ci: gitea actions — ci (build/test/lint) + deploy
Стандартный набор по паттерну tasks/booking/telephony: - .gitea/workflows/ci.yml: go build + go test + golangci-lint v2.4 на каждый push/PR. Линтер строгий (zero-warnings policy). - .gitea/workflows/deploy.yaml: на push в main собирается образ, пушится в gitea registry (cluster-local + node-local), kubectl применяет все k8s/* и роллит deployment с image::<github.sha>. - .golangci.yml: тот же набор линтеров что в остальных Go-сервисах (errcheck/govet/ineffassign/staticcheck/unused) + exclusions для типичных «безопасных» свежих ошибок (Close/Encode/Rollback). REGISTRY_USERNAME/REGISTRY_PASSWORD secrets — те же что у других сервисов организации (нужно настроить repo-secrets в Gitea Admin перед первым deploy'ем). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
24
.gitea/workflows/ci.yml
Normal file
24
.gitea/workflows/ci.yml
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
name: CI
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
pull_request:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
test:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v4
|
||||||
|
- uses: actions/setup-go@v5
|
||||||
|
with:
|
||||||
|
go-version-file: go.mod
|
||||||
|
cache: true
|
||||||
|
- run: go build ./...
|
||||||
|
- run: go test ./...
|
||||||
|
# Линтер — отдельным шагом чтобы test/build падали с понятным diff'ом
|
||||||
|
# даже если lint warning'ов много. continue-on-error пока не ставим:
|
||||||
|
# код базы небольшой, ожидаем zero warnings.
|
||||||
|
- uses: golangci/golangci-lint-action@v7
|
||||||
|
with:
|
||||||
|
version: v2.4
|
||||||
|
args: --config .golangci.yml ./...
|
||||||
58
.gitea/workflows/deploy.yaml
Normal file
58
.gitea/workflows/deploy.yaml
Normal file
@@ -0,0 +1,58 @@
|
|||||||
|
name: Build and Deploy
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches: [main]
|
||||||
|
|
||||||
|
env:
|
||||||
|
INTERNAL_REGISTRY: gitea-http.gitea.svc.cluster.local:3000
|
||||||
|
NODE_REGISTRY: localhost:30300
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build-and-deploy:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install Docker CLI
|
||||||
|
run: |
|
||||||
|
curl -fsSL https://download.docker.com/linux/static/stable/x86_64/docker-27.5.1.tgz \
|
||||||
|
| tar xz --strip-components=1 -C /usr/local/bin docker/docker
|
||||||
|
docker version
|
||||||
|
|
||||||
|
- name: Install kubectl
|
||||||
|
run: |
|
||||||
|
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
|
||||||
|
chmod +x kubectl
|
||||||
|
mv kubectl /usr/local/bin/
|
||||||
|
kubectl version --client
|
||||||
|
|
||||||
|
- name: Login to Gitea Registry
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.REGISTRY_PASSWORD }}" | \
|
||||||
|
docker login ${{ env.INTERNAL_REGISTRY }} \
|
||||||
|
-u ${{ secrets.REGISTRY_USERNAME }} --password-stdin
|
||||||
|
|
||||||
|
- name: Build and push server
|
||||||
|
run: |
|
||||||
|
docker build -f Dockerfile.server \
|
||||||
|
-t ${{ env.INTERNAL_REGISTRY }}/admin/learning-server:${{ github.sha }} \
|
||||||
|
-t ${{ env.INTERNAL_REGISTRY }}/admin/learning-server:latest \
|
||||||
|
.
|
||||||
|
docker push ${{ env.INTERNAL_REGISTRY }}/admin/learning-server:${{ github.sha }}
|
||||||
|
docker push ${{ env.INTERNAL_REGISTRY }}/admin/learning-server:latest
|
||||||
|
|
||||||
|
- name: Deploy to Kubernetes
|
||||||
|
env:
|
||||||
|
KUBECONFIG: /kubeconfig/config
|
||||||
|
run: |
|
||||||
|
kubectl apply -f k8s/namespace.yaml
|
||||||
|
kubectl apply -f k8s/secrets.yaml
|
||||||
|
kubectl apply -f k8s/configmap.yaml
|
||||||
|
kubectl apply -f k8s/postgres.yaml
|
||||||
|
kubectl apply -f k8s/server-deployment.yaml
|
||||||
|
kubectl apply -f k8s/server-service.yaml
|
||||||
|
kubectl -n learning set image deployment/learning-server \
|
||||||
|
learning-server=${{ env.NODE_REGISTRY }}/admin/learning-server:${{ github.sha }}
|
||||||
|
kubectl -n learning rollout status deployment/learning-server --timeout=120s
|
||||||
36
.golangci.yml
Normal file
36
.golangci.yml
Normal file
@@ -0,0 +1,36 @@
|
|||||||
|
version: "2"
|
||||||
|
|
||||||
|
run:
|
||||||
|
timeout: 3m
|
||||||
|
|
||||||
|
linters:
|
||||||
|
default: none
|
||||||
|
enable:
|
||||||
|
- errcheck
|
||||||
|
- govet
|
||||||
|
- ineffassign
|
||||||
|
- staticcheck
|
||||||
|
- unused
|
||||||
|
settings:
|
||||||
|
errcheck:
|
||||||
|
check-type-assertions: true
|
||||||
|
check-blank: false
|
||||||
|
exclude-functions:
|
||||||
|
- (io.Closer).Close
|
||||||
|
- (net/http.ResponseWriter).Write
|
||||||
|
- (*encoding/json.Encoder).Encode
|
||||||
|
- io.Copy
|
||||||
|
- fmt.Fprintf
|
||||||
|
- (github.com/jackc/pgx/v5.Tx).Rollback
|
||||||
|
- os.RemoveAll
|
||||||
|
staticcheck:
|
||||||
|
checks: ["all", "-SA1019", "-ST1000", "-ST1005", "-ST1020", "-ST1021", "-ST1022"]
|
||||||
|
exclusions:
|
||||||
|
rules:
|
||||||
|
- path: _test\.go
|
||||||
|
linters:
|
||||||
|
- errcheck
|
||||||
|
|
||||||
|
issues:
|
||||||
|
max-issues-per-linter: 0
|
||||||
|
max-same-issues: 0
|
||||||
Reference in New Issue
Block a user