZ=${TZ}
       - PUID=${PUID}
       - PGID=${PGID}
+      - MALOJA_URL=http://maloja:42010
+      - MALOJA_API_KEY=${MALOJA_API_KEY}
+      - LASTFM_API_KEY=${LASTFM_API_KEY}
+      - LASTFM_API_SECRET=${LASTFM_API_SECRET}
+      - LZ_USER=Trez.on
+      - LZ_TOKEN=${MALOJA_LISTENBRAINZ_TOKEN}
+      - SPOTIFY_CLIENT_ID=${YOUR_SPOTIFY_ID}
+      - SPOTIFY_CLIENT_SECRET=${YOUR_SPOTIFY_SECRET}
     image: foxxmd/multi-scrobbler
     labels:
       - homepage.group=Media Library
@@ -3256,6 +3226,33 @@ services:
         type: bind
         bind:
           create_host_path: true
+  n8n:
+    container_name: n8n
+    environment:
+      N8N_HOST: n8n.${MY_TLD}
+      N8N_PORT: 5678
+      N8N_PROTOCOL: https
+      NODE_ENV: production
+      WEBHOOK_URL: https://n8n.${MY_TLD}/
+      GENERIC_TIMEZONE: ${TZ}
+    image: docker.n8n.io/n8nio/n8n
+    labels:
+      swag: enable
+      swag_proto: http
+      swag_port: 5678
+      swag_url: n8n.${MY_TLD}
+      swag.uptime-kuma.enabled: true
+      swag.uptime-kuma.monitor.url: https://n8n.${MY_TLD}
+      homepage.group: Automation
+      homepage.name: n8n
+      homepage.href: https://n8n.${MY_TLD}
+      homepage.icon: n8n.svg
+      homepage.description: Extendable workflow automation tool to easily automate tasks
+    ports:
+      - 5678:5678
+    restart: unless-stopped
+    volumes:
+      - n8n-data:/home/node/.n8n
   navidrome:
     container_name: navidrome
     environment:
@@ -3617,58 +3614,6 @@ services:
       - plausible-event-logs:/var/log/clickhouse-server
       - ${DOCKER_VOLUME_CONFIG}/plausible/clickhouse/clickhouse-config.xml:/etc/clickhouse-server/config.d/logging.xml:ro
       - ${DOCKER_VOLUME_CONFIG}/plausible/clickhouse/clickhouse-user-config.xml:/etc/clickhouse-server/users.d/logging.xml:ro
-  portainer:
-    command:
-      - -H
-      - unix:///var/run/docker.sock
-    container_name: portainer
-    environment:
-      - TZ=America/New_York
-      - DOCKER_MODS=ghcr.io/themepark-dev/theme.park:portainer
-    hostname: Rinoa
-    image: portainer/portainer-ce:latest
-    labels:
-      - homepage.group=System Administration
-      - homepage.name=Portainer
-      - homepage.href=https://portainer.${MY_TLD}
-      - homepage.icon=portainer.png
-      - homepage.description=Docker container management
-      - homepage.widget.type=portainer
-      - homepage.widget.url=http://portainer:9000
-      - homepage.widget.env=1
-      - homepage.widget.key=${PORTAINER_API_KEY}
-      - swag=enable
-      - swag.uptime-kuma.enabled=true
-    networks:
-      default: null
-    ports:
-      - mode: ingress
-        protocol: tcp
-        published: "9000"
-        target: 9000
-    restart: unless-stopped
-    volumes:
-      - bind:
-          create_host_path: true
-        read_only: true
-        source: /etc/localtime
-        target: /etc/localtime
-        type: bind
-      - bind:
-          create_host_path: true
-        source: ${DOCKER_VOLUME_CONFIG}/portainer
-        target: /data
-        type: bind
-      - bind:
-          create_host_path: true
-        source: /rinoa-storage
-        target: /storage
-        type: bind
-      - bind:
-          create_host_path: true
-        source: /var/run/docker.sock
-        target: /var/run/docker.sock
-        type: bind
   postal-smtp:
     cap_add:
       - NET_BIND_SERVICE
@@ -4586,6 +4531,27 @@ services:
         type: bind
         bind:
           create_host_path: true
+  spotisub:
+    container_name: spotisub
+    environment:
+      SPOTIPY_CLIENT_ID: ${YOUR_SPOTIFY_ID}
+      SPOTIPY_CLIENT_SECRET: ${YOUR_SPOTIFY_SECRET}
+      SPOTIPY_REDIRECT_URI: http://127.0.0.1:8080/
+      SUBSONIC_API_HOST: http://navidrome
+      SUBSONIC_API_PORT: 4533
+      SUBSONIC_API_USER: ${NAVIDROME_USERNAME}
+      SUBSONIC_API_PASS: ${NAVIDROME_PASSWORD}
+    healthcheck:
+      test: curl -s http://127.0.0.1:5183/api/v1/utils/healthcheck | grep -q 'Ok!' || exit 1
+      interval: 30s
+      retries: 20
+      start_period: 30s
+    image: blastbeng/spotisub:latest
+    ports:
+      - 5183:5183
+    restart: always
+    volumes:
+      - ${DOCKER_VOLUME_CONFIG}/spotisub:/home/user/spotisub/cache
   swag:
     cap_add:
       - NET_ADMIN
@@ -4616,6 +4582,7 @@ services:
       - swag_port=81
       - swag_url=swag.${MY_TLD}
       - swag_auth=authelia
+      - komodo.skip=a
       - swag.uptime-kuma.enabled=true
       - swag.uptime-kuma.monitor.url=https://swag.${MY_TLD}
       - homepage.group=Infrastructure/App Performance Monitoring
@@ -6965,27 +6932,25 @@ services:
   zitadel:
     container_name: zitadel
     image: ghcr.io/zitadel/zitadel:latest
-    command: 'start-from-init --masterkeyFromEnv  --config /config.yaml --config secrets.yaml --config init-steps.yaml --tlsMode external'
+    command: 'start-from-init --masterkeyFromEnv --config /config.yaml --config /secrets.yaml --config /init-steps.yaml --tlsMode external'
     # depends_on:
     #   zitadel-pg-db:
     #     condition: 'service_healthy'
     environment:
-      ZITADEL_DATABASE_POSTGRES_DATABASE: zitadel
-      ZITADEL_DATABASE_POSTGRES_USER_PASSWORD: ${ZITADEL_DB_PASSWORD}
-      ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: ${ZITADEL_DB_ADMIN_PASSWORD}
       ZITADEL_MASTERKEY: ${ZITADEL_MASTER_KEY}
     expose:
       - 8080
     labels:
-      - swag=enable
-      - swag_proto=http
-      - swag_port=8080
-      - swag_url=zitadel.${MY_TLD}
-      - homepage.group=System Administration
-      - homepage.name=Zitadel
-      - homepage.href=https://id.${MY_TLD}
-      - homepage.icon=zitadel.svg
-      - homepage.description=Centralized authentication management
+      swag: enable
+      swag_proto: http
+      swag_port: 8080
+      swag_url: id.${MY_TLD}
+      swag_server_custom_directive: http2 on;
+      homepage.group: System Administration
+      homepage.name: Zitadel
+      homepage.href: https://id.${MY_TLD}
+      homepage.icon: zitadel.svg
+      homepage.description: Centralized authentication management
     volumes:
       - ${DOCKER_VOLUME_CONFIG}/zitadel/config.yaml:/config.yaml
       - ${DOCKER_VOLUME_CONFIG}/zitadel/init-steps.yaml:/init-steps.yaml
@@ -7074,6 +7039,8 @@ volumes:
     name: compose_mongo1_config
   mongodb_data:
     name: compose_mongo1_data
+  n8n-data:
+    name: n8n-data
   netbox-pg-db:
     name: netbox-pg-db
   ollama: