on: push: branches: - main pull_request: types: [opened, synchronize, reopened] name: SonarQube Scan jobs: sonarqube: name: SonarQube Scanning & Status runs-on: ubuntu-latest steps: - name: Checking out uses: actions/checkout@v4 with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 - name: SonarQube Scan uses: SonarSource/sonarqube-scan-action@v4.0.0 env: SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} - name: SonarQube Quality Gate Check id: quality-gate uses: SonarSource/sonarqube-quality-gate-action@v1.1.0 env: SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} # - name: Comment on Pull Request with Quality Gate Status # id: comment-pr # uses: prasiman/gocurl@v1 # with: # method: POST # url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/issues/${{ github.event.pull_request.number }}/reviews" # headers: > # Authorization: token ${{ secrets.BOT_GITEA_TOKEN }} # body: | # { # "body": "SonarQube Quality Gate Status: ${{ steps.quality-gate.outputs.quality-gate-status }}" # } docker-compose-dry-run: name: Dry Run Docker Compose runs-on: ubuntu-latest needs: quality-gate if: needs.steps.quality-gate.outputs.quality-gate-status == 'PASSED' steps: - name: Checking out uses: actions/checkout@v4 with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 - name: Validate Docker Compose Configuration run: | docker compose config if [ $? -ne 0 ]; then echo "Docker Compose configuration validation failed." exit 1 else echo "Docker Compose configuration is valid." fi # - name: Docker Compose Lint # uses: sjafferali/docker-compose-lint-action@v0.1.2 # with: # compose-file: './docker-compose.yml' # manual-approval: # name: Manual Approval # needs: docker-compose-test # if: always() # runs-on: self-hosted # steps: # - name: Approval Required # run: | # echo "Manual approval step reached. Please approve to proceed." # exit 1 # deploy-changes: # name: Merge and Deploy Changes # needs: manual-approval # runs-on: self-hosted # steps: # - name: Checkout Code # uses: actions/checkout@v4 # - name: Merge Pull Request # uses: prasiman/gocurl@v1 # with: # method: POST # url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge" # headers: > # Authorization: token ${{ secrets.BOT_GITEA_TOKEN }} # - name: Deploy Docker Compose Changes # - uses: astappiev/docker-compose-remote-action@master # name: Docker-Compose Remote Deployment # with: # ssh_host: example.com # ssh_user: ${{ secrets.DEPLOY_USERNAME }} # ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_KEY }} # ssh_host_public_key: ${{ secrets.DEPLOY_PUBLIC_KEY }} # docker_compose_prefix: myapp # uses: alex-ac/github-action-ssh-docker-compose@master # with: # ssh_host: ${{ secrets.DOCKER_HOST }} # ssh_user: ${{ secrets.DOCKER_USER }} # ssh_key: ${{ secrets.DOCKER_SSH_KEY }} # compose_file_path: /path/to/docker-compose.yml # docker_compose_command: "up -d --remove-orphans"