ci: add files service pipelines
This commit is contained in:
25
.gitea/scripts/hygiene-check.sh
Executable file
25
.gitea/scripts/hygiene-check.sh
Executable file
@@ -0,0 +1,25 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
max_bytes=$((50 * 1024 * 1024))
|
||||||
|
failed=0
|
||||||
|
|
||||||
|
while IFS= read -r -d '' file; do
|
||||||
|
case "$file" in
|
||||||
|
.env|*/.env|*.DS_Store|*/node_modules/*|*.tmp|*.temp|*.bak|*.orig|*.rej|*.zip|*.tar|*.tar.gz|*.tgz|*.rar|*.7z)
|
||||||
|
echo "Forbidden tracked file: $file" >&2
|
||||||
|
failed=1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
if [ -f "$file" ]; then
|
||||||
|
size=$(wc -c < "$file")
|
||||||
|
if [ "$size" -gt "$max_bytes" ]; then
|
||||||
|
echo "Tracked file is larger than 50 MiB: $file ($size bytes)" >&2
|
||||||
|
failed=1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done < <(git ls-files -z)
|
||||||
|
|
||||||
|
exit "$failed"
|
||||||
|
|
||||||
29
.gitea/workflows/ci.yml
Normal file
29
.gitea/workflows/ci.yml
Normal file
@@ -0,0 +1,29 @@
|
|||||||
|
name: CI
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
pull_request:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
hygiene:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v4
|
||||||
|
- run: bash .gitea/scripts/hygiene-check.sh
|
||||||
|
|
||||||
|
test:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
needs: hygiene
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v4
|
||||||
|
- uses: actions/setup-go@v5
|
||||||
|
with:
|
||||||
|
go-version-file: go.mod
|
||||||
|
cache: true
|
||||||
|
- run: go build ./...
|
||||||
|
- run: go test ./...
|
||||||
|
- uses: golangci/golangci-lint-action@v7
|
||||||
|
with:
|
||||||
|
version: v2.4
|
||||||
|
args: --config .golangci.yml ./...
|
||||||
|
|
||||||
59
.gitea/workflows/deploy.yaml
Normal file
59
.gitea/workflows/deploy.yaml
Normal file
@@ -0,0 +1,59 @@
|
|||||||
|
name: Build and Deploy
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches: [main]
|
||||||
|
|
||||||
|
env:
|
||||||
|
INTERNAL_REGISTRY: gitea-http.gitea.svc.cluster.local:3000
|
||||||
|
NODE_REGISTRY: localhost:30300
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build-and-deploy:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install Docker CLI
|
||||||
|
run: |
|
||||||
|
curl -fsSL https://download.docker.com/linux/static/stable/x86_64/docker-27.5.1.tgz \
|
||||||
|
| tar xz --strip-components=1 -C /usr/local/bin docker/docker
|
||||||
|
docker version
|
||||||
|
|
||||||
|
- name: Install kubectl
|
||||||
|
run: |
|
||||||
|
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
|
||||||
|
chmod +x kubectl
|
||||||
|
mv kubectl /usr/local/bin/
|
||||||
|
kubectl version --client
|
||||||
|
|
||||||
|
- name: Login to Gitea Registry
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.REGISTRY_PASSWORD }}" | \
|
||||||
|
docker login ${{ env.INTERNAL_REGISTRY }} \
|
||||||
|
-u ${{ secrets.REGISTRY_USERNAME }} --password-stdin
|
||||||
|
|
||||||
|
- name: Build and push server
|
||||||
|
run: |
|
||||||
|
docker build -f Dockerfile.server \
|
||||||
|
-t ${{ env.INTERNAL_REGISTRY }}/admin/files-server:${{ github.sha }} \
|
||||||
|
-t ${{ env.INTERNAL_REGISTRY }}/admin/files-server:latest \
|
||||||
|
.
|
||||||
|
docker push ${{ env.INTERNAL_REGISTRY }}/admin/files-server:${{ github.sha }}
|
||||||
|
docker push ${{ env.INTERNAL_REGISTRY }}/admin/files-server:latest
|
||||||
|
|
||||||
|
- name: Deploy to Kubernetes
|
||||||
|
env:
|
||||||
|
KUBECONFIG: /kubeconfig/config
|
||||||
|
run: |
|
||||||
|
kubectl apply -f k8s/namespace.yaml
|
||||||
|
kubectl apply -f k8s/secrets.yaml
|
||||||
|
kubectl apply -f k8s/configmap.yaml
|
||||||
|
kubectl apply -f k8s/postgres.yaml
|
||||||
|
kubectl apply -f k8s/server-deployment.yaml
|
||||||
|
kubectl apply -f k8s/server-service.yaml
|
||||||
|
kubectl -n files set image deployment/files-server \
|
||||||
|
files-server=${{ env.NODE_REGISTRY }}/admin/files-server:${{ github.sha }}
|
||||||
|
kubectl -n files rollout status deployment/files-server --timeout=120s
|
||||||
|
|
||||||
37
.golangci.yml
Normal file
37
.golangci.yml
Normal file
@@ -0,0 +1,37 @@
|
|||||||
|
version: "2"
|
||||||
|
|
||||||
|
run:
|
||||||
|
timeout: 3m
|
||||||
|
|
||||||
|
linters:
|
||||||
|
default: none
|
||||||
|
enable:
|
||||||
|
- errcheck
|
||||||
|
- govet
|
||||||
|
- ineffassign
|
||||||
|
- staticcheck
|
||||||
|
- unused
|
||||||
|
settings:
|
||||||
|
errcheck:
|
||||||
|
check-type-assertions: true
|
||||||
|
check-blank: false
|
||||||
|
exclude-functions:
|
||||||
|
- (io.Closer).Close
|
||||||
|
- (net/http.ResponseWriter).Write
|
||||||
|
- (*encoding/json.Encoder).Encode
|
||||||
|
- io.Copy
|
||||||
|
- fmt.Fprintf
|
||||||
|
- (github.com/jackc/pgx/v5.Tx).Rollback
|
||||||
|
- os.RemoveAll
|
||||||
|
staticcheck:
|
||||||
|
checks: ["all", "-SA1019", "-ST1000", "-ST1005", "-ST1020", "-ST1021", "-ST1022"]
|
||||||
|
exclusions:
|
||||||
|
rules:
|
||||||
|
- path: _test\.go
|
||||||
|
linters:
|
||||||
|
- errcheck
|
||||||
|
|
||||||
|
issues:
|
||||||
|
max-issues-per-linter: 0
|
||||||
|
max-same-issues: 0
|
||||||
|
|
||||||
@@ -13,4 +13,3 @@ COPY --from=build /files-service /files-service
|
|||||||
COPY migrations /migrations
|
COPY migrations /migrations
|
||||||
EXPOSE 3001
|
EXPOSE 3001
|
||||||
ENTRYPOINT ["/files-service"]
|
ENTRYPOINT ["/files-service"]
|
||||||
|
|
||||||
Reference in New Issue
Block a user