MALIO-DEV/registry_ci-cd
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

chore: add gitea ci/cd skeleton
Some checks failed
CI / commitlint (pull_request) Has been cancelled
Details
CI / lint (pull_request) Has been cancelled
Details
CI / test (pull_request) Has been cancelled
Details
CI / build (pull_request) Has been cancelled
Details
CI / commitlint (push) Has been cancelled
Details
CI / lint (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
CI / build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
R-DEV
2025-11-23 22:48:54 +01:00
parent 92aab696a0
commit 10d8647b50
11 changed files with 1666 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

173
.gitea/workflows/ci.yml Normal file
View File

@@ -0,0 +1,173 @@
name: CI
on:
push:
pull_request:
env:
REGISTRY: ${{ secrets.DOCKER_REGISTRY || 'registry.local' }}
IMAGE_NAME: ${{ secrets.DOCKER_IMAGE || 'mon-projet' }}
jobs:
commitlint:
runs-on: docker
env:
FROM_REF: ${{ github.event.pull_request.base.sha || github.event.before || '' }}
TO_REF: ${{ github.sha }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Run commitlint (conventional commits)
shell: bash
run: |
set -euo pipefail
from="${FROM_REF}"
if [ -z "$from" ]; then
from="HEAD~1"
fi
docker run --rm -v "$PWD:/workspace" -w /workspace ghcr.io/conventional-changelog/commitlint:latest --from "$from" --to "$TO_REF"
lint:
runs-on: docker
needs: commitlint
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup tools
run: |
echo "TODO: installer vos dépendances de lint (npm ci, pip install -r requirements.txt, etc.)"
- name: Lint
run: |
echo "TODO: remplacer par la commande réelle de lint, ex: npm run lint"
test:
runs-on: docker
needs: lint
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install dependencies
run: |
echo "TODO: installer les dépendances de test"
- name: Test
run: |
echo "TODO: remplacer par la commande réelle de tests, ex: npm test"
build:
runs-on: docker
needs: test
env:
DOCKER_USER: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_REGISTRY: ${{ env.REGISTRY }}
DOCKER_IMAGE: ${{ env.IMAGE_NAME }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Fetch tags
run: git fetch --tags --force
- name: Compute next version (semver)
id: version
shell: bash
run: |
set -euo pipefail
last_tag=$(git describe --tags --abbrev=0 2>/dev/null || echo "")
if [ -z "$last_tag" ]; then
base="v0.0.0"
commits=$(git log --format=%s%n%b HEAD)
else
base="$last_tag"
commits=$(git log --format=%s%n%b "${last_tag}..HEAD")
fi
bump="patch"
if echo "$commits" | grep -qiE "(^| )feat!"; then
bump="major"
elif echo "$commits" | grep -qiE "BREAKING CHANGE"; then
bump="major"
elif echo "$commits" | grep -qiE "^feat:"; then
bump="minor"
elif echo "$commits" | grep -qiE "^fix:"; then
bump="patch"
fi
semver="${base#v}"
major=${semver%%.*}
minor=${semver#*.}; minor=${minor%%.*}
patch=${semver##*.}
case "$bump" in
major) major=$((major+1)); minor=0; patch=0 ;;
minor) minor=$((minor+1)); patch=0 ;;
patch) patch=$((patch+1)) ;;
esac
next="v${major}.${minor}.${patch}"
echo "next=$next" >> "$GITHUB_OUTPUT"
- name: Docker login
if: env.DOCKER_USER != '' && env.DOCKER_PASSWORD != ''
run: |
echo "${DOCKER_PASSWORD}" | docker login "${DOCKER_REGISTRY}" -u "${DOCKER_USER}" --password-stdin
- name: Build Docker image (latest)
run: docker build -t "${DOCKER_REGISTRY}/${DOCKER_IMAGE}:latest" -f Dockerfile .
- name: Build Docker image (versioned)
run: docker build -t "${DOCKER_REGISTRY}/${DOCKER_IMAGE}:${{ steps.version.outputs.next }}" -f Dockerfile .
- name: Push Docker images
if: github.event_name == 'push'
run: |
docker push "${DOCKER_REGISTRY}/${DOCKER_IMAGE}:latest"
docker push "${DOCKER_REGISTRY}/${DOCKER_IMAGE}:${{ steps.version.outputs.next }}"
- name: Generate changelog
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
id: changelog
shell: bash
run: |
last_tag=$(git describe --tags --abbrev=0 2>/dev/null || echo "")
if [ -z "$last_tag" ]; then
range="HEAD"
last_tag="initial"
else
range="${last_tag}..HEAD"
fi
{
echo "Changelog since $last_tag"
git log --pretty=format:"- %s" $range
} > changelog.md
- name: Create and push tag
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
env:
TOKEN: ${{ secrets.GITEA_TOKEN }}
SERVER_URL: ${{ github.server_url }}
REPOSITORY: ${{ github.repository }}
shell: bash
run: |
set -euo pipefail
tag="${{ steps.version.outputs.next }}"
git tag -a "$tag" -m "Release $tag"
origin="${SERVER_URL#https://}"
origin="${origin#http://}"
git push "https://oauth2:${TOKEN}@${origin}/${REPOSITORY}" "$tag"
- name: Upload changelog
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
with:
name: changelog
path: changelog.md

140
.gitea/workflows/deploy.yml Normal file
View File

@@ -0,0 +1,140 @@
name: Deploy
on:
workflow_dispatch:
inputs:
env:
description: "Environnement cible"
required: true
type: choice
options:
- staging
- prod
default: staging
version:
description: "Tag explicite vX.Y.Z (utilisé pour prod, sinon dernier tag existant)"
required: false
default: ""
env:
REGISTRY: ${{ secrets.DOCKER_REGISTRY || 'registry.local' }}
IMAGE_NAME: ${{ secrets.DOCKER_IMAGE || 'mon-projet' }}
PROJECT_ROOT: /opt/mon-projet
jobs:
prepare:
name: Prepare version and sources
runs-on: docker
outputs:
version: ${{ steps.resolve_version.outputs.version }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Fetch tags
run: git fetch --tags --force
- name: Resolve target version
id: resolve_version
shell: bash
run: |
set -euo pipefail
explicit="${{ inputs.version }}"
if [ -n "$explicit" ]; then
echo "version=$explicit" >> "$GITHUB_OUTPUT"
exit 0
fi
tag=$(git describe --tags --abbrev=0 2>/dev/null || true)
if [ -z "$tag" ]; then
echo "No tag found and no version provided." >&2
exit 1
fi
echo "version=$tag" >> "$GITHUB_OUTPUT"
- name: Sync repo to /opt/mon-projet
run: |
mkdir -p "${PROJECT_ROOT}"
cp -a . "${PROJECT_ROOT}/"
build:
name: Build images (latest + versioned)
runs-on: docker
needs: prepare
env:
DOCKER_USER: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
VERSION_TAG: ${{ needs.prepare.outputs.version }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Docker login
if: env.DOCKER_USER != '' && env.DOCKER_PASSWORD != ''
run: |
echo "${DOCKER_PASSWORD}" | docker login "${REGISTRY}" -u "${DOCKER_USER}" --password-stdin
- name: Build latest
run: docker build -t "${REGISTRY}/${IMAGE_NAME}:latest" -f Dockerfile .
- name: Build versioned
run: docker build -t "${REGISTRY}/${IMAGE_NAME}:${VERSION_TAG}" -f Dockerfile .
- name: Push images
run: |
docker push "${REGISTRY}/${IMAGE_NAME}:latest"
docker push "${REGISTRY}/${IMAGE_NAME}:${VERSION_TAG}"
deploy-staging:
name: Deploy to staging
runs-on: docker
needs: build
if: inputs.env == 'staging'
env:
ENV_DIR: ${{ env.PROJECT_ROOT }}/env/staging
DOTENV: ${{ env.PROJECT_ROOT }}/env/staging/.env
steps:
- name: List synced sources
run: ls -la "${PROJECT_ROOT}"
- name: Generate staging .env from secret
env:
STAGING_ENV: ${{ secrets.STAGING_ENV_VARS }}
run: |
mkdir -p "${ENV_DIR}"
echo "${STAGING_ENV}" > "${DOTENV}"
- name: Deploy with docker compose
working-directory: ${{ env.PROJECT_ROOT }}
run: |
docker compose -f docker-compose.staging.yml --env-file "${DOTENV}" pull
docker compose -f docker-compose.staging.yml --env-file "${DOTENV}" up -d
deploy-prod:
name: Deploy to prod
runs-on: docker
needs: build
if: inputs.env == 'prod'
env:
ENV_DIR: ${{ env.PROJECT_ROOT }}/env/prod
DOTENV: ${{ env.PROJECT_ROOT }}/env/prod/.env
VERSION_TAG: ${{ needs.prepare.outputs.version }}
steps:
- name: Check target version
run: echo "Deploying prod with ${VERSION_TAG}"
- name: Generate prod .env from secret
env:
PROD_ENV: ${{ secrets.PROD_ENV_VARS }}
run: |
mkdir -p "${ENV_DIR}"
echo "${PROD_ENV}" > "${DOTENV}"
- name: Deploy with docker compose
working-directory: ${{ env.PROJECT_ROOT }}
env:
IMAGE_TAG: ${{ env.VERSION_TAG }}
run: |
docker compose -f docker-compose.prod.yml --env-file "${DOTENV}" pull
docker compose -f docker-compose.prod.yml --env-file "${DOTENV}" up -d