switch to gitea-actions
All checks were successful
lint, build and push / lint (push) Successful in 6s
lint, build and push / build (push) Successful in 16s

This commit is contained in:
Michael Grote 2024-08-27 21:19:51 +02:00
parent 9643d1a3f6
commit 959a96e2f9
4 changed files with 81 additions and 80 deletions

View file

@ -0,0 +1,78 @@
name: "lint, build and push"
on:
schedule:
- cron: "5 3 * * SUN"
push:
branches: [ master ]
pull_request:
# Variables: https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables + https://forgejo.org/docs/latest/user/actions/#env-1
jobs:
lint:
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Gitleaks
uses: docker://zricethezav/gitleaks:v8.18.4
with:
args: detect --no-git --verbose --source ${{ github.workspace }}
- name: Checkout code
uses: actions/checkout@v4
- name: Run hadolint
uses: docker://pipelinecomponents/hadolint:0.26.4
with:
args: hadolint Dockerfile
# - name: Run ShellCheck
# uses: sudo-bot/action-shellcheck@latest
# with:
# cli-args: "shell.sh"
- name: Send notification on error
uses: dawidd6/action-send-mail@v3
if: failure()
with:
connection_url: smtp://docker10.mgrote.net:1025
secure: false
ignore_cert: true
to: michael.grote@posteo.de
from: Gitea Actions <gitea@mgrote.net>
subject: "CI Error in ${{ env.GITHUB_REPOSITORY }}"
body: "Job of ${{ env.github.repository }} failed!"
build:
needs: [gitleaks, hadolint] # shellcheck
steps:
- uses: https://github.com/actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# - name: Login to Docker Hub
# uses: docker/login-action@v3
# with:
# username: ${{ secrets.DOCKERHUB_USERNAME }}
# password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Extract repository name
id: meta
run: |
echo REPO_NAME=$(echo ${GITHUB_REPOSITORY} | awk -F"/" '{print $2}') >> $GITHUB_OUTPUT
- name: Extract branch name
shell: bash
run: echo "REPO_BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
id: extract_branch
- name: Build and push Docker image
uses: https://github.com/docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
push: true
tags: "registry.mgrote.net/${{ steps.meta.outputs.REPO_NAME }}:latest,registry.mgrote.net/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.extract_branch.outputs.REPO_BRANCH }}"
- name: Send notification on error
uses: dawidd6/action-send-mail@v3
if: failure()
with:
connection_url: smtp://docker10.mgrote.net:1025
secure: false
ignore_cert: true
to: michael.grote@posteo.de
from: Gitea Actions <gitea@mgrote.net>
subject: "CI Error in ${{ env.GITHUB_REPOSITORY }}"
body: Job of ${{ env.github.repository }} failed!

View file

@ -1,41 +0,0 @@
---
depends_on:
- lint
clone:
git:
image: "woodpeckerci/plugin-git:2.5.2"
settings:
depth: 9999 # wird benötigt um die Commits zählen zu können
lfs: false
partial: false
steps:
build_and_push: # damit dieser Step laufen kann muss das Repo in der Woodpecker-GUI "privilegiert" sein
image: "docker:27.1.2"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
commands:
# https://unix.stackexchange.com/questions/748633/error-multiple-platforms-feature-is-currently-not-supported-for-docker-driver
- docker buildx create --use --platform=linux/amd64 --name multi-platform-builder
- docker buildx inspect --bootstrap
- |
docker buildx build \
--no-cache \
--platform=linux/amd64 \
--push \
--tag registry.mgrote.net/${CI_REPO_NAME}:${CI_COMMIT_BRANCH} \
--tag registry.mgrote.net/${CI_REPO_NAME}:latest \
--label org.opencontainers.image.url=$CI_REPO_URL \
--label org.opencontainers.image.source=$CI_REPO_URL \
--label org.opencontainers.image.revision=$CI_COMMIT_SHA \
--label org.opencontainers.image.created=$DATE \
--file Dockerfile .
when:
- event: [push, pull_request, cron, manual]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
...
# händisch:
# docker build . -t registry.mgrote.net/allzweckcontainer:latest
# docker push registry.mgrote.net/allzweckcontainer:latest

View file

@ -1,32 +0,0 @@
---
steps:
gitleaks:
image: zricethezav/gitleaks:v8.18.4
commands:
- gitleaks detect --no-git --verbose --source $CI_WORKSPACE
when:
- event: [push, pull_request, cron]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
hadolint:
image: pipelinecomponents/hadolint:0.26.4
commands:
- hadolint Dockerfile
when:
- event: [push, pull_request, cron]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
shellcheck:
image: "koalaman/shellcheck-alpine:v0.10.0"
commands:
- |
find . -type f -not -path './.git/*' -not -path './collections/*' -exec file {} \; | while IFS= read -r line; do
if echo "$line" | grep -q "shell script"; then
file_path=$(echo "$line" | awk -F':' '{print $1}')
shellcheck "$file_path"
fi
done
when:
- event: [push, pull_request, cron]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
...

View file

@ -1,10 +1,6 @@
FROM httpd:2.4.62-alpine3.20 FROM httpd:2.4.62-alpine3.20
# renovate: datasource=repology depName=alpine_3_20/curl versioning=loose # hadolint ignore=DL3018
ENV CURL_VERSION="8.9.0-r0"
# renovate: datasource=repology depName=alpine_3_20/wget versioning=loose
ENV WGET_VERSION="1.24.5-r0"
RUN apk add --no-cache \ RUN apk add --no-cache \
curl="${CURL_VERSION}" \ curl \
wget="${WGET_VERSION}" wget