From 8150793ffa73ce15dba81d43536329f8d45b2f25 Mon Sep 17 00:00:00 2001 From: Grendgi Date: Tue, 16 Jun 2026 12:49:47 +0300 Subject: [PATCH] ci: add files service pipelines --- .gitea/scripts/hygiene-check.sh | 25 ++++++++++++++ .gitea/workflows/ci.yml | 29 ++++++++++++++++ .gitea/workflows/deploy.yaml | 59 +++++++++++++++++++++++++++++++++ .golangci.yml | 37 +++++++++++++++++++++ Dockerfile => Dockerfile.server | 1 - 5 files changed, 150 insertions(+), 1 deletion(-) create mode 100755 .gitea/scripts/hygiene-check.sh create mode 100644 .gitea/workflows/ci.yml create mode 100644 .gitea/workflows/deploy.yaml create mode 100644 .golangci.yml rename Dockerfile => Dockerfile.server (99%) diff --git a/.gitea/scripts/hygiene-check.sh b/.gitea/scripts/hygiene-check.sh new file mode 100755 index 0000000..17b4aa4 --- /dev/null +++ b/.gitea/scripts/hygiene-check.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash +set -euo pipefail + +max_bytes=$((50 * 1024 * 1024)) +failed=0 + +while IFS= read -r -d '' file; do + case "$file" in + .env|*/.env|*.DS_Store|*/node_modules/*|*.tmp|*.temp|*.bak|*.orig|*.rej|*.zip|*.tar|*.tar.gz|*.tgz|*.rar|*.7z) + echo "Forbidden tracked file: $file" >&2 + failed=1 + ;; + esac + + if [ -f "$file" ]; then + size=$(wc -c < "$file") + if [ "$size" -gt "$max_bytes" ]; then + echo "Tracked file is larger than 50 MiB: $file ($size bytes)" >&2 + failed=1 + fi + fi +done < <(git ls-files -z) + +exit "$failed" + diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml new file mode 100644 index 0000000..c1c5b73 --- /dev/null +++ b/.gitea/workflows/ci.yml @@ -0,0 +1,29 @@ +name: CI + +on: + push: + pull_request: + +jobs: + hygiene: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - run: bash .gitea/scripts/hygiene-check.sh + + test: + runs-on: ubuntu-latest + needs: hygiene + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: go.mod + cache: true + - run: go build ./... + - run: go test ./... + - uses: golangci/golangci-lint-action@v7 + with: + version: v2.4 + args: --config .golangci.yml ./... + diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml new file mode 100644 index 0000000..3d5b873 --- /dev/null +++ b/.gitea/workflows/deploy.yaml @@ -0,0 +1,59 @@ +name: Build and Deploy + +on: + push: + branches: [main] + +env: + INTERNAL_REGISTRY: gitea-http.gitea.svc.cluster.local:3000 + NODE_REGISTRY: localhost:30300 + +jobs: + build-and-deploy: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install Docker CLI + run: | + curl -fsSL https://download.docker.com/linux/static/stable/x86_64/docker-27.5.1.tgz \ + | tar xz --strip-components=1 -C /usr/local/bin docker/docker + docker version + + - name: Install kubectl + run: | + curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + chmod +x kubectl + mv kubectl /usr/local/bin/ + kubectl version --client + + - name: Login to Gitea Registry + run: | + echo "${{ secrets.REGISTRY_PASSWORD }}" | \ + docker login ${{ env.INTERNAL_REGISTRY }} \ + -u ${{ secrets.REGISTRY_USERNAME }} --password-stdin + + - name: Build and push server + run: | + docker build -f Dockerfile.server \ + -t ${{ env.INTERNAL_REGISTRY }}/admin/files-server:${{ github.sha }} \ + -t ${{ env.INTERNAL_REGISTRY }}/admin/files-server:latest \ + . + docker push ${{ env.INTERNAL_REGISTRY }}/admin/files-server:${{ github.sha }} + docker push ${{ env.INTERNAL_REGISTRY }}/admin/files-server:latest + + - name: Deploy to Kubernetes + env: + KUBECONFIG: /kubeconfig/config + run: | + kubectl apply -f k8s/namespace.yaml + kubectl apply -f k8s/secrets.yaml + kubectl apply -f k8s/configmap.yaml + kubectl apply -f k8s/postgres.yaml + kubectl apply -f k8s/server-deployment.yaml + kubectl apply -f k8s/server-service.yaml + kubectl -n files set image deployment/files-server \ + files-server=${{ env.NODE_REGISTRY }}/admin/files-server:${{ github.sha }} + kubectl -n files rollout status deployment/files-server --timeout=120s + diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 0000000..7efac1a --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,37 @@ +version: "2" + +run: + timeout: 3m + +linters: + default: none + enable: + - errcheck + - govet + - ineffassign + - staticcheck + - unused + settings: + errcheck: + check-type-assertions: true + check-blank: false + exclude-functions: + - (io.Closer).Close + - (net/http.ResponseWriter).Write + - (*encoding/json.Encoder).Encode + - io.Copy + - fmt.Fprintf + - (github.com/jackc/pgx/v5.Tx).Rollback + - os.RemoveAll + staticcheck: + checks: ["all", "-SA1019", "-ST1000", "-ST1005", "-ST1020", "-ST1021", "-ST1022"] + exclusions: + rules: + - path: _test\.go + linters: + - errcheck + +issues: + max-issues-per-linter: 0 + max-same-issues: 0 + diff --git a/Dockerfile b/Dockerfile.server similarity index 99% rename from Dockerfile rename to Dockerfile.server index df790f5..084ec0d 100644 --- a/Dockerfile +++ b/Dockerfile.server @@ -13,4 +13,3 @@ COPY --from=build /files-service /files-service COPY migrations /migrations EXPOSE 3001 ENTRYPOINT ["/files-service"] -