ci: add files service pipelines
This commit is contained in:
25
.gitea/scripts/hygiene-check.sh
Executable file
25
.gitea/scripts/hygiene-check.sh
Executable file
@@ -0,0 +1,25 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
max_bytes=$((50 * 1024 * 1024))
|
||||
failed=0
|
||||
|
||||
while IFS= read -r -d '' file; do
|
||||
case "$file" in
|
||||
.env|*/.env|*.DS_Store|*/node_modules/*|*.tmp|*.temp|*.bak|*.orig|*.rej|*.zip|*.tar|*.tar.gz|*.tgz|*.rar|*.7z)
|
||||
echo "Forbidden tracked file: $file" >&2
|
||||
failed=1
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ -f "$file" ]; then
|
||||
size=$(wc -c < "$file")
|
||||
if [ "$size" -gt "$max_bytes" ]; then
|
||||
echo "Tracked file is larger than 50 MiB: $file ($size bytes)" >&2
|
||||
failed=1
|
||||
fi
|
||||
fi
|
||||
done < <(git ls-files -z)
|
||||
|
||||
exit "$failed"
|
||||
|
||||
29
.gitea/workflows/ci.yml
Normal file
29
.gitea/workflows/ci.yml
Normal file
@@ -0,0 +1,29 @@
|
||||
name: CI
|
||||
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
hygiene:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- run: bash .gitea/scripts/hygiene-check.sh
|
||||
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
needs: hygiene
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
cache: true
|
||||
- run: go build ./...
|
||||
- run: go test ./...
|
||||
- uses: golangci/golangci-lint-action@v7
|
||||
with:
|
||||
version: v2.4
|
||||
args: --config .golangci.yml ./...
|
||||
|
||||
59
.gitea/workflows/deploy.yaml
Normal file
59
.gitea/workflows/deploy.yaml
Normal file
@@ -0,0 +1,59 @@
|
||||
name: Build and Deploy
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
|
||||
env:
|
||||
INTERNAL_REGISTRY: gitea-http.gitea.svc.cluster.local:3000
|
||||
NODE_REGISTRY: localhost:30300
|
||||
|
||||
jobs:
|
||||
build-and-deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install Docker CLI
|
||||
run: |
|
||||
curl -fsSL https://download.docker.com/linux/static/stable/x86_64/docker-27.5.1.tgz \
|
||||
| tar xz --strip-components=1 -C /usr/local/bin docker/docker
|
||||
docker version
|
||||
|
||||
- name: Install kubectl
|
||||
run: |
|
||||
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
|
||||
chmod +x kubectl
|
||||
mv kubectl /usr/local/bin/
|
||||
kubectl version --client
|
||||
|
||||
- name: Login to Gitea Registry
|
||||
run: |
|
||||
echo "${{ secrets.REGISTRY_PASSWORD }}" | \
|
||||
docker login ${{ env.INTERNAL_REGISTRY }} \
|
||||
-u ${{ secrets.REGISTRY_USERNAME }} --password-stdin
|
||||
|
||||
- name: Build and push server
|
||||
run: |
|
||||
docker build -f Dockerfile.server \
|
||||
-t ${{ env.INTERNAL_REGISTRY }}/admin/files-server:${{ github.sha }} \
|
||||
-t ${{ env.INTERNAL_REGISTRY }}/admin/files-server:latest \
|
||||
.
|
||||
docker push ${{ env.INTERNAL_REGISTRY }}/admin/files-server:${{ github.sha }}
|
||||
docker push ${{ env.INTERNAL_REGISTRY }}/admin/files-server:latest
|
||||
|
||||
- name: Deploy to Kubernetes
|
||||
env:
|
||||
KUBECONFIG: /kubeconfig/config
|
||||
run: |
|
||||
kubectl apply -f k8s/namespace.yaml
|
||||
kubectl apply -f k8s/secrets.yaml
|
||||
kubectl apply -f k8s/configmap.yaml
|
||||
kubectl apply -f k8s/postgres.yaml
|
||||
kubectl apply -f k8s/server-deployment.yaml
|
||||
kubectl apply -f k8s/server-service.yaml
|
||||
kubectl -n files set image deployment/files-server \
|
||||
files-server=${{ env.NODE_REGISTRY }}/admin/files-server:${{ github.sha }}
|
||||
kubectl -n files rollout status deployment/files-server --timeout=120s
|
||||
|
||||
37
.golangci.yml
Normal file
37
.golangci.yml
Normal file
@@ -0,0 +1,37 @@
|
||||
version: "2"
|
||||
|
||||
run:
|
||||
timeout: 3m
|
||||
|
||||
linters:
|
||||
default: none
|
||||
enable:
|
||||
- errcheck
|
||||
- govet
|
||||
- ineffassign
|
||||
- staticcheck
|
||||
- unused
|
||||
settings:
|
||||
errcheck:
|
||||
check-type-assertions: true
|
||||
check-blank: false
|
||||
exclude-functions:
|
||||
- (io.Closer).Close
|
||||
- (net/http.ResponseWriter).Write
|
||||
- (*encoding/json.Encoder).Encode
|
||||
- io.Copy
|
||||
- fmt.Fprintf
|
||||
- (github.com/jackc/pgx/v5.Tx).Rollback
|
||||
- os.RemoveAll
|
||||
staticcheck:
|
||||
checks: ["all", "-SA1019", "-ST1000", "-ST1005", "-ST1020", "-ST1021", "-ST1022"]
|
||||
exclusions:
|
||||
rules:
|
||||
- path: _test\.go
|
||||
linters:
|
||||
- errcheck
|
||||
|
||||
issues:
|
||||
max-issues-per-linter: 0
|
||||
max-same-issues: 0
|
||||
|
||||
@@ -13,4 +13,3 @@ COPY --from=build /files-service /files-service
|
||||
COPY migrations /migrations
|
||||
EXPOSE 3001
|
||||
ENTRYPOINT ["/files-service"]
|
||||
|
||||
Reference in New Issue
Block a user