chore: update ci-cd.yml

.gitea/workflows/ci-cd.yml

@@ -7,14 +7,15 @@ on:
     branches: [ main ]
 
 env:
-  REGISTRY_URL: localhost:5000  # For local development
+  REGISTRY_URL: docker-registry:5000  # Internal network name for Gitea runner
-  # REGISTRY_URL: registry.michaelschiemer.de  # For production with proper SSL
   IMAGE_NAME: michaelschiemer
   PHP_VERSION: "8.4"
 
 jobs:
   test:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
+    container:
+      image: node:18-bullseye
     services:
       redis:
         image: redis:8-alpine
@@ -29,6 +30,11 @@ jobs:
           - 3306:3306
 
     steps:
+      - name: Install System Dependencies
+        run: |
+          apt-get update
+          apt-get install -y git curl wget gnupg2 software-properties-common lsb-release ca-certificates apt-transport-https
+
       - name: Debug Environment
         run: |
           echo "=== Environment Debug ==="
@@ -39,6 +45,8 @@ jobs:
           which git || echo "git not found"
           which node || echo "node not found"
           which npm || echo "npm not found"
+          echo "Node version: $(node --version)"
+          echo "NPM version: $(npm --version)"
           echo "OS Info:"
           cat /etc/os-release || echo "os-release not found"
           echo "=== End Debug ==="
@@ -47,18 +55,18 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Setup PHP
-        uses: shivammathur/setup-php@v2
+        run: |
-        with:
+          # Install PHP 8.4
-          php-version: ${{ env.PHP_VERSION }}
+          wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
-          extensions: gd, zip, pdo, pdo_mysql, opcache, pcntl, posix, shmop, redis
+          echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list
-          tools: composer
+          apt-get update
-          coverage: none
+          apt-get install -y php8.4-cli php8.4-common php8.4-curl php8.4-zip php8.4-gd php8.4-mysql php8.4-xml php8.4-mbstring php8.4-json php8.4-intl php8.4-bcmath php8.4-redis
 
-      - name: Setup Node.js
+      - name: Install Composer
-        uses: actions/setup-node@v4
+        run: |
-        with:
+          curl -sS https://getcomposer.org/installer | php
-          node-version: '18'
+          mv composer.phar /usr/local/bin/composer
-          cache: 'npm'
+          chmod +x /usr/local/bin/composer
 
       - name: Cache Composer Dependencies
         uses: actions/cache@v4
@@ -82,28 +90,42 @@ jobs:
         run: |
           ./vendor/bin/pest
         env:
-          DB_HOST: localhost
+          DB_HOST: mariadb
           DB_PORT: 3306
           DB_DATABASE: test
           DB_USERNAME: root
           DB_PASSWORD: test
-          REDIS_HOST: localhost
+          REDIS_HOST: redis
           REDIS_PORT: 6379
 
   security-scan:
     runs-on: ubuntu-latest
+    container:
+      image: node:18-bullseye
     needs: test
 
     steps:
+      - name: Install System Dependencies
+        run: |
+          apt-get update
+          apt-get install -y git curl wget gnupg2 software-properties-common lsb-release ca-certificates apt-transport-https
+
       - name: Checkout Code
         uses: actions/checkout@v4
 
       - name: Setup PHP
-        uses: shivammathur/setup-php@v2
+        run: |
-        with:
+          # Install PHP 8.4
-          php-version: ${{ env.PHP_VERSION }}
+          wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
-          tools: composer
+          echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list
-          coverage: none
+          apt-get update
+          apt-get install -y php8.4-cli php8.4-common php8.4-curl php8.4-zip php8.4-gd php8.4-mysql php8.4-xml php8.4-mbstring php8.4-json php8.4-intl php8.4-bcmath
+
+      - name: Install Composer
+        run: |
+          curl -sS https://getcomposer.org/installer | php
+          mv composer.phar /usr/local/bin/composer
+          chmod +x /usr/local/bin/composer
 
       - name: Install Dependencies
         run: |
@@ -126,15 +148,6 @@ jobs:
       - name: Checkout Code
         uses: actions/checkout@v4
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Configure Docker for Insecure Registry
-        run: |
-          # For self-signed certificates or local registry
-          echo '{"insecure-registries":["localhost:5000","registry.michaelschiemer.de"]}' | sudo tee /etc/docker/daemon.json
-          sudo systemctl restart docker
-
       - name: Login to Private Registry
         run: |
           echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY_URL }} -u admin --password-stdin
@@ -152,33 +165,38 @@ jobs:
 
       - name: Build and Push PHP Image
         run: |
-          docker buildx build --push \
+          docker build \
-            --platform linux/amd64 \
             --build-arg ENV=${{ steps.tag.outputs.env }} \
             --build-arg COMPOSER_INSTALL_FLAGS="--no-scripts --no-autoloader --optimize-autoloader" \
             -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:${{ steps.tag.outputs.tag }} \
             -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:${{ github.sha }} \
             -f docker/php/Dockerfile .
 
+          docker push ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:${{ steps.tag.outputs.tag }}
+          docker push ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:${{ github.sha }}
+
       - name: Build and Push Nginx Image
         run: |
-          docker buildx build --push \
+          docker build \
-            --platform linux/amd64 \
             -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/nginx:${{ steps.tag.outputs.tag }} \
             -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/nginx:${{ github.sha }} \
             -f docker/nginx/Dockerfile .
 
+          docker push ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/nginx:${{ steps.tag.outputs.tag }}
+          docker push ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/nginx:${{ github.sha }}
+
       - name: Build and Push Worker Image
         run: |
-          docker buildx build --push \
+          docker build \
-            --platform linux/amd64 \
             -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/worker:${{ steps.tag.outputs.tag }} \
             -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/worker:${{ github.sha }} \
             -f docker/worker/Dockerfile .
 
+          docker push ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/worker:${{ steps.tag.outputs.tag }}
+          docker push ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/worker:${{ github.sha }}
+
       - name: Update Image Tags in Deployment
         run: |
-          # Für spätere Ansible-Integration
           echo "Built images with tag: ${{ steps.tag.outputs.tag }}"
           echo "SHA: ${{ github.sha }}"
 
@@ -192,6 +210,11 @@ jobs:
       - name: Checkout Code
         uses: actions/checkout@v4
 
+      - name: Install SSH Client
+        run: |
+          apt-get update
+          apt-get install -y openssh-client
+
       - name: Setup SSH
         run: |
           mkdir -p ~/.ssh
@@ -238,6 +261,11 @@ jobs:
       - name: Checkout Code
         uses: actions/checkout@v4
 
+      - name: Install SSH Client
+        run: |
+          apt-get update
+          apt-get install -y openssh-client
+
       - name: Setup SSH
         run: |
           mkdir -p ~/.ssh
@@ -283,8 +311,6 @@ jobs:
       - name: Clean up old images
         run: |
           echo "Cleanup läuft..."
-          # Registry cleanup can be implemented here using registry API
-          # For now, just log that cleanup is running
           echo "Cleanup abgeschlossen"
 
   notify:
@@ -303,6 +329,3 @@ jobs:
           else
             echo "❌ Deployment fehlgeschlagen für Branch: $BRANCH"
           fi
-
-          # Hier könnten Sie Slack/Email-Benachrichtigungen hinzufügen
-          # Example: curl -X POST -H 'Content-type: application/json' --data '{"text":"Deployment Status: $STATUS for $BRANCH"}' $SLACK_WEBHOOK_URL