.gitea/scripts/update-gitops.py

@@ -11,7 +11,7 @@ Usage:
 This script:
 1. Updates the newTag for the specified service to the SHA
 2. Commits and pushes to the gitops repo
-3. Flux detects the change and deploys
+3. ArgoCD detects the change and deploys
 """
 
 import argparse
@@ -98,14 +98,10 @@ def main():
         image_name = f"nxtgauge-{args.service}"
 
     # Find the right kustomization file based on service
-    if "frontend" in args.service:
+    if "frontend" in args.service or "admin" in args.service:
         kustomization_path = os.path.join(args.repo, "apps/nxtgauge-frontend-solid/overlays/prod/kustomization.yaml")
         if not os.path.exists(kustomization_path):
             kustomization_path = os.path.join(args.repo, "apps/nxtgauge-frontend-solid/base/kustomization.yaml")
-    elif "admin" in args.service:
-        kustomization_path = os.path.join(args.repo, "apps/nxtgauge-admin-solid/overlays/prod/kustomization.yaml")
-        if not os.path.exists(kustomization_path):
-            kustomization_path = os.path.join(args.repo, "apps/nxtgauge-admin-solid/base/kustomization.yaml")
     elif "ai-assistant" in args.service:
         kustomization_path = os.path.join(args.repo, "apps/nxtgauge-ai-assistant/overlays/prod/kustomization.yaml")
         if not os.path.exists(kustomization_path):

.gitea/workflows/build.yaml

@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - main
+      - high-performance
 
 jobs:
   build:
@@ -29,7 +30,6 @@ jobs:
         run: |
           set -euo pipefail
           export DOCKER_HOST=unix:///var/run/docker.sock
-          SHA="$(git rev-parse HEAD)"
           test -n "$REGISTRY_HOSTPORT"
           echo "$REGISTRY_PASSWORD" | docker login "$REGISTRY_HOSTPORT" -u "$REGISTRY_USERNAME" --password-stdin
 
@@ -39,13 +39,28 @@ jobs:
         run: |
           set -euo pipefail
           export DOCKER_HOST=unix:///var/run/docker.sock
-          SHA="$(git rev-parse HEAD)"
           docker buildx build --push \
             -f Dockerfile \
-            -t "$REGISTRY_HOSTPORT/nxtgauge-ai-assistant:${SHA}" \
+            -t "$REGISTRY_HOSTPORT/nxtgauge-ai-assistant:${{ gitea.sha }}" \
             -t "$REGISTRY_HOSTPORT/nxtgauge-ai-assistant:main-latest" \
             .
 
+      - name: Prune old image tags (keep latest 1 SHA)
+        if: success()
+        continue-on-error: true
+        env:
+          REGISTRY_HOST: ${{ secrets.REGISTRY_HOSTPORT }}
+          REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
+          REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
+        run: |
+          set -euo pipefail
+          python3 .gitea/scripts/registry_prune.py \
+            --registry "$REGISTRY_HOST" \
+            --repo "nxtgauge-ai-assistant" \
+            --username "$REGISTRY_USERNAME" \
+            --password "$REGISTRY_PASSWORD" \
+            --keep 1
+
       - name: Update GitOps and trigger deployment
         if: success()
         continue-on-error: true
@@ -54,12 +69,6 @@ jobs:
           GITEOPS_SSH_KEY: ${{ secrets.GITEOPS_SSH_KEY }}
         run: |
           set -euo pipefail
-          SHA="$(git rev-parse HEAD)"
-
-          if [ -z "$GITEOPS_REPO" ]; then
-            echo "GITEOPS_REPO secret not set, skipping GitOps update"
-            exit 0
-          fi
 
           GITEOPS_DIR=$(mktemp -d)
           git clone "$GITEOPS_REPO" "$GITEOPS_DIR"
@@ -70,35 +79,10 @@ jobs:
           chmod 600 ~/.ssh/id_ed25519
           ssh-keyscan github.com >> ~/.ssh/known_hosts 2>/dev/null
 
-          python3 .forgejo/scripts/update-gitops.py \
+          python3 .gitea/scripts/update-gitops.py \
             --repo "$GITEOPS_DIR" \
             --service "ai-assistant" \
-            --sha "${SHA}" \
-            --message "chore: deploy ai-assistant@${SHA}"
+            --sha "${{ gitea.sha }}" \
+            --message "chore: deploy ai-assistant@${{ gitea.sha }}"
 
           rm -rf "$GITEOPS_DIR"
-
-  cleanup-after-build:
-    needs: build
-    if: always() && needs.build.result == 'success'
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Cleanup old image tags (keep 2 SHA tags)
-        continue-on-error: true
-        env:
-          REGISTRY_HOST: ${{ secrets.REGISTRY_HOSTPORT }}
-          REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
-          REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
-        run: |
-          set -euo pipefail
-          echo "AI Assistant post-build cleanup: keeping only 2 SHA tags"
-          python3 .forgejo/scripts/registry_prune.py \
-            --registry "$REGISTRY_HOST" \
-            --repo "nxtgauge-ai-assistant" \
-            --username "$REGISTRY_USERNAME" \
-            --password "$REGISTRY_PASSWORD" \
-            --keep 2 || echo "Warning: cleanup failed (continuing)"
-          echo "Cleanup completed"

.github/workflows/sync-to-forgejo.yml

@@ -1,39 +0,0 @@
-name: sync-to-forgejo
-
-on:
-  push:
-    branches:
-      - main
-
-jobs:
-  sync:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Sync to Forgejo
-        env:
-          FORGEJO_SECRET: ${{ secrets.FORGEJO_SECRET || secrets.GITEA_SECRET }}
-          FORGEJO_OWNER: ${{ secrets.FORGEJO_OWNER || 'ashwin' }}
-          FORGEJO_USERNAME: ${{ secrets.FORGEJO_USERNAME || secrets.GITEA_USERNAME || 'ashwin' }}
-          REPO: ${{ github.event.repository.name }}
-          BRANCH: ${{ github.ref_name }}
-        run: |
-          set -euxo pipefail
-          export GIT_TERMINAL_PROMPT=0
-          export GIT_TRACE=1
-          export GIT_CURL_VERBOSE=1
-
-          USER="${FORGEJO_USERNAME}"
-          TARGET="https://ci.nxtgauge.com/${FORGEJO_OWNER}/${REPO}.git"
-          AUTH="$(printf '%s' "${USER}:${FORGEJO_SECRET}" | base64 -w0)"
-
-          test -n "${FORGEJO_SECRET:-}" || (echo "FORGEJO_SECRET empty" && exit 1)
-          curl -fsS -H "Authorization: Basic ${AUTH}" https://ci.nxtgauge.com/api/v1/user >/dev/null
-          curl -fsS -X POST             -H "Authorization: Basic ${AUTH}"             "https://ci.nxtgauge.com/api/v1/repos/${FORGEJO_OWNER}/${REPO}/mirror-sync" >/dev/null
-

.github/workflows/sync-to-gitea.yml

@@ -0,0 +1,46 @@
+name: sync-to-gitea
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  sync:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Sync to Gitea
+        env:
+          GITEA_TOKEN: ${{ secrets.GITEA_SECRET }}
+          REPO: ${{ github.event.repository.name }}
+          BRANCH: ${{ github.ref_name }}
+        run: |
+          set -euxo pipefail
+          export GIT_TERMINAL_PROMPT=0
+          export GIT_TRACE=1
+          export GIT_CURL_VERBOSE=1
+
+          USER="Admin"
+          TARGET="https://ci.nxtgauge.com/Admin/${REPO}.git"
+          AUTH="$(printf '%s' "${USER}:${GITEA_TOKEN}" | base64 -w0)"
+
+          test -n "${GITEA_TOKEN:-}" || (echo "GITEA_TOKEN empty" && exit 1)
+          curl -fsS -H "Authorization: token ${GITEA_TOKEN}" https://ci.nxtgauge.com/api/v1/user >/dev/null
+          curl -fsS -H "Authorization: Basic ${AUTH}" "${TARGET}/info/refs?service=git-receive-pack" >/dev/null
+
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git config --global http.version HTTP/1.1
+          git config --global http.postBuffer 524288000
+          git remote remove gitea 2>/dev/null || true
+          git remote add gitea "${TARGET}"
+
+          git -c http.extraheader="Authorization: Basic ${AUTH}" push gitea "HEAD:${BRANCH}" --force
+          git -c http.extraheader="Authorization: Basic ${AUTH}" push gitea --tags --force