This commit is contained in:
Ashwin Kumar Sivakumar
parent
bd29c678cd
commit
a1bbff87b1
2 changed files with 82 additions and 11 deletions
71
.gitea/workflows/build.yaml
Normal file
71
.gitea/workflows/build.yaml
Normal file
|
|
@ -0,0 +1,71 @@
|
||||||
|
name: Build Admin And Update GitOps
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
- high-performance
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
env:
|
||||||
|
DOCKER_HOST: unix:///var/run/docker.sock
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install Docker CLI
|
||||||
|
run: |
|
||||||
|
apt-get update
|
||||||
|
apt-get install -y docker.io
|
||||||
|
|
||||||
|
- name: Log in to registry
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login registry.nxtgauge.com -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
|
||||||
|
|
||||||
|
- name: Build and push admin image
|
||||||
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
|
IMAGE="registry.nxtgauge.com/nxtgauge-admin-solid:${{ github.sha }}"
|
||||||
|
docker build -t "${IMAGE}" -t registry.nxtgauge.com/nxtgauge-admin-solid:latest .
|
||||||
|
docker push "${IMAGE}"
|
||||||
|
docker push registry.nxtgauge.com/nxtgauge-admin-solid:latest
|
||||||
|
|
||||||
|
update-gitops:
|
||||||
|
needs: build
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Update GitOps admin tag
|
||||||
|
env:
|
||||||
|
GITOPS_USERNAME: ${{ secrets.GITOPS_GITHUB_USERNAME || 'Traceworks2023' }}
|
||||||
|
GITOPS_PASSWORD: ${{ secrets.GITOPS_GITHUB_TOKEN || secrets.GITOPS_PAT }}
|
||||||
|
GITOPS_REPO: https://github.com/Traceworks2023/nxtgauge-gitops.git
|
||||||
|
IMAGE_TAG: ${{ github.sha }}
|
||||||
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
|
test -n "${GITOPS_PASSWORD:-}" || { echo "GITOPS_PASSWORD is empty"; exit 1; }
|
||||||
|
AUTH="$(printf '%s' "${GITOPS_USERNAME}:${GITOPS_PASSWORD}" | base64 -w0)"
|
||||||
|
TMP_DIR="$(mktemp -d)"
|
||||||
|
git -c http.extraHeader="AUTHORIZATION: basic ${AUTH}" clone --branch main "${GITOPS_REPO}" "${TMP_DIR}"
|
||||||
|
cd "${TMP_DIR}"
|
||||||
|
python3 - <<'PY'
|
||||||
|
from pathlib import Path
|
||||||
|
import os
|
||||||
|
path = Path('apps/nxtgauge-admin-solid/overlays/prod/kustomization.yaml')
|
||||||
|
lines = path.read_text().splitlines()
|
||||||
|
out = []
|
||||||
|
for line in lines:
|
||||||
|
if line.strip().startswith('newTag:'):
|
||||||
|
indent = line[:len(line) - len(line.lstrip())]
|
||||||
|
out.append(f"{indent}newTag: {os.environ['IMAGE_TAG']}")
|
||||||
|
else:
|
||||||
|
out.append(line)
|
||||||
|
path.write_text('\n'.join(out) + '\n')
|
||||||
|
PY
|
||||||
|
git config user.name "forgejo-actions"
|
||||||
|
git config user.email "forgejo-actions@nxtgauge.com"
|
||||||
|
git add apps/nxtgauge-admin-solid/overlays/prod/kustomization.yaml
|
||||||
|
git diff --cached --quiet && exit 0
|
||||||
|
git commit -m "chore(gitops): update admin image to ${IMAGE_TAG}"
|
||||||
|
git -c http.extraHeader="AUTHORIZATION: basic ${AUTH}" push origin main
|
||||||
22
.github/workflows/sync-to-forgejo.yml
vendored
22
.github/workflows/sync-to-forgejo.yml
vendored
|
|
@ -10,14 +10,14 @@ jobs:
|
||||||
sync:
|
sync:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
permissions:
|
permissions:
|
||||||
contents: write
|
contents: read
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
|
||||||
- name: Sync to Forgejo
|
- name: Push branch to Forgejo
|
||||||
env:
|
env:
|
||||||
FORGEJO_SECRET: ${{ secrets.FORGEJO_SECRET || secrets.GITEA_SECRET }}
|
FORGEJO_SECRET: ${{ secrets.FORGEJO_SECRET || secrets.GITEA_SECRET }}
|
||||||
FORGEJO_OWNER: ${{ secrets.FORGEJO_OWNER || 'ashwin' }}
|
FORGEJO_OWNER: ${{ secrets.FORGEJO_OWNER || 'ashwin' }}
|
||||||
|
|
@ -25,16 +25,16 @@ jobs:
|
||||||
REPO: ${{ github.event.repository.name }}
|
REPO: ${{ github.event.repository.name }}
|
||||||
BRANCH: ${{ github.ref_name }}
|
BRANCH: ${{ github.ref_name }}
|
||||||
run: |
|
run: |
|
||||||
set -euxo pipefail
|
set -euo pipefail
|
||||||
export GIT_TERMINAL_PROMPT=0
|
test -n "${FORGEJO_SECRET:-}" || { echo "FORGEJO_SECRET is empty"; exit 1; }
|
||||||
export GIT_TRACE=1
|
|
||||||
export GIT_CURL_VERBOSE=1
|
|
||||||
|
|
||||||
USER="${FORGEJO_USERNAME}"
|
AUTH="$(printf '%s' "${FORGEJO_USERNAME}:${FORGEJO_SECRET}" | base64 -w0)"
|
||||||
TARGET="https://ci.nxtgauge.com/${FORGEJO_OWNER}/${REPO}.git"
|
TARGET="https://ci.nxtgauge.com/${FORGEJO_OWNER}/${REPO}.git"
|
||||||
AUTH="$(printf '%s' "${USER}:${FORGEJO_SECRET}" | base64 -w0)"
|
|
||||||
|
|
||||||
test -n "${FORGEJO_SECRET:-}" || (echo "FORGEJO_SECRET empty" && exit 1)
|
git config user.name "github-actions[bot]"
|
||||||
curl -fsS -H "Authorization: Basic ${AUTH}" https://ci.nxtgauge.com/api/v1/user >/dev/null
|
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
||||||
curl -fsS -X POST -H "Authorization: Basic ${AUTH}" "https://ci.nxtgauge.com/api/v1/repos/${FORGEJO_OWNER}/${REPO}/mirror-sync" >/dev/null
|
git remote remove forgejo 2>/dev/null || true
|
||||||
|
git remote add forgejo "${TARGET}"
|
||||||
|
|
||||||
|
git -c http.extraHeader="AUTHORIZATION: basic ${AUTH}" push forgejo "HEAD:${BRANCH}" --force
|
||||||
|
git -c http.extraHeader="AUTHORIZATION: basic ${AUTH}" push forgejo --tags --force
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue