moilanik
416939fb82
CI / Load gitea-env.conf to pipeline env (push) Successful in 12s
ci-check-running Checking version...
ci-check Build version 0.1.0 required
ci-cucumber Cucumber tests
ci-bats Bats tests
ci-build Build complete
CI / Build & Push Artifact (push) Successful in 2m29s
240 lines
8.3 KiB
YAML
240 lines
8.3 KiB
YAML
name: Build & Publish Artifact
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
env_json:
|
|
required: true
|
|
type: string
|
|
bats-image:
|
|
required: true
|
|
type: string
|
|
cucumber-node-image:
|
|
required: true
|
|
type: string
|
|
secrets:
|
|
GITEA_TOKEN:
|
|
required: true
|
|
GIT_PAGES_PUBLISH_TOKEN:
|
|
required: true
|
|
|
|
env:
|
|
GITEA_API_URL: ${{ fromJson(inputs.env_json).GITEA_API_URL }}
|
|
GIT_PAGES_URL: ${{ fromJson(inputs.env_json).GIT_PAGES_URL }}
|
|
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
|
GIT_PAGES_PUBLISH_TOKEN: ${{ secrets.GIT_PAGES_PUBLISH_TOKEN }}
|
|
|
|
jobs:
|
|
check:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
artifact_exists: ${{ steps.check.outputs.artifact_exists }}
|
|
version: ${{ steps.check.outputs.version }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Check existing artifact
|
|
id: check
|
|
run: |
|
|
bash scripts/report-status.sh pending "Checking version..." ci-check-running
|
|
VERSION=$(jq -r '.version' package.json)
|
|
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
|
|
|
|
TAGS_JSON=$(curl -s -H "Authorization: token $GITEA_TOKEN" \
|
|
"$GITEA_API_URL/api/v1/repos/${{ github.repository }}/tags" 2>&1)
|
|
CURL_EXIT=$?
|
|
|
|
if [ "${CURL_EXIT}" != "0" ]; then
|
|
echo "ERROR: curl failed with exit code ${CURL_EXIT}" >&2
|
|
echo "artifact_exists=false" >> "$GITHUB_OUTPUT"
|
|
exit ${CURL_EXIT}
|
|
fi
|
|
|
|
TAG=$(echo "$TAGS_JSON" | jq -r 'if type == "array" then .[] | select(.commit.sha == "'"$GITHUB_SHA"'") | .name else empty end' | head -1)
|
|
if [ -n "$TAG" ]; then
|
|
echo "artifact_exists=true" >> "$GITHUB_OUTPUT"
|
|
echo "artifact_tag=$TAG" >> "$GITHUB_OUTPUT"
|
|
echo "Build skipped: commit already tagged as $TAG"
|
|
else
|
|
echo "artifact_exists=false" >> "$GITHUB_OUTPUT"
|
|
echo "Build required: no tag for this commit"
|
|
fi
|
|
|
|
- name: Report check status
|
|
if: always()
|
|
run: |
|
|
VERSION="${{ steps.check.outputs.version }}"
|
|
ARTIFACT_EXISTS="${{ steps.check.outputs.artifact_exists }}"
|
|
ARTIFACT_TAG="${{ steps.check.outputs.artifact_tag }}"
|
|
if [ "${{ steps.check.outcome }}" = "success" ]; then
|
|
if [ "${ARTIFACT_EXISTS}" = "true" ]; then
|
|
bash scripts/report-status.sh success "Skip build: version $VERSION exists as $ARTIFACT_TAG" ci-check
|
|
else
|
|
bash scripts/report-status.sh success "Build version $VERSION required" ci-check
|
|
fi
|
|
else
|
|
bash scripts/report-status.sh failure "Check version $VERSION FAILED" ci-check
|
|
exit 1
|
|
fi
|
|
|
|
quality-gate:
|
|
needs: [check]
|
|
if: needs.check.outputs.artifact_exists == 'false'
|
|
uses: niko/gitea-ci-library/.gitea/workflows/quality-gate.yml@main
|
|
secrets: inherit
|
|
with:
|
|
env_json: ${{ inputs.env_json }}
|
|
bats-image: ${{ inputs.bats-image }}
|
|
cucumber-node-image: ${{ inputs.cucumber-node-image }}
|
|
|
|
build:
|
|
needs: [check, quality-gate]
|
|
if: |
|
|
needs.check.outputs.artifact_exists == 'false' &&
|
|
needs.quality-gate.result == 'success'
|
|
runs-on: ubuntu-latest
|
|
services:
|
|
docker:
|
|
image: docker:dind
|
|
env:
|
|
DOCKER_TLS_CERTDIR: ""
|
|
env:
|
|
DOCKER_HOST: tcp://docker:2375
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Build container
|
|
shell: bash
|
|
id: build
|
|
run: |
|
|
bash scripts/report-status.sh pending "Building Docker image..." ci-docker-build-running
|
|
VERSION="${{ needs.check.outputs.version }}"
|
|
NOW=$(date -u +%Y-%m-%dT%H:%M:%SZ)
|
|
docker build \
|
|
--label "git.commit=${GITHUB_SHA:0:8}" \
|
|
--label "git.commitBy=${GITHUB_ACTOR}" \
|
|
--label "build.date=${NOW}" \
|
|
-t "minimal:${VERSION}" .
|
|
echo "exit-code=$?" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Report docker build status
|
|
if: always()
|
|
run: |
|
|
VERSION="${{ needs.check.outputs.version }}"
|
|
BUILD_EXIT="${{ steps.build.outputs.exit-code }}"
|
|
if [ "${BUILD_EXIT}" = "0" ]; then
|
|
bash scripts/report-status.sh success "Docker build $VERSION OK" ci-docker-build
|
|
else
|
|
bash scripts/report-status.sh failure "Docker build $VERSION FAILED" ci-docker-build
|
|
fi
|
|
exit ${BUILD_EXIT}
|
|
|
|
- name: Save Docker image
|
|
if: success()
|
|
run: |
|
|
VERSION="${{ needs.check.outputs.version }}"
|
|
mkdir -p /tmp/image
|
|
docker save "minimal:${VERSION}" -o /tmp/image/artifact.tar
|
|
|
|
- name: Upload Docker image artifact
|
|
if: success()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: docker-image
|
|
path: /tmp/image/artifact.tar
|
|
|
|
push:
|
|
needs: [check, build]
|
|
runs-on: ubuntu-latest
|
|
services:
|
|
docker:
|
|
image: docker:dind
|
|
env:
|
|
DOCKER_TLS_CERTDIR: ""
|
|
env:
|
|
DOCKER_HOST: tcp://docker:2375
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Load saved Docker image
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: docker-image
|
|
path: /tmp/image
|
|
|
|
- name: Push to Gitea Packages
|
|
shell: bash
|
|
id: push
|
|
run: |
|
|
bash scripts/report-status.sh pending "Pushing to registry..." ci-docker-push-running
|
|
VERSION="${{ needs.check.outputs.version }}"
|
|
docker load -i /tmp/image/artifact.tar
|
|
REGISTRY=$(echo "$GITEA_API_URL" | sed 's|https://||')
|
|
IMAGE="$REGISTRY/niko/gitea-ci-library/minimal:$VERSION"
|
|
docker tag "minimal:$VERSION" "$IMAGE"
|
|
docker login "$REGISTRY" -u niko -p "$GITEA_TOKEN"
|
|
docker push "$IMAGE"
|
|
docker logout "$REGISTRY" > /dev/null 2>&1
|
|
echo "exit-code=$?" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Report docker push status
|
|
if: always()
|
|
run: |
|
|
VERSION="${{ needs.check.outputs.version }}"
|
|
PUSH_EXIT="${{ steps.push.outputs.exit-code }}"
|
|
if [ "${PUSH_EXIT}" = "0" ]; then
|
|
bash scripts/report-status.sh success "Docker push $VERSION OK" ci-docker-push
|
|
else
|
|
bash scripts/report-status.sh failure "Docker push $VERSION FAILED" ci-docker-push
|
|
fi
|
|
exit ${PUSH_EXIT}
|
|
|
|
tag-commit:
|
|
needs: [check, push]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Create git tag
|
|
shell: bash
|
|
id: tag
|
|
run: |
|
|
bash scripts/report-status.sh pending "Creating tag..." ci-docker-tag-running
|
|
VERSION="${{ needs.check.outputs.version }}"
|
|
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X POST \
|
|
"$GITEA_API_URL/api/v1/repos/${{ github.repository }}/tags" \
|
|
-H "Authorization: token $GITEA_TOKEN" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{
|
|
\"tag_name\": \"$VERSION\",
|
|
\"message\": \"Build #$GITHUB_RUN_NUMBER\",
|
|
\"target\": \"$GITHUB_SHA\"
|
|
}")
|
|
|
|
if [ "$HTTP_CODE" = "201" ]; then
|
|
echo "Tag $VERSION created"
|
|
echo "status=success" >> "$GITHUB_OUTPUT"
|
|
echo "message=Tag $VERSION created" >> "$GITHUB_OUTPUT"
|
|
elif [ "$HTTP_CODE" = "409" ]; then
|
|
echo "Tag $VERSION already exists (parallel build won), skipping"
|
|
echo "status=success" >> "$GITHUB_OUTPUT"
|
|
echo "message=Tag exists" >> "$GITHUB_OUTPUT"
|
|
else
|
|
echo "status=failure" >> "$GITHUB_OUTPUT"
|
|
echo "message=Tag FAILED HTTP $HTTP_CODE" >> "$GITHUB_OUTPUT"
|
|
echo "exit-code=$HTTP_CODE" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
- name: Report docker tag status
|
|
if: always()
|
|
run: |
|
|
VERSION="${{ needs.check.outputs.version }}"
|
|
TAG_STATUS="${{ steps.tag.outputs.status }}"
|
|
TAG_MESSAGE="${{ steps.tag.outputs.message }}"
|
|
if [ "${TAG_STATUS}" = "success" ]; then
|
|
bash scripts/report-status.sh success "Tag $VERSION OK" ci-docker-tag
|
|
else
|
|
TAG_EXIT="${{ steps.tag.outputs.exit-code }}"
|
|
bash scripts/report-status.sh failure "Tag $VERSION FAILED" ci-docker-tag
|
|
exit ${TAG_EXIT}
|
|
fi
|