From bcac84f2fdc6e2b9016eb69543751d7763a214f7 Mon Sep 17 00:00:00 2001
From: moilanik <niko.moilanen@tietoevry.com>
Date: Mon, 22 Jun 2026 09:55:25 +0300
Subject: [PATCH] =?UTF-8?q?siistimist=C3=A4,=20router=20pipelien=20clean?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .gitea/workflows/example-gitea-env.conf   |   1 +
 .gitea/workflows/example-main.yml         | 103 +++-------------------
 .gitea/workflows/git-pages.ci-main.yml    |  17 +++-
 .gitea/workflows/git-pages.gitea-env.conf |   1 +
 .gitea/workflows/gitops-dispatch.yml      |  58 ++++++++++++
 .gitea/workflows/report-summary.yml       |  23 +++++
 docs/workflows.md                         |  56 +++++++++---
 scripts/gitops-dispatch.sh                |  44 +++++++++
 8 files changed, 200 insertions(+), 103 deletions(-)
 create mode 100644 .gitea/workflows/gitops-dispatch.yml
 create mode 100644 scripts/gitops-dispatch.sh

diff --git a/.gitea/workflows/example-gitea-env.conf b/.gitea/workflows/example-gitea-env.conf
index 7d35737..8e789e7 100644
--- a/.gitea/workflows/example-gitea-env.conf
+++ b/.gitea/workflows/example-gitea-env.conf
@@ -4,3 +4,4 @@ DOCKER_REGISTRY=gitea.app.keskikuja.site/niko
 DOCKER_IMAGE_NAME=gitea-ci-library-test-image
 DOCKER_UI_URL=https://gitea.app.keskikuja.site/niko/-/packages/container
 #DOCKERFILE=Dockerfile.platform
+
diff --git a/.gitea/workflows/example-main.yml b/.gitea/workflows/example-main.yml
index 95eacac..fec4a98 100644
--- a/.gitea/workflows/example-main.yml
+++ b/.gitea/workflows/example-main.yml
@@ -3,6 +3,7 @@ on:
   push:
     branches:
       - main
+      - feature/gitops
   workflow_dispatch:
 
 jobs:
@@ -59,104 +60,28 @@ jobs:
       env_json: ${{ needs.load-config.outputs.env_json }}
       version: ${{ needs.check-version.outputs.version }}
 
-  gitops-chart:
-    name: GitOps — helm version
-    needs: [helm-build-push]
-    if: success()
-    runs-on: ubuntu-latest
-    outputs:
-      chart_commit: ${{ steps.update.outputs.chart_commit }}
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/checkout@v4
-        with:
-          repository: niko/gitea-ci-library
-          path: .ci
-      - name: Update Chart.yaml version
-        id: update
-        run: |
-          INPUTS=$(jq -nc \
-            --arg file "dev/Chart.yaml" \
-            --arg yq_tpl '(.dependencies[] | select(.name == "git-pages") | .version) = "{{VERSION}}"' \
-            --arg version "${{ needs.check-version.outputs.version }}" \
-            --arg source_repo "${{ github.repository }}" \
-            --arg source_commit "${{ github.sha }}" \
-            --arg git_tag_prefix "helm" \
-            '{file: $file, yq_tpl: $yq_tpl, version: $version, source_repo: $source_repo, source_commit: $source_commit, git_tag_prefix: $git_tag_prefix}')
-          OUTPUT=$(bash .ci/scripts/dispatch-workflow.sh \
-            "niko/gitea-ci-gitops-tests" "gitops-service.yaml" "main" \
-            "$INPUTS" "${{ fromJson(needs.load-config.outputs.env_json).GITEA_API_URL }}" \
-            "${{ secrets.GITOPS_DISPATCH_TOKEN }}" "30")
-          echo "$OUTPUT"
-          CHART_REPO=$(echo "$OUTPUT" | grep '^GITOPS_COMMIT=' | cut -d= -f2)
-          echo "chart_commit=$CHART_REPO" >> "$GITHUB_OUTPUT"
-
-  gitops-values:
-    name: GitOps — docker tag
+  docker-gitops:
+    name: Update docker
     needs: [docker-build-push]
-    if: success()
-    runs-on: ubuntu-latest
-    outputs:
-      values_commit: ${{ steps.update.outputs.values_commit }}
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/checkout@v4
-        with:
-          repository: niko/gitea-ci-library
-          path: .ci
-      - name: Update values.yaml tag
-        id: update
-        run: |
-          INPUTS=$(jq -nc \
-            --arg file "dev/values.yaml" \
-            --arg yq_tpl '.service.tag = "{{VERSION}}"' \
-            --arg version "${{ needs.check-version.outputs.version }}" \
-            --arg source_repo "${{ github.repository }}" \
-            --arg source_commit "${{ github.sha }}" \
-            --arg git_tag_prefix "docker" \
-            '{file: $file, yq_tpl: $yq_tpl, version: $version, source_repo: $source_repo, source_commit: $source_commit, git_tag_prefix: $git_tag_prefix}')
-          OUTPUT=$(bash .ci/scripts/dispatch-workflow.sh \
-            "niko/gitea-ci-gitops-tests" "gitops-service.yaml" "main" \
-            "$INPUTS" "${{ fromJson(needs.load-config.outputs.env_json).GITEA_API_URL }}" \
-            "${{ secrets.GITOPS_DISPATCH_TOKEN }}" "30")
-          echo "$OUTPUT"
-          VALUES_REPO=$(echo "$OUTPUT" | grep '^GITOPS_COMMIT=' | cut -d= -f2)
-          echo "values_commit=$VALUES_REPO" >> "$GITHUB_OUTPUT"
+    uses: niko/gitea-ci-library/.gitea/workflows/gitops-dispatch.yml@main
+    secrets: inherit
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+      version: ${{ needs.check-version.outputs.version }}
+      GITOPS_FILE: dev/values.yaml
+      GITOPS_YQ_TPL: '.service.tag = "{{VERSION}}"'
+      GITOPS_REPO: niko/gitea-ci-gitops-tests
 
   report-summary:
     name: Report Summary
-    needs: [load-config, docker-build-push, helm-build-push]
+    needs: [load-config, check-version, docker-build-push, docker-gitops]
     if: always()
     uses: niko/gitea-ci-library/.gitea/workflows/report-summary.yml@main
     with:
       env_json: ${{ needs.load-config.outputs.env_json }}
       suites: bats cucumber
-
-  gitops-summary:
-    name: GitOps Summary
-    needs: [load-config, check-version, gitops-chart, gitops-values]
-    if: always()
-    runs-on: ubuntu-latest
-    steps:
-      - name: Write GitOps summary
-        run: |
-          GITEA_URL="${{ fromJson(needs.load-config.outputs.env_json).GITEA_API_URL }}"
-          CHART_COMMIT="${{ needs.gitops-chart.outputs.chart_commit }}"
-          VALUES_COMMIT="${{ needs.gitops-values.outputs.values_commit }}"
-          CHART_LINK="${GITEA_URL}/niko/gitea-ci-gitops-tests/commit/${CHART_COMMIT}"
-          VALUES_LINK="${GITEA_URL}/niko/gitea-ci-gitops-tests/commit/${VALUES_COMMIT}"
-
-          cat >> "$GITHUB_STEP_SUMMARY" << 'GITOPS'
-
-          ## GitOps updates
-
-          | Component | Version | Status | GitOps commit |
-          |-----------|---------|--------|--------------|
-          GITOPS
-          {
-            echo "| helm | ${{ needs.check-version.outputs.version }} | ${{ needs.gitops-chart.result }} | [link](${CHART_LINK}) |"
-            echo "| docker | ${{ needs.check-version.outputs.version }} | ${{ needs.gitops-values.result }} | [link](${VALUES_LINK}) |"
-          } >> "$GITHUB_STEP_SUMMARY"
+      gitops: |
+        ${{ needs.docker-gitops.outputs.summary }}
 
   tag-maintenance:
     name: Move provider version tag
diff --git a/.gitea/workflows/git-pages.ci-main.yml b/.gitea/workflows/git-pages.ci-main.yml
index 868fcfd..af37b10 100644
--- a/.gitea/workflows/git-pages.ci-main.yml
+++ b/.gitea/workflows/git-pages.ci-main.yml
@@ -5,7 +5,6 @@ on:
       - main
     paths:
       - git-pages/**
-      - .gitea/workflows/helm-build-push.yml
       - .gitea/workflows/git-pages.*
   workflow_dispatch:
 
@@ -36,11 +35,25 @@ jobs:
       version: ${{ needs.check-version.outputs.version }}
       chart_path: git-pages
 
+  chart-gitops:
+    name: Update chart to the cluster
+    needs: [helm-push]
+    uses: niko/gitea-ci-library/.gitea/workflows/gitops-dispatch.yml
+    secrets: inherit
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+      version: ${{ needs.check-version.outputs.version }}
+      GITOPS_FILE: dev/Chart.yaml
+      GITOPS_YQ_TPL: '(.dependencies[] | select(.name == "git-pages") | .version) = "{{VERSION}}"'
+      GITOPS_REPO: niko/gitea-ci-gitops-tests
+
   report-summary:
     name: Report Summary
-    needs: [load-config, helm-push]
+    needs: [load-config, helm-push, chart-gitops]
     if: always()
     uses: niko/gitea-ci-library/.gitea/workflows/report-summary.yml@main
     with:
       env_json: ${{ needs.load-config.outputs.env_json }}
       suites: ""
+      gitops: |
+        ${{ needs.chart-gitops.outputs.summary }}
diff --git a/.gitea/workflows/git-pages.gitea-env.conf b/.gitea/workflows/git-pages.gitea-env.conf
index c497b13..eea1639 100644
--- a/.gitea/workflows/git-pages.gitea-env.conf
+++ b/.gitea/workflows/git-pages.gitea-env.conf
@@ -3,3 +3,4 @@ HELM_REGISTRY=gitea.app.keskikuja.site/niko
 HELM_UI_URL=https://gitea.app.keskikuja.site/niko/-/packages/container
 GIT_TAG_PREFIX=git-pages/
 VERSION_FILE=git-pages/Chart.yaml
+
diff --git a/.gitea/workflows/gitops-dispatch.yml b/.gitea/workflows/gitops-dispatch.yml
new file mode 100644
index 0000000..38bbdea
--- /dev/null
+++ b/.gitea/workflows/gitops-dispatch.yml
@@ -0,0 +1,58 @@
+name: GitOps Dispatch
+on:
+  workflow_call:
+    inputs:
+      env_json:
+        required: true
+        type: string
+      version:
+        required: true
+        type: string
+      GITOPS_FILE:
+        required: true
+        type: string
+      GITOPS_YQ_TPL:
+        required: true
+        type: string
+      GITOPS_REPO:
+        required: true
+        type: string
+    secrets:
+      GITOPS_DISPATCH_TOKEN:
+        required: true
+    outputs:
+      summary:
+        description: 'Pipe-format: component|version|status|commit_sha|repo'
+        value: ${{ jobs.dispatch.outputs.summary }}
+
+env:
+  GITOPS_VERSION: ${{ inputs.version }}
+  GITOPS_FILE: ${{ inputs.GITOPS_FILE }}
+  GITOPS_YQ_TPL: ${{ inputs.GITOPS_YQ_TPL }}
+  GITOPS_REPO: ${{ inputs.GITOPS_REPO }}
+  GITOPS_SOURCE_REPO: ${{ github.repository }}
+  GITOPS_SOURCE_COMMIT: ${{ github.sha }}
+  GITEA_API_URL: ${{ fromJson(inputs.env_json).GITEA_API_URL }}
+  GITOPS_TAG_PREFIX: ${{ fromJson(inputs.env_json).GIT_TAG_PREFIX || '' }}
+  GITOPS_WORKFLOW: gitops-service.yaml
+
+jobs:
+  dispatch:
+    runs-on: ubuntu-latest
+    outputs:
+      summary: ${{ steps.run.outputs.GITOPS_SUMMARY }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
+        with:
+          repository: niko/gitea-ci-library
+          path: .ci
+      - name: Run gitops dispatch
+        id: run
+        env:
+          GITEA_TOKEN: ${{ secrets.GITOPS_DISPATCH_TOKEN }}
+        run: |
+          OUTPUT=$(bash .ci/scripts/gitops-dispatch.sh)
+          echo "$OUTPUT"
+          SUMMARY=$(awk -F= '/^GITOPS_SUMMARY=/ {print $2}' <<<"$OUTPUT")
+          echo "GITOPS_SUMMARY=$SUMMARY" >> "$GITHUB_OUTPUT"
diff --git a/.gitea/workflows/report-summary.yml b/.gitea/workflows/report-summary.yml
index 7b96be0..ff4eacc 100644
--- a/.gitea/workflows/report-summary.yml
+++ b/.gitea/workflows/report-summary.yml
@@ -9,6 +9,10 @@ on:
         required: true
         type: string
         description: Space-separated suite names published to git-pages
+      gitops:
+        required: false
+        type: string
+        description: 'Pipe-separated rows: component|version|status|commit_sha|repo'
 
 env:
   GIT_PAGES_URL: ${{ fromJson(inputs.env_json).GIT_PAGES_URL }}
@@ -32,3 +36,22 @@ jobs:
               echo "| ${suite} | [View report](${BASE}/${suite}/) |"
             done
           } >> "${GITHUB_STEP_SUMMARY}"
+
+          if [ -n "${{ inputs.gitops }}" ]; then
+            GITEA_URL="${{ fromJson(inputs.env_json).GITEA_API_URL }}"
+            {
+              echo ""
+              echo "## GitOps updates"
+              echo ""
+              echo "| Component | Version | Status | GitOps commit |"
+              echo "|-----------|---------|--------|--------------|"
+              echo '${{ inputs.gitops }}' | while IFS='|' read -r comp ver status sha repo; do
+                [ -z "$comp" ] && continue
+                if [ -n "$sha" ]; then
+                  echo "| $comp | $ver | $status | [link]($GITEA_URL/$repo/commit/$sha) |"
+                else
+                  echo "| $comp | $ver | $status | — |"
+                fi
+              done
+            } >> "${GITHUB_STEP_SUMMARY}"
+          fi
diff --git a/docs/workflows.md b/docs/workflows.md
index a466298..43983d5 100644
--- a/docs/workflows.md
+++ b/docs/workflows.md
@@ -136,6 +136,29 @@ eikä toimi air gap -ympäristössä. Korvaa tarvittaessa custom-kontilla
 
 ---
 
+### `gitops-dispatch.yml` — GitOps-päivityksen dispatch
+
+**Trigger:** `workflow_call`
+
+**Inputit:**
+
+| Parametri | Pakollinen | Kuvaus |
+|-----------|------------|--------|
+| `env_json` | Kyllä | Konffi, josta luetaan `GITOPS_FILE`, `GITOPS_YQ_TPL`, `GITOPS_REPO`, `GIT_TAG_PREFIX` |
+| `version` | Kyllä | Päivitettävä versio (check-version output) |
+| `component` | Kyllä | `chart` tai `container` — tunniste summary-riville |
+
+**Secretit:** `GITOPS_TOKEN`
+
+**Outputit:** `summary` — pipe-formaatti: `{component}|{version}|{status}|{commit_sha}|{repo}`
+
+**Steppi-kaavio:**
+```
+checkout → gitops-dispatch.sh → dispatch-workflow.sh → GITOPS_SUMMARY output
+```
+
+---
+
 ## Consumer-esimerkki (`example-*`)
 
 ### `example-feature.yml` — Feature-haaran CI
@@ -151,18 +174,22 @@ load-config → bats + cucumber → report-summary (always)
 **Trigger:** `push` [branches: main]
 
 ```
-load-config → check-version →
-  [artifact exists] → done
-  [no artifact]    → bats + cucumber
-                     ├─ docker-build-push → gitops-values ─┐
-                     └─ helm-build-push  → gitops-chart   ─┤
-                                                           ├─ gitops-summary
-                     tag-maintenance ←─────────────────────┘
+load-config ───────────────────────────────────────────────────────┐
+load-config-helm ───────────────────────────────────────────┐      │
+                                                            │      │
+check-version ←─────────────────────────────────────────────┘      │
+  │                                                                │
+  └→ bats + cucumber                                               │
+       ├─ docker-build-push → gitops-container ─┐                  │
+       └─ helm-build-push  → gitops-chart ──────┤                  │
+                                                ├→ report-summary ←┘
+       tag-maintenance ←────────────────────────┘
 ```
 
-GitOps-jobit (`gitops-chart`, `gitops-values`) dispatchaavat GitOps-repon
-workflown ja asettavat commit-statusin code-repoon + GitOps-repoon
-(kaksisuuntainen track). Katso [skills/gitops-update/SKILL.md](../skills/gitops-update/SKILL.md).
+GitOps-jobit (`gitops-chart`, `gitops-container`) käyttävät
+`gitops-dispatch.yml`-provider-workflowia. Kaksisuuntainen track:
+dispatch-workflow.sh → GITOPS_COMMIT + GITOPS_SUMMARY.
+Katso [skills/gitops-update/SKILL.md](../skills/gitops-update/SKILL.md).
 
 ### `example-bats-tests.yml` — Bats unit-testit
 
@@ -182,7 +209,12 @@ commit-statuksen linkillä raporttiin.
 
 **Trigger:** `workflow_call` — ajetaan `if: always()` testien jälkeen
 
-**Inputs:** `env_json`, `suites` (space-separated lista suite-nimistä)
+**Inputs:** `env_json`, `suites` (space-separated lista suite-nimistä), `gitops` (optional JSON array)
+
+**GitOps-tuki:** Jos `gitops` input on annettu (JSON array objekteilla
+`component`, `version`, `status`, `commit`, `repo`), workflow lisää
+GitOps-päivitystaulukon testiraporttien perään. Jokaiselle riville
+muodostuu linkki GitOps-repon committiin.
 
 Generoi Markdown-taulukon `GITHUB_STEP_SUMMARY`:yn kaikista julkaistuista
 raporteista. Renderöityy HTML:ksi Gitea 1.27+ Summary-välilehdellä.
@@ -253,7 +285,7 @@ oman commit-statusinsa linkillä GitOps-committiin:
 
 ### Loppuraportti (GITHUB_STEP_SUMMARY)
 
-`gitops-summary`-job (tai `report-summary`-job) lisää rivin GitOps-päivityksestä
+`report-summary.yml` (optio `gitops`-inputti) lisää GitOps-rivit
 GITHUB_STEP_SUMMARYyn:
 
 | Component | Version | Status | GitOps commit |
diff --git a/scripts/gitops-dispatch.sh b/scripts/gitops-dispatch.sh
new file mode 100644
index 0000000..e02ffcc
--- /dev/null
+++ b/scripts/gitops-dispatch.sh
@@ -0,0 +1,44 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+: "${GITOPS_FILE:?}"
+: "${GITOPS_YQ_TPL:?}"
+: "${GITOPS_VERSION:?}"
+: "${GITOPS_SOURCE_REPO:?}"
+: "${GITOPS_SOURCE_COMMIT:?}"
+: "${GITOPS_REPO:?}"
+: "${GITOPS_WORKFLOW:?}"
+: "${GITEA_API_URL:?}"
+: "${GITEA_TOKEN:?}"
+
+TIMEOUT="${GITOPS_DISPATCH_TIMEOUT:-30}"
+
+INPUTS=$(jq -nc \
+  --arg file "$GITOPS_FILE" \
+  --arg yq_tpl "$GITOPS_YQ_TPL" \
+  --arg version "$GITOPS_VERSION" \
+  --arg source_repo "$GITOPS_SOURCE_REPO" \
+  --arg source_commit "$GITOPS_SOURCE_COMMIT" \
+  --arg git_tag_prefix "${GITOPS_TAG_PREFIX:-}" \
+  '{file: $file, yq_tpl: $yq_tpl, version: $version, source_repo: $source_repo, source_commit: $source_commit, git_tag_prefix: $git_tag_prefix}')
+
+DIR="$(cd "$(dirname "$0")" && pwd)"
+set +e
+OUTPUT=$(bash "$DIR/dispatch-workflow.sh" \
+  "$GITOPS_REPO" "$GITOPS_WORKFLOW" "main" \
+  "$INPUTS" "$GITEA_API_URL" "$GITEA_TOKEN" "$TIMEOUT" 2>&1)
+EXIT=$?
+set -e
+
+echo "$OUTPUT"
+
+STATUS="failure"
+GITOPS_SHA=""
+if [ "$EXIT" = "0" ]; then
+  STATUS="success"
+  GITOPS_SHA=$(echo "$OUTPUT" | grep '^GITOPS_COMMIT=' | cut -d= -f2)
+fi
+
+COMPONENT="${GITOPS_TAG_PREFIX:-${GITOPS_FILE}}"
+echo "GITOPS_SUMMARY=${COMPONENT}|${GITOPS_VERSION}|${STATUS}|${GITOPS_SHA}|${GITOPS_REPO}"
+exit "$EXIT"