ci: gitea actions — ci (build/test/lint) + deploy
Стандартный набор по паттерну tasks/booking/telephony: - .gitea/workflows/ci.yml: go build + go test + golangci-lint v2.4 на каждый push/PR. Линтер строгий (zero-warnings policy). - .gitea/workflows/deploy.yaml: на push в main собирается образ, пушится в gitea registry (cluster-local + node-local), kubectl применяет все k8s/* и роллит deployment с image::<github.sha>. - .golangci.yml: тот же набор линтеров что в остальных Go-сервисах (errcheck/govet/ineffassign/staticcheck/unused) + exclusions для типичных «безопасных» свежих ошибок (Close/Encode/Rollback). REGISTRY_USERNAME/REGISTRY_PASSWORD secrets — те же что у других сервисов организации (нужно настроить repo-secrets в Gitea Admin перед первым deploy'ем). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
24
.gitea/workflows/ci.yml
Normal file
24
.gitea/workflows/ci.yml
Normal file
@@ -0,0 +1,24 @@
|
||||
name: CI
|
||||
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version-file: go.mod
|
||||
cache: true
|
||||
- run: go build ./...
|
||||
- run: go test ./...
|
||||
# Линтер — отдельным шагом чтобы test/build падали с понятным diff'ом
|
||||
# даже если lint warning'ов много. continue-on-error пока не ставим:
|
||||
# код базы небольшой, ожидаем zero warnings.
|
||||
- uses: golangci/golangci-lint-action@v7
|
||||
with:
|
||||
version: v2.4
|
||||
args: --config .golangci.yml ./...
|
||||
58
.gitea/workflows/deploy.yaml
Normal file
58
.gitea/workflows/deploy.yaml
Normal file
@@ -0,0 +1,58 @@
|
||||
name: Build and Deploy
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
|
||||
env:
|
||||
INTERNAL_REGISTRY: gitea-http.gitea.svc.cluster.local:3000
|
||||
NODE_REGISTRY: localhost:30300
|
||||
|
||||
jobs:
|
||||
build-and-deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install Docker CLI
|
||||
run: |
|
||||
curl -fsSL https://download.docker.com/linux/static/stable/x86_64/docker-27.5.1.tgz \
|
||||
| tar xz --strip-components=1 -C /usr/local/bin docker/docker
|
||||
docker version
|
||||
|
||||
- name: Install kubectl
|
||||
run: |
|
||||
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
|
||||
chmod +x kubectl
|
||||
mv kubectl /usr/local/bin/
|
||||
kubectl version --client
|
||||
|
||||
- name: Login to Gitea Registry
|
||||
run: |
|
||||
echo "${{ secrets.REGISTRY_PASSWORD }}" | \
|
||||
docker login ${{ env.INTERNAL_REGISTRY }} \
|
||||
-u ${{ secrets.REGISTRY_USERNAME }} --password-stdin
|
||||
|
||||
- name: Build and push server
|
||||
run: |
|
||||
docker build -f Dockerfile.server \
|
||||
-t ${{ env.INTERNAL_REGISTRY }}/admin/learning-server:${{ github.sha }} \
|
||||
-t ${{ env.INTERNAL_REGISTRY }}/admin/learning-server:latest \
|
||||
.
|
||||
docker push ${{ env.INTERNAL_REGISTRY }}/admin/learning-server:${{ github.sha }}
|
||||
docker push ${{ env.INTERNAL_REGISTRY }}/admin/learning-server:latest
|
||||
|
||||
- name: Deploy to Kubernetes
|
||||
env:
|
||||
KUBECONFIG: /kubeconfig/config
|
||||
run: |
|
||||
kubectl apply -f k8s/namespace.yaml
|
||||
kubectl apply -f k8s/secrets.yaml
|
||||
kubectl apply -f k8s/configmap.yaml
|
||||
kubectl apply -f k8s/postgres.yaml
|
||||
kubectl apply -f k8s/server-deployment.yaml
|
||||
kubectl apply -f k8s/server-service.yaml
|
||||
kubectl -n learning set image deployment/learning-server \
|
||||
learning-server=${{ env.NODE_REGISTRY }}/admin/learning-server:${{ github.sha }}
|
||||
kubectl -n learning rollout status deployment/learning-server --timeout=120s
|
||||
36
.golangci.yml
Normal file
36
.golangci.yml
Normal file
@@ -0,0 +1,36 @@
|
||||
version: "2"
|
||||
|
||||
run:
|
||||
timeout: 3m
|
||||
|
||||
linters:
|
||||
default: none
|
||||
enable:
|
||||
- errcheck
|
||||
- govet
|
||||
- ineffassign
|
||||
- staticcheck
|
||||
- unused
|
||||
settings:
|
||||
errcheck:
|
||||
check-type-assertions: true
|
||||
check-blank: false
|
||||
exclude-functions:
|
||||
- (io.Closer).Close
|
||||
- (net/http.ResponseWriter).Write
|
||||
- (*encoding/json.Encoder).Encode
|
||||
- io.Copy
|
||||
- fmt.Fprintf
|
||||
- (github.com/jackc/pgx/v5.Tx).Rollback
|
||||
- os.RemoveAll
|
||||
staticcheck:
|
||||
checks: ["all", "-SA1019", "-ST1000", "-ST1005", "-ST1020", "-ST1021", "-ST1022"]
|
||||
exclusions:
|
||||
rules:
|
||||
- path: _test\.go
|
||||
linters:
|
||||
- errcheck
|
||||
|
||||
issues:
|
||||
max-issues-per-linter: 0
|
||||
max-same-issues: 0
|
||||
Reference in New Issue
Block a user