This commit is contained in:
+7
-147
@@ -1,152 +1,12 @@
|
|||||||
name: Docker Build and Push
|
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
workflow_run:
|
||||||
branches:
|
workflows: ["sonarqube"]
|
||||||
- main
|
types:
|
||||||
- staging
|
- completed
|
||||||
tags:
|
|
||||||
- 'v*'
|
|
||||||
paths:
|
|
||||||
- '**.go'
|
|
||||||
- 'go.mod'
|
|
||||||
- 'go.sum'
|
|
||||||
- 'Dockerfile'
|
|
||||||
- 'Dockerfile.*'
|
|
||||||
- '.dockerignore'
|
|
||||||
- '.gitea/workflows/build.yml'
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build-and-push-branches:
|
deployment:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
if: github.ref_type == 'branch'
|
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Deploy on completion
|
||||||
uses: actions/checkout@v6
|
run: echo "Workflow A completed, now deploying in Workflow B..."
|
||||||
|
|
||||||
- name: Set up Docker Buildx
|
|
||||||
uses: docker/setup-buildx-action@v3
|
|
||||||
|
|
||||||
- name: Log in to Docker Hub
|
|
||||||
uses: docker/login-action@v3
|
|
||||||
with:
|
|
||||||
registry: git.fossy.my.id
|
|
||||||
username: ${{ secrets.DOCKER_USERNAME }}
|
|
||||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
||||||
|
|
||||||
- name: Set version variables
|
|
||||||
id: vars
|
|
||||||
run: |
|
|
||||||
if [ "${{ github.ref }}" == "refs/heads/main" ]; then
|
|
||||||
echo "VERSION=dev-main" >> $GITHUB_OUTPUT
|
|
||||||
else
|
|
||||||
echo "VERSION=dev-staging" >> $GITHUB_OUTPUT
|
|
||||||
fi
|
|
||||||
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
|
|
||||||
echo "COMMIT=${{ github.sha }}" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
- name: Build and push Docker image for main
|
|
||||||
uses: docker/build-push-action@v6
|
|
||||||
with:
|
|
||||||
context: .
|
|
||||||
push: true
|
|
||||||
tags: |
|
|
||||||
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:latest
|
|
||||||
platforms: linux/amd64,linux/arm64
|
|
||||||
build-args: |
|
|
||||||
VERSION=${{ steps.vars.outputs.VERSION }}
|
|
||||||
BUILD_DATE=${{ steps.vars.outputs.BUILD_DATE }}
|
|
||||||
COMMIT=${{ steps.vars.outputs.COMMIT }}
|
|
||||||
if: github.ref == 'refs/heads/main'
|
|
||||||
|
|
||||||
- name: Build and push Docker image for staging
|
|
||||||
uses: docker/build-push-action@v6
|
|
||||||
with:
|
|
||||||
context: .
|
|
||||||
push: true
|
|
||||||
tags: |
|
|
||||||
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:staging
|
|
||||||
platforms: linux/amd64,linux/arm64
|
|
||||||
build-args: |
|
|
||||||
VERSION=${{ steps.vars.outputs.VERSION }}
|
|
||||||
BUILD_DATE=${{ steps.vars.outputs.BUILD_DATE }}
|
|
||||||
COMMIT=${{ steps.vars.outputs.COMMIT }}
|
|
||||||
if: github.ref == 'refs/heads/staging'
|
|
||||||
|
|
||||||
build-and-push-tags:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v')
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: Checkout repository
|
|
||||||
uses: actions/checkout@v6
|
|
||||||
|
|
||||||
- name: Set up Docker Buildx
|
|
||||||
uses: docker/setup-buildx-action@v3
|
|
||||||
|
|
||||||
- name: Log in to Docker Hub
|
|
||||||
uses: docker/login-action@v3
|
|
||||||
with:
|
|
||||||
registry: git.fossy.my.id
|
|
||||||
username: ${{ secrets.DOCKER_USERNAME }}
|
|
||||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
||||||
|
|
||||||
- name: Extract version and determine release type
|
|
||||||
id: version
|
|
||||||
run: |
|
|
||||||
VERSION=${GITHUB_REF#refs/tags/v}
|
|
||||||
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
|
|
||||||
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
|
|
||||||
echo "COMMIT=${{ github.sha }}" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
if echo "$VERSION" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$'; then
|
|
||||||
MAJOR=$(echo "$VERSION" | cut -d. -f1)
|
|
||||||
MINOR=$(echo "$VERSION" | cut -d. -f2)
|
|
||||||
|
|
||||||
echo "MAJOR=$MAJOR" >> $GITHUB_OUTPUT
|
|
||||||
echo "MINOR=$MINOR" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
if echo "$VERSION" | grep -q '-'; then
|
|
||||||
echo "IS_PRERELEASE=true" >> $GITHUB_OUTPUT
|
|
||||||
echo "ADDITIONAL_TAG=staging" >> $GITHUB_OUTPUT
|
|
||||||
else
|
|
||||||
echo "IS_PRERELEASE=false" >> $GITHUB_OUTPUT
|
|
||||||
echo "ADDITIONAL_TAG=latest" >> $GITHUB_OUTPUT
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
echo "Invalid version format: $VERSION"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: Build and push Docker image for release
|
|
||||||
uses: docker/build-push-action@v6
|
|
||||||
with:
|
|
||||||
context: .
|
|
||||||
push: true
|
|
||||||
tags: |
|
|
||||||
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }}
|
|
||||||
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }}.${{ steps.version.outputs.MINOR }}
|
|
||||||
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }}
|
|
||||||
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:${{ steps.version.outputs.ADDITIONAL_TAG }}
|
|
||||||
platforms: linux/amd64,linux/arm64
|
|
||||||
build-args: |
|
|
||||||
VERSION=${{ steps.version.outputs.VERSION }}
|
|
||||||
BUILD_DATE=${{ steps.version.outputs.BUILD_DATE }}
|
|
||||||
COMMIT=${{ steps.version.outputs.COMMIT }}
|
|
||||||
if: steps.version.outputs.IS_PRERELEASE == 'false'
|
|
||||||
|
|
||||||
- name: Build and push Docker image for pre-release
|
|
||||||
uses: docker/build-push-action@v6
|
|
||||||
with:
|
|
||||||
context: .
|
|
||||||
push: true
|
|
||||||
tags: |
|
|
||||||
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }}
|
|
||||||
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:${{ steps.version.outputs.ADDITIONAL_TAG }}
|
|
||||||
platforms: linux/amd64,linux/arm64
|
|
||||||
build-args: |
|
|
||||||
VERSION=${{ steps.version.outputs.VERSION }}
|
|
||||||
BUILD_DATE=${{ steps.version.outputs.BUILD_DATE }}
|
|
||||||
COMMIT=${{ steps.version.outputs.COMMIT }}
|
|
||||||
if: steps.version.outputs.IS_PRERELEASE == 'true'
|
|
||||||
|
|||||||
@@ -1,68 +1,7 @@
|
|||||||
on:
|
on: [push]
|
||||||
push:
|
|
||||||
pull_request:
|
|
||||||
types: [opened, synchronize, reopened]
|
|
||||||
|
|
||||||
name: SonarQube Scan
|
|
||||||
jobs:
|
jobs:
|
||||||
sonarqube:
|
run_tests:
|
||||||
name: SonarQube Trigger
|
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Checking out
|
- name: Run tests
|
||||||
uses: actions/checkout@v4
|
run: echo "Running tests in Workflow A..."
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
|
|
||||||
- name: Set up Go
|
|
||||||
uses: actions/setup-go@v6
|
|
||||||
with:
|
|
||||||
go-version: '1.25.5'
|
|
||||||
cache: false
|
|
||||||
|
|
||||||
- name: Install dependencies
|
|
||||||
run: go mod tidy
|
|
||||||
|
|
||||||
- name: Run go vet
|
|
||||||
run: go vet ./... 2>&1 | tee vet-results.txt
|
|
||||||
|
|
||||||
- name: Run tests with coverage
|
|
||||||
run: |
|
|
||||||
go test ./... -v -coverprofile=coverage
|
|
||||||
|
|
||||||
- name: Run GolangCI-Lint Analysis
|
|
||||||
uses: golangci/golangci-lint-action@v9
|
|
||||||
with:
|
|
||||||
skip-cache: true
|
|
||||||
version: v2.6
|
|
||||||
args: >
|
|
||||||
--issues-exit-code=0
|
|
||||||
--output.text.path=stdout
|
|
||||||
--output.checkstyle.path=golangci-lint-report.xml
|
|
||||||
|
|
||||||
- name: Set SonarQube project key
|
|
||||||
run: |
|
|
||||||
BRANCH_NAME=${GITHUB_REF#refs/heads/}
|
|
||||||
if [ "$BRANCH_NAME" = "main" ]; then
|
|
||||||
SONAR_PROJECT_KEY="tunnel-please"
|
|
||||||
else
|
|
||||||
BRANCH_KEY=${BRANCH_NAME//\//-}
|
|
||||||
SONAR_PROJECT_KEY="tunnel-please-$BRANCH_KEY"
|
|
||||||
fi
|
|
||||||
echo "SONAR_PROJECT_KEY=tunnel-please-$BRANCH_KEY" >> $GITHUB_ENV
|
|
||||||
echo "Using SonarQube Project Key: $SONAR_PROJECT_KEY"
|
|
||||||
|
|
||||||
- name: SonarQube Scan
|
|
||||||
uses: SonarSource/sonarqube-scan-action@v7.0.0
|
|
||||||
env:
|
|
||||||
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|
|
||||||
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
|
||||||
with:
|
|
||||||
args: >
|
|
||||||
-Dsonar.projectKey=${{ env.SONAR_PROJECT_KEY }}
|
|
||||||
-Dsonar.go.coverage.reportPaths=coverage
|
|
||||||
-Dsonar.test.inclusions=**/*_test.go
|
|
||||||
-Dsonar.test.exclusions=**/vendor/**
|
|
||||||
-Dsonar.exclusions=**/*_test.go,**/vendor/**,**/golangci-lint-report.xml
|
|
||||||
-Dsonar.go.govet.reportPaths=vet-results.txt
|
|
||||||
-Dsonar.go.golangci-lint.reportPaths=golangci-lint-report.xml
|
|
||||||
Reference in New Issue
Block a user