sova/cabinet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
84c579e01eccc8a9ab9614c1000233dd764ed0db
cabinet/.gitea/workflows/build.yml
T
Valery Petrov 84c579e01e issues/27: CI PHPUnit gate on test and stage tags
2026-06-04 12:51:57 +03:00

119 lines
4.5 KiB
YAML
Raw Blame History

name: cabinet-ci-cd
# Pre-deploy PHPUnit on test|stage. Prod — без автотестов.
on:
push:
tags:
- 'cabinet-v*'
env:
REGISTRY: gitea-http.gitea.svc.cluster.local:3000
IMAGE: gitea-http.gitea.svc.cluster.local:3000/sova/cabinet
IMAGE_DEPLOY: git.sova.local/sova/cabinet
jobs:
parse-tag:
runs-on: ubuntu-latest
outputs:
full_tag: ${{ steps.meta.outputs.full_tag }}
env: ${{ steps.meta.outputs.env }}
version: ${{ steps.meta.outputs.version }}
steps:
- name: Parse tag
id: meta
run: |
TAG="${GITHUB_REF#refs/tags/}"
echo "full_tag=$TAG" >> "$GITHUB_OUTPUT"
echo "env=$(echo "$TAG" | sed -E 's/cabinet-v([0-9.]+)-([a-z]+)/\2/')" >> "$GITHUB_OUTPUT"
echo "version=$(echo "$TAG" | sed -E 's/cabinet-v([0-9.]+).*/\1/')" >> "$GITHUB_OUTPUT"
test:
needs: [parse-tag]
if: needs.parse-tag.outputs.env != 'prod'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.4'
extensions: pdo_pgsql, pdo_mysql, redis, intl, zip, gd
- name: Prepare CI environment
run: |
cp .env.ci .env.local
mkdir -p var
- run: composer install --prefer-dist --no-interaction
- name: PHPUnit
run: composer phpunit
- run: composer audit || true
test-prod-skip:
needs: [parse-tag]
if: needs.parse-tag.outputs.env == 'prod'
runs-on: ubuntu-latest
steps:
- run: echo "Prod tag — automated tests skipped."
build-and-push:
needs: [parse-tag, test, test-prod-skip]
if: always() && (needs.test.result == 'success' || needs.test.result == 'skipped') && (needs.test-prod-skip.result == 'success' || needs.test-prod-skip.result == 'skipped')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Docker login
env:
REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
run: |
echo "${REGISTRY_PASSWORD}" | docker login "$REGISTRY" -u "${REGISTRY_USER}" --password-stdin
- name: Build and push
run: |
TAG="${{ needs.parse-tag.outputs.full_tag }}"
docker build -f Dockerfile -t "$IMAGE:${TAG}" -t "$IMAGE:${{ needs.parse-tag.outputs.version }}" .
docker push "$IMAGE:${TAG}"
docker push "$IMAGE:${{ needs.parse-tag.outputs.version }}"
deploy-gitops:
needs: [build-and-push, parse-tag]
runs-on: ubuntu-latest
steps:
- name: Bump image tag in sova-deploy
env:
DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
DEPLOY_USER: ${{ secrets.REGISTRY_USER }}
run: |
REPO_URL="http://${DEPLOY_USER}:${DEPLOY_TOKEN}@gitea-http.gitea.svc.cluster.local:3000/sova/sova-deploy.git"
ENV="${{ needs.parse-tag.outputs.env }}"
TAG="${{ needs.parse-tag.outputs.full_tag }}"
case "${ENV}" in
test|stage|prod) ;;
*) echo "Unknown env from tag: ${ENV}"; exit 1 ;;
esac
git clone --branch "${ENV}" --single-branch "${REPO_URL}" sova-deploy 2>/dev/null \
|| { git clone "${REPO_URL}" sova-deploy && cd sova-deploy && git checkout -B "${ENV}"; }
cd sova-deploy
git config user.email "ci-bot@sova.local"
git config user.name "sova-ci"
MAX_RETRIES=5
case "$(uname -m)" in
x86_64|amd64) YQ_ARCH=amd64 ;;
aarch64|arm64) YQ_ARCH=arm64 ;;
*) echo "Unsupported arch: $(uname -m)"; exit 1 ;;
esac
curl -sSL -o /usr/local/bin/yq "https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_${YQ_ARCH}"
chmod +x /usr/local/bin/yq
for attempt in $(seq 1 $MAX_RETRIES); do
git pull --rebase origin "${ENV}"
yq -i ".image.repository = \"${IMAGE_DEPLOY}\"" "apps/cabinet/values-${ENV}.yaml"
yq -i ".image.tag = \"${TAG}\"" "apps/cabinet/values-${ENV}.yaml"
yq -i ".image.pullPolicy = \"IfNotPresent\"" "apps/cabinet/values-${ENV}.yaml"
git add "apps/cabinet/values-${ENV}.yaml"
git diff --cached --quiet && { echo "No changes"; exit 0; }
git commit -m "chore(cabinet): bump ${ENV} to ${TAG}"
if git push origin "${ENV}"; then exit 0; fi
git reset --hard HEAD~1
sleep $((attempt * 2))
done
exit 1
Reference in New Issue View Git Blame Copy Permalink