97 lines
3.2 KiB
YAML
97 lines
3.2 KiB
YAML
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
types: [opened, synchronize, reopened]
|
|
|
|
name: Docker Scan, Lint, & Deploy via Compose
|
|
jobs:
|
|
sonarqube:
|
|
name: SonarQube Scanning & Quality Gate
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checking out
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
# - name: SonarQube Scan
|
|
# id: sonarqube-scan
|
|
# uses: SonarSource/sonarqube-scan-action@v4.0.0
|
|
# env:
|
|
# SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|
|
# SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
|
|
|
# - name: SonarQube Quality Gate Check
|
|
# id: quality-gate
|
|
# uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
|
|
# env:
|
|
# SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|
|
# SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
|
|
|
docker-compose-dry-run:
|
|
name: Dry Run Docker Compose
|
|
runs-on: ubuntu-latest
|
|
needs: quality-gate
|
|
if: ${{ steps.quality-gate.outputs.quality-gate-status }} == 'PASSED'
|
|
steps:
|
|
- name: Checking out
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Generate ephemeral env
|
|
run: |
|
|
echo "${{ secrets.RINOA_DOCKER_ENV }}" > ./.env
|
|
|
|
- name: Validate Docker Compose Configuration
|
|
id: docker-lint
|
|
run: |
|
|
docker compose config --no-interpolate --quiet --dry-run
|
|
EXIT_CODE=$?
|
|
if [ $? -ne 0 ]; then
|
|
echo "Docker Compose configuration validation failed."
|
|
exit 1
|
|
else
|
|
echo "Docker Compose configuration is valid."
|
|
fi
|
|
echo "::set-output name=exit_code::$EXIT_CODE"
|
|
|
|
deploy-changes:
|
|
name: Merge and Deploy Changes
|
|
runs-on: ubuntu-latest
|
|
needs: docker-lint
|
|
if: steps.docker-lint.outputs.exit_code == 0
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
|
|
# - name: Install & Setup Tea CLI
|
|
# run: |
|
|
# curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
|
|
# chmod +x /usr/local/bin/tea
|
|
# tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_SERVER }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token "${{ secrets.BOT_GITEA_TOKEN }}"
|
|
|
|
# - name: Merge PR with Tea CLI
|
|
# run: |
|
|
# echo "${{ gitea.event.pull_request.number }}"
|
|
# tea pr m --repo "${{ gitea.repository.name }}" --message "Automatically merged by GitHub Actions" --output table "${{ gitea.event.pull_request.number }}"
|
|
|
|
- name: Merge PR
|
|
uses: uses: AlexRogalskiy/github-action-git-operation@V2.0.1
|
|
with:
|
|
mode: 'merge-fast-forward'
|
|
sourceBranch: $ {{ gitea.event.pull_request.head.ref }}
|
|
targetBranch: 'main'
|
|
|
|
- name: Deploy Docker Compose Changes
|
|
uses: 5eqn/docker-compose-remote-action@v0.0.7
|
|
with:
|
|
ssh_host: 192.168.1.254
|
|
ssh_user: gitea-deploy
|
|
ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }}
|
|
ssh_host_public_key: ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }}
|
|
docker_env: $ {{ secrets.RINOA_DOCKER_ENV }}
|
|
docker_args: -d --remove-orphans --build --dry-run
|