Files
rinoa-docker/.gitea/workflows/build.yaml
T

116 lines
3.8 KiB
YAML

on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
name: SonarQube Scan
jobs:
sonarqube:
name: SonarQube Scanning & Status
runs-on: ubuntu-latest
steps:
- name: Checking out
uses: actions/checkout@v4
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action@v4.0.0
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
- name: SonarQube Quality Gate Check
id: quality-gate
uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
# - name: Comment on Pull Request with Quality Gate Status
# id: comment-pr
# uses: prasiman/gocurl@v1
# with:
# method: POST
# url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/issues/${{ github.event.pull_request.number }}/reviews"
# headers: >
# Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
# body: |
# {
# "body": "SonarQube Quality Gate Status: ${{ steps.quality-gate.outputs.quality-gate-status }}"
# }
docker-compose-dry-run:
name: Dry Run Docker Compose
runs-on: ubuntu-latest
needs: quality-gate
if: steps.sonarqube.quality-gate.outputs.quality-gate-status == 'PASSED'
steps:
- name: Checking out
uses: actions/checkout@v4
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: Validate Docker Compose Configuration
run: |
docker compose config
if [ $? -ne 0 ]; then
echo "Docker Compose configuration validation failed."
exit 1
else
echo "Docker Compose configuration is valid."
fi
# - name: Docker Compose Lint
# uses: sjafferali/docker-compose-lint-action@v0.1.2
# with:
# compose-file: './docker-compose.yml'
# manual-approval:
# name: Manual Approval
# needs: docker-compose-test
# if: always()
# runs-on: self-hosted
# steps:
# - name: Approval Required
# run: |
# echo "Manual approval step reached. Please approve to proceed."
# exit 1
# deploy-changes:
# name: Merge and Deploy Changes
# needs: manual-approval
# runs-on: self-hosted
# steps:
# - name: Checkout Code
# uses: actions/checkout@v4
# - name: Merge Pull Request
# uses: prasiman/gocurl@v1
# with:
# method: POST
# url: "https://${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/pulls/${{ github.event.pull_request.number }}/merge"
# headers: >
# Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
# - name: Deploy Docker Compose Changes
# - uses: astappiev/docker-compose-remote-action@master
# name: Docker-Compose Remote Deployment
# with:
# ssh_host: example.com
# ssh_user: ${{ secrets.DEPLOY_USERNAME }}
# ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_KEY }}
# ssh_host_public_key: ${{ secrets.DEPLOY_PUBLIC_KEY }}
# docker_compose_prefix: myapp
# uses: alex-ac/github-action-ssh-docker-compose@master
# with:
# ssh_host: ${{ secrets.DOCKER_HOST }}
# ssh_user: ${{ secrets.DOCKER_USER }}
# ssh_key: ${{ secrets.DOCKER_SSH_KEY }}
# compose_file_path: /path/to/docker-compose.yml
# docker_compose_command: "up -d --remove-orphans"