From 5b05723e93187d3a7e2a5863461552f73e030dcf Mon Sep 17 00:00:00 2001 From: bagas Date: Wed, 28 Jan 2026 00:54:47 +0700 Subject: [PATCH] ci: refactor workflows for SonarQube, tag-only Docker builds, and global testing - Run SonarQube scans only on main, staging, and feat/* branches - Build and push Docker images only on semantic version tags - Add test job that runs on all events --- .gitea/workflows/build.yml | 120 +++++++++++---------------------- .gitea/workflows/sonarqube.yml | 10 +-- .gitea/workflows/testing.yml | 36 ++++++++++ 3 files changed, 82 insertions(+), 84 deletions(-) create mode 100644 .gitea/workflows/testing.yml diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index 0f455d7..d3103e1 100644 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -2,24 +2,38 @@ name: Docker Build and Push on: push: - branches: - - main - - staging tags: - 'v*' - paths: - - '**.go' - - 'go.mod' - - 'go.sum' - - 'Dockerfile' - - 'Dockerfile.*' - - '.dockerignore' - - '.gitea/workflows/build.yml' jobs: - build-and-push-branches: + test: + name: Run Tests runs-on: ubuntu-latest - if: github.ref_type == 'branch' + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v6 + with: + go-version: 'stable' + cache: false + + - name: Install dependencies + run: go mod download + + - name: Run go vet + run: go vet ./... + + - name: Run tests + run: go test -v -p 4 ./... + + + build-and-push: + name: Build and Push Docker Image + runs-on: ubuntu-latest + needs: test steps: - name: Checkout repository @@ -28,64 +42,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Log in to Docker Hub - uses: docker/login-action@v3 - with: - registry: git.fossy.my.id - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Set version variables - id: vars - run: | - if [ "${{ github.ref }}" == "refs/heads/main" ]; then - echo "VERSION=dev-main" >> $GITHUB_OUTPUT - else - echo "VERSION=dev-staging" >> $GITHUB_OUTPUT - fi - echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT - echo "COMMIT=${{ github.sha }}" >> $GITHUB_OUTPUT - - - name: Build and push Docker image for main - uses: docker/build-push-action@v6 - with: - context: . - push: true - tags: | - git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:latest - platforms: linux/amd64,linux/arm64 - build-args: | - VERSION=${{ steps.vars.outputs.VERSION }} - BUILD_DATE=${{ steps.vars.outputs.BUILD_DATE }} - COMMIT=${{ steps.vars.outputs.COMMIT }} - if: github.ref == 'refs/heads/main' - - - name: Build and push Docker image for staging - uses: docker/build-push-action@v6 - with: - context: . - push: true - tags: | - git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:staging - platforms: linux/amd64,linux/arm64 - build-args: | - VERSION=${{ steps.vars.outputs.VERSION }} - BUILD_DATE=${{ steps.vars.outputs.BUILD_DATE }} - COMMIT=${{ steps.vars.outputs.COMMIT }} - if: github.ref == 'refs/heads/staging' - - build-and-push-tags: - runs-on: ubuntu-latest - if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v') - - steps: - - name: Checkout repository - uses: actions/checkout@v6 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Log in to Docker Hub + - name: Log in to Docker Registry uses: docker/login-action@v3 with: registry: git.fossy.my.id @@ -103,32 +60,35 @@ jobs: if echo "$VERSION" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$'; then MAJOR=$(echo "$VERSION" | cut -d. -f1) MINOR=$(echo "$VERSION" | cut -d. -f2) - + PATCH=$(echo "$VERSION" | cut -d. -f3 | cut -d- -f1) + echo "MAJOR=$MAJOR" >> $GITHUB_OUTPUT echo "MINOR=$MINOR" >> $GITHUB_OUTPUT - + echo "PATCH=$PATCH" >> $GITHUB_OUTPUT + if echo "$VERSION" | grep -q '-'; then + PRERELEASE_TAG=$(echo "$VERSION" | cut -d- -f2 | cut -d. -f1) echo "IS_PRERELEASE=true" >> $GITHUB_OUTPUT - echo "ADDITIONAL_TAG=staging" >> $GITHUB_OUTPUT + echo "PRERELEASE_TAG=$PRERELEASE_TAG" >> $GITHUB_OUTPUT else echo "IS_PRERELEASE=false" >> $GITHUB_OUTPUT - echo "ADDITIONAL_TAG=latest" >> $GITHUB_OUTPUT fi else echo "Invalid version format: $VERSION" exit 1 fi - - name: Build and push Docker image for release + - name: Build and push Docker image (release) uses: docker/build-push-action@v6 with: context: . push: true tags: | git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }} + git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:release git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }}.${{ steps.version.outputs.MINOR }} git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }} - git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:${{ steps.version.outputs.ADDITIONAL_TAG }} + git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:latest platforms: linux/amd64,linux/arm64 build-args: | VERSION=${{ steps.version.outputs.VERSION }} @@ -136,17 +96,17 @@ jobs: COMMIT=${{ steps.version.outputs.COMMIT }} if: steps.version.outputs.IS_PRERELEASE == 'false' - - name: Build and push Docker image for pre-release + - name: Build and push Docker image (pre-release) uses: docker/build-push-action@v6 with: context: . push: true tags: | git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }} - git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:${{ steps.version.outputs.ADDITIONAL_TAG }} + git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:staging platforms: linux/amd64,linux/arm64 build-args: | VERSION=${{ steps.version.outputs.VERSION }} BUILD_DATE=${{ steps.version.outputs.BUILD_DATE }} COMMIT=${{ steps.version.outputs.COMMIT }} - if: steps.version.outputs.IS_PRERELEASE == 'true' + if: steps.version.outputs.IS_PRERELEASE == 'true' \ No newline at end of file diff --git a/.gitea/workflows/sonarqube.yml b/.gitea/workflows/sonarqube.yml index 0856391..3f6087e 100644 --- a/.gitea/workflows/sonarqube.yml +++ b/.gitea/workflows/sonarqube.yml @@ -1,7 +1,9 @@ on: push: - pull_request: - types: [opened, synchronize, reopened] + branches: + - main + - staging + - 'feat/**' name: SonarQube Scan jobs: @@ -17,7 +19,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v6 with: - go-version: '1.25.6' + go-version: 'stable' cache: false - name: Install dependencies @@ -28,7 +30,7 @@ jobs: - name: Run tests with coverage run: | - go test ./... -v -coverprofile=coverage + go test ./... -v -p 4 -coverprofile=coverage - name: Run GolangCI-Lint Analysis uses: golangci/golangci-lint-action@v9 diff --git a/.gitea/workflows/testing.yml b/.gitea/workflows/testing.yml new file mode 100644 index 0000000..449ddd7 --- /dev/null +++ b/.gitea/workflows/testing.yml @@ -0,0 +1,36 @@ +name: Tests + +on: + pull_request: + types: [opened, synchronize, reopened] + issue_comment: + types: [created] + +jobs: + test: + name: Run Tests + runs-on: ubuntu-latest + if: | + github.event_name == 'pull_request' || + (github.event_name == 'issue_comment' && + github.event.issue.pull_request != null && + contains(github.event.comment.body, '/retest')) + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v6 + with: + go-version: 'stable' + cache: false + + - name: Install dependencies + run: go mod download + + - name: Run go vet + run: go vet ./... + + - name: Run tests + run: go test -v -p 4 ./... \ No newline at end of file