Fix/gitea commit status naming (#36 )

Co-authored-by: moilanik <niko.moilanen@tietoevry.com> Reviewed-on: #36
docker ja helm build context root monorepo ja in folder build (#35 )
2026-06-21 08:43:32 +03:00 · 2026-06-21 06:08:22 +03:00 · 2026-06-20 14:36:42 +03:00
18 changed files with 518 additions and 97 deletions
@@ -0,0 +1,20 @@
+.git/
+.gitignore
+node_modules/
+reports/
+coverage/
+.ai/
+.cursor/
+.vscode/
+tmp/
+.DS_Store
+*.md
+docs/
+guides/
+.simplecov
+cucumber.js
+package-lock.json
+package.json
+CURRENT_PROVIDER_VERSION
+README.md
+AGENTS.md
@@ -41,12 +41,14 @@ jobs:
          TAG="${{ inputs.tag }}"

          NOW=$(date -u +%Y-%m-%dT%H:%M:%SZ)
+          CONTEXT_DIR=$(dirname "${DOCKERFILE}")
          docker build \
            --label "git.commit=${{ github.sha }}" \
            --label "git.commitBy=${{ github.actor }}" \
            --label "build.date=${NOW}" \
            -f "${DOCKERFILE}" \
-            -t "${IMAGE_NAME}:${TAG}" .
+            -t "${IMAGE_NAME}:${TAG}" \
+            "${CONTEXT_DIR}"

          FULL_IMAGE="${REGISTRY}/${IMAGE_NAME}:${TAG}"
          echo "Pushing ${FULL_IMAGE} ..."
@@ -52,13 +52,15 @@ jobs:
          REGISTRY_HOST="${REGISTRY%%/*}"

          NOW=$(date -u +%Y-%m-%dT%H:%M:%SZ)
+          CONTEXT_DIR=$(dirname "${DOCKERFILE}")
          docker build \
            --label "git.commit=${{ github.sha }}" \
            --label "git.commitBy=${{ github.actor }}" \
            --label "build.date=${NOW}" \
            -f "${DOCKERFILE}" \
            -t "${IMAGE}:${VERSION}" \
-            -t "${IMAGE}:latest" .
+            -t "${IMAGE}:latest" \
+            "${CONTEXT_DIR}"

          FULL_IMAGE="${REGISTRY}/${IMAGE}:${VERSION}"
          echo "Pushing ${FULL_IMAGE} ..."
@@ -81,11 +83,12 @@ jobs:
          if [ -n "${DOCKER_UI_URL:-}" ] && [ -n "${VERSION:-}" ]; then
            CONTAINER_URL="${DOCKER_UI_URL}/${DOCKER_IMAGE_NAME}/${VERSION}"
          fi
-          bash .ci/scripts/report-status.sh success "Docker build & push ${VERSION} OK" ci-docker-build-push "" "$CONTAINER_URL"
-
-      - name: Report status FAILURE
-        if: failure()
-        run: bash .ci/scripts/report-status.sh failure "Docker build & push ${VERSION} FAILED" ci-docker-build-push
+          DIR=$(dirname "${DOCKERFILE}")
+          if [ "$DIR" != "." ]; then
+            bash .ci/scripts/report-status.sh success "${DIR}: Docker push ${VERSION}" "${DIR}-ci-docker-build-push" "" "$CONTAINER_URL"
+          else
+            bash .ci/scripts/report-status.sh success "Docker push ${VERSION}" ci-docker-build-push "" "$CONTAINER_URL"
+          fi

  tag-commit:
    runs-on: ubuntu-latest
@@ -8,7 +8,7 @@ on:
      cucumber-node-image:
        required: false
        type: string
-        default: gitea.app.keskikuja.site/niko/ci-cucumber:latest
+        default: gitea.app.keskikuja.site/niko/ci-cucumber:with-python
    secrets:
      GITEA_TOKEN:
        required: true
@@ -8,10 +8,6 @@ on:
      version:
        required: true
        type: string
-      chart_path:
-        required: false
-        type: string
-        default: '.'
    secrets:
      GITEA_TOKEN:
        required: true
@@ -26,7 +22,7 @@ env:
  HELM_REGISTRY: ${{ fromJson(inputs.env_json).HELM_REGISTRY || '' }}
  HELM_UI_URL: ${{ fromJson(inputs.env_json).HELM_UI_URL || '' }}
  GIT_TAG_PREFIX: ${{ fromJson(inputs.env_json).GIT_TAG_PREFIX || '' }}
-  CHART_PATH: ${{ inputs.chart_path }}
+  CHART_FILE: ${{ fromJson(inputs.env_json).VERSION_FILE || 'Chart.yaml' }}
  VERSION: ${{ inputs.version }}

 concurrency:
@@ -53,8 +49,9 @@ jobs:

      - name: Package Helm chart
        run: |
-          helm dependency update "${CHART_PATH}"
-          helm package "${CHART_PATH}" \
+          CHART_DIR=$(dirname "${CHART_FILE}")
+          helm dependency update "${CHART_DIR}"
+          helm package "${CHART_DIR}" \
            --version "${VERSION}" \
            --app-version "${VERSION}" \
            --destination /tmp/helm-packages
@@ -74,9 +71,13 @@ jobs:
      - name: Report status with UI link
        if: success() && env.HELM_UI_URL != ''
        run: |
-          CHART_NAME=$(grep '^name:' "${CHART_PATH}/Chart.yaml" | awk '{print $2}')
+          CHART_NAME=$(grep '^name:' "${CHART_FILE}" | awk '{print $2}')
          UI_URL="${HELM_UI_URL}/${CHART_NAME}/${VERSION}"
-          bash .ci/scripts/report-status.sh success "Helm chart ${VERSION}" ci-helm-build-push "" "$UI_URL"
+          if [ "${CHART_PATH}" != "." ] && [ -n "${CHART_PATH}" ]; then
+            bash .ci/scripts/report-status.sh success "${CHART_PATH}: Helm push ${VERSION}" "${CHART_PATH}-ci-helm-build-push" "" "$UI_URL"
+          else
+            bash .ci/scripts/report-status.sh success "Helm push ${VERSION}" ci-helm-build-push "" "$UI_URL"
+          fi

  tag-commit:
    runs-on: ubuntu-latest
@@ -1,6 +1,6 @@
 FROM node:22
 RUN apt-get update -qq && \
-    apt-get install -y -qq --no-install-recommends lsof jq && \
+    apt-get install -y -qq --no-install-recommends lsof jq python3 && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/* && \
    npm install -g @cucumber/cucumber
@@ -37,7 +37,7 @@ kuuluu `git-pages/docs/`-alle, ei juuren `docs/`-kansioon.
 | `git-pages/` | Raporttien hostaus (Helm-chartti) |
 | `tests/` | Bats-testit skripteille |

-### Provider workflowt (5 kpl)
+### Provider workflowt (6 kpl)

 | Workflow | Input | Output | Kuvaus |
 |---|---|---|---|
@@ -46,6 +46,7 @@ kuuluu `git-pages/docs/`-alle, ei juuren `docs/`-kansioon.
 | `docker-build-push.yml` | `env_json`, `version` | — | Buildaa Docker-imagen, puskea rekisteriin, tagittaa commitin. |
 | `ci-container-build-push.yml` | `env_json`, `dockerfile_path`, `image_name`, `tag` | — | Buildaa CI-työkalukontin, puskea rekisteriin. Ei versiointia eikä git-tägäystä. |
 | `report-summary.yml` | `env_json`, `suites` | — | Generoi `GITHUB_STEP_SUMMARY`-taulukon raporttilinkeillä (Gitea 1.27+) |
+| `helm-build-push.yml` | `env_json`, `version` | — | Pakkaa + puskea Helm chartin OCI-registryyn, tagittaa commitin. **Tekninen velka:** asentaa node.js:n runtime-vaiheessa (`apk add --no-cache nodejs` ennen checkouttia) koska `alpine/helm`-kontissa ei ole nodea. Rikkoo Offline Container -periaatetta. Ratkaistaan myöhemmin: proper multi-tool CI-kontti (helm + nodejs + git) docker hubiin. Ei consumerin ongelma. |

 ### Example-tiedostot (consumer-referenssi)

@@ -176,46 +176,90 @@ if [ "${#TO_DELETE[@]}" -eq 0 ]; then
 fi

 echo ""
-echo "=== Phase 4: whiteout deletion ==="
-echo "Creating whiteout tar for ${#TO_DELETE[@]} report(s)..."
+echo "=== Phase 4: full site rebuild ==="
+echo "Rebuilding site (${#TO_DELETE[@]} report(s) to delete)..."

-WHITEOUT_TAR=$(mktemp)
-trap 'rm -f "$WHITEOUT_TAR"' EXIT
+ARCHIVE_FILE=$(mktemp)
+SITE_DIR=$(mktemp -d)
+NEW_TAR=$(mktemp)
+cleanup_phase4() {
+  rm -f "$ARCHIVE_FILE" "$NEW_TAR"
+  rm -rf "$SITE_DIR"
+}
+trap cleanup_phase4 EXIT

-python3 -c "
-import tarfile, sys
+# Try archive.tar first
+echo "Downloading archive.tar..."
+HTTP_CODE=$(curl_with_host -o "$ARCHIVE_FILE" -w "%{http_code}" -sS "${PAGES_URL}/.git-pages/archive.tar")

-tar = tarfile.open(name='${WHITEOUT_TAR}', mode='w')
+if [ "$HTTP_CODE" = "200" ] && tar -tf "$ARCHIVE_FILE" >/dev/null 2>&1; then
+  echo "Extracting archive..."
+  tar -xf "$ARCHIVE_FILE" -C "$SITE_DIR"

-dirs = set()
-for d in sys.argv[1:]:
-    dirs.add(d.strip())
+  for dir in "${TO_DELETE[@]}"; do
+    if [ -d "$SITE_DIR/$dir" ]; then
+      echo "  Removing: $dir"
+      rm -rf "$SITE_DIR/$dir"
+    fi
+  done
+else
+  echo "archive.tar failed (HTTP ${HTTP_CODE}) - falling back to manifest-based rebuild"

-tarinfo = tarfile.TarInfo()
-tarinfo.type = tarfile.CHRTYPE
-tarinfo.devmajor = 0
-tarinfo.devminor = 0
+  ALL_PATHS=$(echo "$MANIFEST" | jq -r '.contents | keys[]' 2>/dev/null || true)

-for d in sorted(dirs, key=len, reverse=True):
-    info = tarinfo
-    info.name = d
-    tar.addfile(info)
+  if [ -z "$ALL_PATHS" ]; then
+    echo "ERROR: no files in manifest - cannot rebuild" >&2
+    exit 1
+  fi

-tar.close()
-" "${TO_DELETE[@]}"
+  EXCLUDE_GREP=""
+  for dir in "${TO_DELETE[@]}"; do
+    EXCLUDE_GREP="${EXCLUDE_GREP}${EXCLUDE_GREP:+|}^${dir}/"
+  done

-echo "Patching ${PAGES_URL}/ with whiteout tar..."
-HTTP_CODE=$(curl_with_host -X PATCH "${PAGES_URL}/" \
+  if [ -n "$EXCLUDE_GREP" ]; then
+    KEEP_PATHS=$(echo "$ALL_PATHS" | grep -v -E "$EXCLUDE_GREP" || true)
+  else
+    KEEP_PATHS="$ALL_PATHS"
+  fi
+
+  if [ -z "$KEEP_PATHS" ]; then
+    echo "No files to keep - site will be empty"
+    mkdir -p "$SITE_DIR/__placeholder__"
+    echo "placeholder" > "$SITE_DIR/__placeholder__/index.html"
+  else
+    FILE_COUNT=$(echo "$KEEP_PATHS" | wc -l | tr -d ' ')
+    echo "Downloading ${FILE_COUNT} file(s)..."
+    while IFS= read -r path; do
+      [ -z "$path" ] && continue
+      dir=$(dirname "$SITE_DIR/$path")
+      mkdir -p "$dir"
+      curl_with_host -o "$SITE_DIR/$path" -sS "${PAGES_URL}/${path}" || {
+        echo "  WARN: failed to download ${path}"
+      }
+    done <<< "$KEEP_PATHS"
+  fi
+fi
+
+if [ -z "$(ls -A "$SITE_DIR" 2>/dev/null)" ]; then
+  echo "Site is empty - creating placeholder"
+  mkdir -p "$SITE_DIR/__placeholder__"
+  echo "placeholder" > "$SITE_DIR/__placeholder__/index.html"
+fi
+
+tar -cf "$NEW_TAR" -C "$SITE_DIR" .
+
+echo "PUT: replacing site contents..."
+HTTP_CODE=$(curl_with_host -X PUT "${PAGES_URL}/" \
  -H "Content-Type: application/x-tar" \
-  -H "Atomic: no" \
-  --data-binary @"${WHITEOUT_TAR}" \
+  --data-binary @"${NEW_TAR}" \
  -w "%{http_code}" \
  -o /dev/null)

-echo "HTTP $HTTP_CODE"
-if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "204" ]; then
-  echo "Retention cleanup finished."
+echo "HTTP ${HTTP_CODE}"
+if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "201" ] || [ "$HTTP_CODE" = "204" ]; then
+  echo "Site rebuild completed."
 else
-  echo "ERROR: retention HTTP ${HTTP_CODE}" >&2
+  echo "ERROR: PUT HTTP ${HTTP_CODE}" >&2
  exit 1
 fi
@@ -6,7 +6,7 @@ metadata:
  labels:
    {{- include "git-pages.componentLabels" . | nindent 4 }}
  annotations:
-    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook": post-install
    "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
 spec:
  backoffLimit: 5
@@ -32,6 +32,16 @@ spec:
                -H "Host: {{ .Values.ingress.host }}" \
                -o /dev/null "http://git-pages:3000/.git-pages/health"
              do sleep 2; done
+              echo "Init: checking if site already exists..."
+              MANIFEST=$(curl -sf \
+                -H "Host: {{ .Values.ingress.host }}" \
+                "http://git-pages:3000/.git-pages/manifest.json" 2>/dev/null || echo "")
+
+              if echo "$MANIFEST" | grep -q '"contents"'; then
+                echo "Init: site already initialized, skipping"
+                exit 0
+              fi
+
              echo "Init: creating placeholder site..."
              WORK=$(mktemp -d)
              mkdir -p "$WORK/__init__"
@@ -182,6 +182,42 @@ vain build-vaiheessa — `apk del curl` poistaa työkalun ennen runtimea.
 Tapa C pre-cacheaa kielikohtaiset riippuvuudet ja tuottaa täysin
 offline-runtime-kontin.

+## Testaus ennen julkaisua
+
+Konttia ei saa pushata registryyn ennen kuin se on validoitu.
+
+### 1. Aja testit kontin sisällä
+
+Testit on ajettava **kontin sisällä**, ei suoraan lokaalilla koneella.
+
+```bash
+# OIKEIN — kontin sisällä
+docker build -t ci-tyokalu:test .
+docker run --rm -v "$(pwd):/repo" -w /repo ci-tyokalu:test bash -c 'bats tests/'
+
+# VÄÄRIN — lokaalit binäärit vs kontti
+bats tests/                          # eri bash/työkalut kuin kontissa
+bashcov -- bats tests/               # eri ruby-versio kuin kontissa
+```
+
+Lokaali ympäristö (macOS, eri kirjastoversiot) poikkeaa aina kontista.
+Testi voi mennä läpi lokaalissa mutta failata CI:ssä, tai päinvastoin.
+
+### 2. Fragile-testien seulonta (10x ajo)
+
+Aja koko testipaketti **10 kertaa peräkkäin** kontin sisällä ennen pushausta:
+
+```bash
+for i in $(seq 1 10); do
+  echo "=== RUN $i ==="
+  docker run --rm -v "$(pwd):/repo" -w /repo ci-tyokalu:test \
+    bash -c 'bats tests/' || exit 1
+done
+```
+
+Jos yksikin ajo failaa, kontissa on fragile testi — korjaa ennen pushausta.
+Fragile testit syövät devaukseen käytettyä aikaa turhilla uusinta-ajoilla.
+
 ## Mitä EI kannata tehdä

 - Älä lisää `workflow_call`-triggariä — CI-konttia ei koskaan buildata automaattisesti
@@ -202,7 +202,16 @@ jobs:

      - name: Report
        if: always()
-        run: bash .ci/scripts/ci-report.sh "<kuvaus>" <context> <suite> ${{ job.status }}
+        run: |
+          bash .ci/scripts/ci-report.sh "<Test type> test report" <context> <suite> ${{ job.status }}
+```
+
+Monorepossa context ja description sisältävät komponentin nimen:
+```yaml
+      - name: Report
+        if: always()
+        run: |
+          bash .ci/scripts/ci-report.sh "<Komponentti>: <Test type> test report" <komponentti>.<context> <suite> ${{ job.status }}
 ```

 **Usean runnerin cache-ongelma:** Jos eri kerroilla käynnistyy eri runnereita,
@@ -218,6 +227,7 @@ niillä voi olla eri versio `latest`-imagen digesteistä. Ratkaisuja:

 ### Taso 1: Ei jälkikäsittelyä

+Single repo:
 ```yaml
 - name: Run tests
  shell: bash
@@ -227,11 +237,27 @@ niillä voi olla eri versio `latest`-imagen digesteistä. Ratkaisuja:

 - name: Report
  if: always()
-  run: bash .ci/scripts/ci-report.sh "<kuvaus>" <context> <suite> ${{ job.status }}
+  run: |
+    bash .ci/scripts/ci-report.sh "<Test type> test report" <context> <suite> ${{ job.status }}
+```
+
+Monorepo:
+```yaml
+- name: Run tests
+  shell: bash
+  run: |
+    mkdir -p "reports/<suite>"
+    <testikomento>
+
+- name: Report
+  if: always()
+  run: |
+    bash .ci/scripts/ci-report.sh "<Komponentti>: <Test type> test report" <komponentti>.<context> <suite> ${{ job.status }}
 ```

 ### Taso 2: Jälkikäsittely tarvitaan

+Single repo:
 ```yaml
 - name: Run tests
  shell: bash
@@ -249,7 +275,30 @@ niillä voi olla eri versio `latest`-imagen digesteistä. Ratkaisuja:

 - name: Report
  if: always()
-  run: bash .ci/scripts/ci-report.sh "<kuvaus>" <context> <suite> ${{ job.status }}
+  run: |
+    bash .ci/scripts/ci-report.sh "<Test type> test report" <context> <suite> ${{ job.status }}
+```
+
+Monorepo:
+```yaml
+- name: Run tests
+  shell: bash
+  run: |
+    mkdir -p "reports/<suite>"
+    <testikomento> > "reports/<suite>/results.txt" 2>&1
+
+- name: Post-process coverage
+  if: always()
+  run: <siirrä coverage-data reports/<suite>/coverage/-hakemistoon>
+
+- name: Post-process test report
+  if: always()
+  run: <HTML-generointi raa'asta outputista>
+
+- name: Report
+  if: always()
+  run: |
+    bash .ci/scripts/ci-report.sh "<Komponentti>: <Test type> test report" <komponentti>.<context> <suite> ${{ job.status }}
 ```

 ### Väärin vs oikein — yksi asia per step
@@ -273,7 +322,16 @@ niillä voi olla eri versio `latest`-imagen digesteistä. Ratkaisuja:

 - name: Report
  if: always()
-  run: bash .ci/scripts/ci-report.sh "Helm kubeconform" helm-test kubeconform ${{ job.status }}
+  run: |
+    bash .ci/scripts/ci-report.sh "Helm kubeconform" helm-test kubeconform ${{ job.status }}
+```
+
+Monorepossa:
+```yaml
+- name: Report
+  if: always()
+  run: |
+    bash .ci/scripts/ci-report.sh "<Komponentti>: Helm kubeconform" <komponentti>.helm-test kubeconform ${{ job.status }}
 ```

 ### Väärin vs oikein — post-process
@@ -509,6 +567,15 @@ jobs:
      suites: '<suite-1> <suite-2>'
 ```

+**Commit status -kontekstit monorepossa:** Testiraporttien `ci-report.sh`-kutsussa
+context ja description sisältävät komponentin nimen:
+```yaml
+      - name: Report
+        if: always()
+        run: |
+          bash .ci/scripts/ci-report.sh "<Komponentti>: Unit test report" <komponentti>.unit-tests bats ${{ job.status }}
+```
+
 ### Version elinkaari per komponentti

 `GIT_TAG_PREFIX` takaa että eri komponenttien versiohistoria pysyy erillään.
@@ -123,6 +123,88 @@ ajetaan kontin *sisällä* — myös `actions/checkout@v4`. Se on JavaScript-act
 joka vaatii sekä `nodejs` että `git`. Varmista että CI-kontin Dockerfilessä on
 molemmat — muuten checkout ei toimi ja pipeline failaa.

+### 4.4 Build-konteksti, `.dockerignore` ja `COPY`
+
+**Build-konteksti** on aina tiedoston (Dockerfile, Chart.yaml) oman hakemiston
+juuri (`dirname "${DOCKERFILE}"` / `dirname "${CHART_FILE}"`). Kaikki
+suhteelliset polut — ignore-tiedosto, `COPY`, `ADD` — ovat suhteessa tähän
+kontekstiin.
+
+| Tiedosto | Konteksti | Ignore-tiedosto | Käyttö |
+|---|---|---|---|
+| `Dockerfile` | `.` | `./.dockerignore` | `docker build` / `COPY src/ src/` |
+| `api/Dockerfile` | `api/` | `api/.dockerignore` | `docker build` / `COPY src/ src/` |
+| `Chart.yaml` (`VERSION_FILE`) | `.` | `./.helmignore` | `helm package` |
+| `api/Chart.yaml` (`VERSION_FILE`) | `api/` | `api/.helmignore` | `helm package` |
+
+Helm chartin polku luetaan confin `VERSION_FILE`-kentästä — sama rivi jota
+`check-version.yml` käyttää version lähteenä. Yksi conf-rivi ohjaa molempia:
+sekä versionlaskentaa että chartin sijaintia.
+
+**Mitä ignore-tiedosto sisältää:** Kaikki mikä EI ole konttiin tai chart-pakettiin
+tarkoitettua koodia tai resurssia, ON oltava ignore-tiedostossa:
+
+- Git- ja CI-historia (`.git/`, `.gitea/`, `.github/`)
+- Testikoodi, testidata, testiraportit (`tests/`, `reports/`, `coverage/`)
+- Dokumentaatio (`docs/`, `guides/`, `*.md`, `CHANGELOG`, `README`)
+- Editori- ja työkalukonfiguraatio (`.vscode/`, `.cursor/`, `.idea/`, `.DS_Store`)
+- Riippuvuudet jotka asennetaan Dockerfilessä (`node_modules/`)
+- Väliaikaistiedostot (`tmp/`, `*.log`)
+- Projektikohtaiset konfiguraatiot (`.env`, `*.conf`, `CURRENT_PROVIDER_VERSION`)
+
+**Miksi:** Build-kontekstin koko vaikuttaa suoraan `docker build` -nopeuteen.
+Raskas konteksti (etenkin `.git/` ja `node_modules/`) hidastaa buildia ja
+kuluttaa runnerin resursseja turhaan. Ylimääräiset tiedostot kontissa ovat
+**tietoturvariski** — tokenit, `.env` ja sensitiivinen data voivat päätyä
+kontin layeriin jos `.dockerignore` ei ole kattava.
+
+### 4.5 `COPY`-kuri — kopioi vain tarvittava
+
+`COPY . .` on kielletty. Jokainen `COPY` kopioi vain tarvittavat tiedostot
+tai hakemistot:
+
+```dockerfile
+# VÄÄRIN
+COPY . .
+
+# OIKEIN
+COPY package.json package-lock.json ./
+COPY src/ src/
+COPY public/ public/
+```
+
+**Miksi:**
+- Layer-cache: `COPY . .` rikkoo välimuistin — mikä tahansa muutos
+  tiedostossa tyhjentää koko layerin
+- Tietoturva: konttiin voi päätyä ylimääräisiä tiedostoja vaikka
+  `.dockerignore` olisi kattava (unohtunut ignore-rivi, uusi työkalu
+  joka luo tiedostoja build-kontekstiin)
+- Luettavuus: `COPY . .` ei kerro mitä kontti todella sisältää
+- Kontin koko: eksplisiittinen `COPY` pitää image-koon kurissa
+
+### 4.6 `.helmignore` — pidä chart-paketti siistinä
+
+`helm package` käyttää `.helmignore`-tiedostoa samalla periaatteella kuin
+`docker build` käyttää `.dockerignore`a:
+
+- Chart-hakemisto luetaan confin `VERSION_FILE`-kentästä (`dirname "${VERSION_FILE}"`)
+- ignore-tiedosto luetaan chart-hakemiston juuresta (sama konteksti kuin
+  `Chart.yaml`, ks. 4.4)
+- Kaikki turha (testit, docs, git, CI-konffit, kuvat) on poissuljettava
+- Jos `.helmignore` puuttuu, `helm package` paketoi mukaan kaikki
+  chart-hakemiston tiedostot — turhaa bulkkia registryyn
+
+**`.helmignore` on pakollinen** jokaiselle chartille. Minimisisältö:
+
+```
+.git/
+.gitignore
+tests/
+docs/
+*.md
+.DS_Store
+```
+
 ## 5. Raporttitasot

 Testi tuottaa raportin `reports/<suite>/`-hakemistoon. Yksi `ci-report.sh`-kutsu hoitaa sekä
@@ -158,6 +240,35 @@ Tiedostonimet `.gitea/workflows/`-kansiossa noudattavat yhtenäistä rakennetta:
 Single repossa `<komponentti>` jätetään pois.
 Monorepossa prefiksi pitää komponentin tiedostot yhdessä.

+### 6.1 Commit status -nimeäminen
+
+`ci-report.sh`-kutsun `description` (2. argumentti) ja `context` (3. argumentti)
+noudattavat seuraavaa kaavaa:
+
+**Single repo:**
+```
+context:     <testityyppi>            (esim. unit-tests, acc-tests)
+description: <Test type> test report  (esim. Unit test report)
+```
+
+**Monorepo:**
+```
+context:     <komponentti>.<testityyppi>            (esim. library.unit-tests)
+description: <Komponentti>: <Test type> test report (esim. Library: Unit test report)
+```
+
+> Gitea YAML: `run:` laita lainausmerkeillä `run: |`-blockiin — Gitea ei tue lainausmerkkejä yhden rivin `run:`-komennoissa.
+>
+> ```yaml
+>       - name: Report
+>         if: always()
+>         run: |
+>           bash .ci/scripts/ci-report.sh "<Komponentti>: <Test type> test report" <komponentti>.<context> <suite> ${{ job.status }}
+> ```
+
+Build/push-status (Docker, Helm) on providerin hallussa — consumer ei vaikuta
+niiden nimeämiseen.
+
 ## 7. Artifact-kuri

 Gitea Actionsin `upload-artifact` jättää pysyvän tiedoston. Artifakteja ei käytetä
@@ -257,6 +368,7 @@ Pakkaa ja pushee Helm-chartin OCI-registryyn. Käyttää `alpine/helm`-konttia.

 ```yaml
 HELM_REGISTRY: gitea.app.keskikuja.site/niko
+VERSION_FILE: platform-helm/Chart.yaml  # chart-hakemisto + versionlähde
 ```

 **Käyttö reitittimessä:**
@@ -270,20 +382,163 @@ helm-build-push:
  with:
    env_json: ${{ needs.load-config.outputs.env_json }}
    version:  ${{ needs.check-version.outputs.version }}
-    # chart_path: '.'  # oletus, vaihda jos Chart.yaml on alihakemistossa
 ```

-**Vanhentunut käytäntö:** Nykyinen `helm-build-push.yml` asentaa node.js:n
-lennossa `apk add --no-cache nodejs` ennen checkouttia — tämä rikkoo
-Offline Container -vaatimusta (4.1).
-
-**Korjaustoimenpide:** Rakenna custom CI-kontti `ci-container-build`-skillillä
-jossa on helm + nodejs + git (katso pre-cache-esimerkit `REFERENCE.md`:stä),
-päivitä workflow'n `container: image:` osoittamaan omaan konttiin, ja poista
-runtime-apk.
+Chart-hakemisto johdetaan `VERSION_FILE`-polusta: `dirname "${VERSION_FILE}"`.
+Jos `VERSION_FILE` on `Chart.yaml`, konteksti on juuri. Jos `platform-helm/Chart.yaml`,
+konteksti on `platform-helm/`.

 **Yksittäisten Helm-UI-linkkien raportointi:** `HELM_UI_URL` on
 tarkoitettu yleiselle registry UI:lle — provider muodostaa linkin
 `${HELM_UI_URL}/${CHART_NAME}/${VERSION}` automaattisesti.

 Tarkka input/secret-lista: `docs/workflows.md`.
+
+## 11. Multi-artifact monorepo -komponentti
+
+Yksi monorepo-komponentti voi tuottaa useita artefakteja (esim. Docker image
+ Helm chart). Kukin artefakti on **omassa reitittimessään** — ei yhtä
+monoliittista pipelinea. Tämä on tietoinen arkkitehtuurivalinta:
+
+- Reitittimet ovat itsenäisiä: eri `paths:`-triggerit, eri tagit, eri confit
+- Yksi commit voi triggeröidä molemmat rinnakkain
+- Yhden artefaktin build tai testi ei estä toista
+
+### Esimerkki: `platform-helm` joka tuottaa Docker-imagen ja Helm chartin
+
+```
+.gitea/workflows/
+├── platform-helm.ci-main.yml              # Docker build & push
+├── platform-helm.gitea-env.conf           # Docker-konffi
+├── platform-helm.helm-ci-main.yml         # Helm build & push
+├── platform-helm.helm-gitea-env.conf      # Helm-konffi
+├── platform-helm.helm-chart-lint.yml      # Chart-testi
+└── platform-helm.ci-container-build-helm.yml  # CI-kontin build
+```
+
+### `platform-helm.gitea-env.conf` (Docker)
+
+```ini
+DOCKER_REGISTRY=gitea.app.keskikuja.site/niko
+DOCKER_IMAGE_NAME=platform-helm
+GIT_TAG_PREFIX=platform-helm/
+```
+
+### `platform-helm.helm-gitea-env.conf` (Helm)
+
+```ini
+HELM_REGISTRY=gitea.app.keskikuja.site/niko
+VERSION_FILE=platform-helm/Chart.yaml
+GIT_TAG_PREFIX=chart/
+```
+
+### Reitittimet
+
+**`platform-helm.ci-main.yml`** — Docker-buildi, testit, oma tagi:
+
+```yaml
+name: platform-helm CI Main
+on:
+  push:
+    branches: [main]
+    paths:
+      - platform-helm/**
+      - .gitea/workflows/platform-helm.*
+
+jobs:
+  load-config:
+    uses: OWNER/gitea-ci-library/.gitea/workflows/config-provider.yml@v1
+    secrets: inherit
+    with:
+      config_path: .gitea/workflows/platform-helm.gitea-env.conf
+
+  check-version:
+    needs: [load-config]
+    uses: OWNER/gitea-ci-library/.gitea/workflows/check-version.yml@v1
+    secrets: inherit
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+
+  test:
+    needs: [load-config, check-version]
+    uses: ./.gitea/workflows/platform-helm.sbom-lint.yml
+    secrets: inherit
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+
+  build-push:
+    needs: [load-config, check-version, test]
+    if: needs.check-version.outputs.artifact_exists == 'false'
+    uses: OWNER/gitea-ci-library/.gitea/workflows/docker-build-push.yml@v1
+    secrets: inherit
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+      version:  ${{ needs.check-version.outputs.version }}
+
+  report-summary:
+    needs: [load-config, test, build-push]
+    if: always()
+    uses: OWNER/gitea-ci-library/.gitea/workflows/report-summary.yml@v1
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+      suites: ''
+```
+
+**`platform-helm.helm-ci-main.yml`** — Helm-buildi, chart-testi, oma tagi:
+
+```yaml
+name: platform-helm Helm CI Main
+on:
+  push:
+    branches: [main]
+    paths:
+      - platform-helm/**
+      - .gitea/workflows/platform-helm.helm*
+
+jobs:
+  load-config:
+    uses: OWNER/gitea-ci-library/.gitea/workflows/config-provider.yml@v1
+    secrets: inherit
+    with:
+      config_path: .gitea/workflows/platform-helm.helm-gitea-env.conf
+
+  check-version:
+    needs: [load-config]
+    uses: OWNER/gitea-ci-library/.gitea/workflows/check-version.yml@v1
+    secrets: inherit
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+
+  chart-lint:
+    needs: [load-config, check-version]
+    uses: ./.gitea/workflows/platform-helm.helm-chart-lint.yml
+    secrets: inherit
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+
+  helm-build-push:
+    needs: [load-config, check-version, chart-lint]
+    if: needs.check-version.outputs.artifact_exists == 'false'
+    uses: OWNER/gitea-ci-library/.gitea/workflows/helm-build-push.yml@v1
+    secrets: inherit
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+      version:  ${{ needs.check-version.outputs.version }}
+
+  report-summary:
+    needs: [load-config, chart-lint, helm-build-push]
+    if: always()
+    uses: OWNER/gitea-ci-library/.gitea/workflows/report-summary.yml@v1
+    with:
+      env_json: ${{ needs.load-config.outputs.env_json }}
+      suites: ''
+```
+
+### Säännöt
+
+- Jokaisella artefaktilla on oma reititin, oma conf, omat testit
+- Conf-tiedoston nimi erottaa artefaktit: `<komponentti>.gitea-env.conf` vs
+  `<komponentti>.helm-gitea-env.conf`
+- `<komponentti>.helm-`-prefiksi erottaa Helm-artefaktin tiedostot
+- `GIT_TAG_PREFIX` pitää tagit erillään: `platform-helm/1.2.3` vs `chart/1.2.3`
+- Molemmat reitittimet voivat triggeröityä samasta commitista
@@ -5,6 +5,7 @@ source "$BATS_TEST_DIRNAME/helpers/mock-api.sh"
 setup() {
  export GITEA_TOKEN=test-token
  export GIT_TAG_PREFIX=""
+  export SERVER_URL="http://localhost:18080"
  export REPO="niko/test"
  export SHA="abc123"
  rm -rf /tmp/build-ctx
@@ -19,7 +19,7 @@ teardown() {
    {"code":200,"body":{"id":1,"status":"completed","conclusion":"success"}}
  ]'
  mock_start
-  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "$GITEA_API_URL" "test-token-abc123"
+  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "http://localhost:18080" "test-token-abc123"
  [ "$status" -eq 0 ]
 }

@@ -31,7 +31,7 @@ teardown() {
    {"code":200,"body":{"id":1,"status":"completed","conclusion":"failure"}}
  ]'
  mock_start
-  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "$GITEA_API_URL" "test-token-abc123"
+  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "http://localhost:18080" "test-token-abc123"
  [ "$status" -eq 1 ]
 }

@@ -43,7 +43,7 @@ teardown() {
    {"code":200,"body":{"id":1,"status":"completed","conclusion":"cancelled"}}
  ]'
  mock_start
-  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "$GITEA_API_URL" "test-token-abc123"
+  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "http://localhost:18080" "test-token-abc123"
  [ "$status" -eq 1 ]
 }

@@ -61,7 +61,7 @@ teardown() {
    {"code":200,"body":{"id":1,"status":"running"}}
  ]'
  mock_start
-  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "$GITEA_API_URL" "test-token-abc123" "0.001"
+  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "http://localhost:18080" "test-token-abc123" "0.001"
  [ "$status" -eq 124 ]
 }

@@ -70,7 +70,7 @@ teardown() {
    {"code":500}
  ]'
  mock_start
-  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "$GITEA_API_URL" "test-token-abc123"
+  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "http://localhost:18080" "test-token-abc123"
  [ "$status" -eq 1 ]
 }

@@ -81,7 +81,7 @@ teardown() {
    {"code":200,"body":{"id":1,"status":"completed","conclusion":"success"}}
  ]'
  mock_start
-  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "$GITEA_API_URL" "test-token-abc123"
+  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{"version":"1.2.3"}' "http://localhost:18080" "test-token-abc123"
  [ "$status" -eq 0 ]
  path=$(mock_get_first_request_path)
  [[ "$path" == *"/api/v1/repos/test-owner/test-repo/actions/workflows/test.yml/dispatches"* ]]
@@ -126,7 +126,7 @@ teardown() {
    {"code":200,"body":{"workflow_runs":[]}}
  ]'
  mock_start
-  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{}' "$GITEA_API_URL" "test-token-abc123"
+  run bash scripts/dispatch-workflow.sh "test-owner/test-repo" "test.yml" "main" '{}' "http://localhost:18080" "test-token-abc123"
  [ "$status" -eq 1 ]
  [[ "$output" == *"ERROR"* ]]
 }
@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 set -euo pipefail

-MOCK_PORT=""
+MOCK_PORT=18080
 MOCK_PID=""
 MOCK_REQUEST_FILE=""
 MOCK_RESPONSE_CODE=201
@@ -9,17 +9,13 @@ MOCK_STATE_FILE="/tmp/mock_api_state"
 MOCK_SEQUENCE_FILE=""
 MOCK_CONFIG_FILE=""

-_free_port() {
-  python3 -c "import socket; s=socket.socket(); s.bind(('',0)); print(s.getsockname()[1]); s.close()"
-}
-
 _kill_port() {
  local pids
  pids=$(lsof -ti ":$MOCK_PORT" 2>/dev/null) || true
-  [ -n "$pids" ] && kill $pids 2>/dev/null || true
-  sleep 0.5
-  pids=$(lsof -ti ":$MOCK_PORT" 2>/dev/null) || true
-  [ -n "$pids" ] && kill -9 $pids 2>/dev/null || true
+  if [ -n "$pids" ]; then
+    kill -9 $pids 2>/dev/null || true
+    sleep 0.5
+  fi
 }

 _wait_port_free() {
@@ -32,14 +28,10 @@ _wait_port_free() {

 _wait_port_ready() {
  local i=0
-  while [ $i -lt 50 ]; do
-    if nc -z localhost "$MOCK_PORT" 2>/dev/null; then
-      return 0
-    fi
+  while ! lsof -ti ":$MOCK_PORT" >/dev/null 2>&1 && [ $i -lt 30 ]; do
    sleep 0.2
    i=$((i + 1))
  done
-  return 1
 }

 mock_set_sequence() {
@@ -53,12 +45,6 @@ mock_clear_sequence() {
 }

 mock_start() {
-  MOCK_PORT=$(_free_port)
-  export MOCK_PORT
-  MOCK_URL="http://localhost:${MOCK_PORT}"
-  export SERVER_URL="$MOCK_URL"
-  export GITEA_API_URL="$MOCK_URL"
-
  MOCK_RESPONSE_CODE="${MOCK_RESPONSE_CODE:-201}"
  MOCK_REQUEST_FILE=$(mktemp)
  echo "$MOCK_REQUEST_FILE" > "$MOCK_STATE_FILE"
@@ -63,10 +63,9 @@ teardown() {
    {"code":200,"body":"published"}
  ]'
  mock_start
-  export GIT_PAGES_URL="http://localhost:${MOCK_PORT}"
  run bash scripts/publish-git-pages.sh "unit-tests"
  [ "$status" -eq 0 ]
-  [[ "$output" == "${GIT_PAGES_URL}/test-owner/test-repo/reports/abc123de" ]]
+  [[ "$output" == "http://localhost:18080/test-owner/test-repo/reports/abc123de" ]]
 }

@test "publish with suite subpath" {
@@ -76,10 +75,9 @@ teardown() {
    {"code":200,"body":"published"}
  ]'
  mock_start
-  export GIT_PAGES_URL="http://localhost:${MOCK_PORT}"
  run bash scripts/publish-git-pages.sh "sub/suite"
  [ "$status" -eq 0 ]
-  [[ "$output" == "${GIT_PAGES_URL}/test-owner/test-repo/reports/abc123de" ]]
+  [[ "$output" == "http://localhost:18080/test-owner/test-repo/reports/abc123de" ]]
 }

@test "git-pages returns HTTP 500 → exit 1" {
@@ -87,7 +85,6 @@ teardown() {
    {"code":500,"body":"internal error"}
  ]'
  mock_start
-  export GIT_PAGES_URL="http://localhost:${MOCK_PORT}"
  run bash scripts/publish-git-pages.sh "unit-tests"
  [ "$status" -eq 1 ]
  [[ "$output" == *"500"* ]]
@@ -23,8 +23,7 @@ teardown() {
  body=$(mock_get_request_body)
  [[ "$body" == *'"state":"pending"'* ]]
  [[ "$body" == *'"description":"Building project"'* ]]
-  expected_url="${GITEA_API_URL}/test-owner/test-repo/actions/runs/42"
-  [[ "$body" == *"\"target_url\":\"${expected_url}\""* ]]
+  [[ "$body" == *'"target_url":"http://localhost:18080/test-owner/test-repo/actions/runs/42"'* ]]
  method=$(mock_get_request_method)
  [[ "$method" == "POST" ]]
 }
@@ -45,8 +44,7 @@ teardown() {
  [ "$status" -eq 0 ]
  body=$(mock_get_request_body)
  [[ "$body" == *'"state":"failure"'* ]]
-  expected_url="${GITEA_API_URL}/test-owner/test-repo/actions/runs/42"
-  [[ "$body" == *"\"target_url\":\"${expected_url}\""* ]]
+  [[ "$body" == *'"target_url":"http://localhost:18080/test-owner/test-repo/actions/runs/42"'* ]]
 }

@test "default key when not provided" {
Author	SHA1	Message	Date
niko	a5947551d4	Fix/gitea commit status naming (#36 ) CI Main / Load example-gitea-env.conf to pipeline env (push) Successful in 22s Details CI Main / Check existing artifact (push) Successful in 20s Details CI Git-Pages Main / Load git-pages.gitea-env.conf to pipeline env (push) Successful in 45s Details CI Git-Pages Main / Check existing artifact (push) Successful in 31s Details ci-helm-build-push Helm push 0.1.4 Details CI Main / Cucumber tests (push) Successful in 1m10s Details CI Git-Pages Main / Build & Push Helm chart (push) Successful in 49s Details CI Git-Pages Main / Report Summary (push) Successful in 5s Details CI Main / Bats tests (push) Successful in 1m34s Details ci-docker-build-push Docker push 0.2.21 Details CI Main / Build & Push Docker (push) Successful in 48s Details CI Main / Report Summary (push) Successful in 6s Details CI Main / Move provider version tag (push) Successful in 14s Details CI Feature / Load example-gitea-env.conf to pipeline env (push) Successful in 33s Details acc-tests Cucumber test report Details CI Feature / Cucumber tests (push) Successful in 1m23s Details unit-tests Bats test report Details CI Feature / Bats tests (push) Successful in 1m34s Details CI Feature / Report Summary (push) Successful in 5s Details Co-authored-by: moilanik <niko.moilanen@tietoevry.com> Reviewed-on: #36	2026-06-21 08:43:32 +03:00
niko	4910565547	docker ja helm build context root monorepo ja in folder build (#35 ) CI Main / Check existing artifact (push) Successful in 24s Details CI Main / Load example-gitea-env.conf to pipeline env (push) Successful in 25s Details CI Git-Pages Main / Load git-pages.gitea-env.conf to pipeline env (push) Successful in 25s Details CI Git-Pages Main / Check existing artifact (push) Successful in 23s Details acc-tests Cucumber test report Details ci-helm-build-push Helm chart 0.1.3 Details unit-tests Bats test report Details CI Main / Bats tests (push) Successful in 1m34s Details CI Main / Cucumber tests (push) Successful in 1m33s Details CI Git-Pages Main / Build & Push Helm chart (push) Successful in 47s Details CI Git-Pages Main / Report Summary (push) Successful in 7s Details ci-docker-build-push Docker build & push 0.2.20 OK Details CI Main / Build & Push Docker (push) Successful in 51s Details CI Main / Report Summary (push) Successful in 6s Details CI Main / Move provider version tag (push) Successful in 14s Details Co-authored-by: moilanik <niko.moilanen@tietoevry.com> Reviewed-on: #35	2026-06-21 06:08:22 +03:00
niko	2bef079d03	Fix/ci kontin no internet vaatimus (#34 ) CI Main / Load example-gitea-env.conf to pipeline env (push) Successful in 22s Details CI Main / Check existing artifact (push) Successful in 18s Details acc-tests Cucumber test report Details unit-tests Bats test report Details CI Main / Cucumber tests (push) Successful in 1m25s Details CI Main / Bats tests (push) Successful in 1m26s Details ci-docker-build-push Docker build & push 0.2.19 OK Details CI Main / Build & Push Docker (push) Successful in 47s Details CI Main / Report Summary (push) Successful in 6s Details CI Main / Move provider version tag (push) Successful in 16s Details Co-authored-by: moilanik <niko.moilanen@tietoevry.com> Reviewed-on: #34	2026-06-20 14:36:42 +03:00