michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update ci-cd.yml

Browse Source
This commit is contained in:
Michael Schiemer
2025-07-17 21:33:29 +02:00
parent 874eff08aa
commit 8af6264b80
1 changed files with 203 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
.gitea/workflows/ci-cd.yml
View File

@@ -7,7 +7,8 @@ on:
branches: [ main ] branches: [ main ]
env: env:
REGISTRY_URL: registry.michaelschiemer.de REGISTRY_URL: localhost:5000 # For local development
# REGISTRY_URL: registry.michaelschiemer.de # For production with proper SSL
IMAGE_NAME: michaelschiemer IMAGE_NAME: michaelschiemer
PHP_VERSION: "8.4" PHP_VERSION: "8.4"
@@ -17,11 +18,15 @@ jobs:
services: services:
redis: redis:
image: redis:8-alpine image: redis:8-alpine
ports:
- 6379:6379
mariadb: mariadb:
image: mariadb:latest image: mariadb:latest
env: env:
MYSQL_ROOT_PASSWORD: test MYSQL_ROOT_PASSWORD: test
MYSQL_DATABASE: test MYSQL_DATABASE: test
ports:
- 3306:3306
steps: steps:
- name: Debug Environment - name: Debug Environment
@@ -39,9 +44,7 @@ jobs:
echo "=== End Debug ===" echo "=== End Debug ==="
- name: Checkout Code - name: Checkout Code
run: | uses: actions/checkout@v4
git clone --depth=1 --branch=${{ github.ref_name }} ${{ github.server_url }}/${{ github.repository }} .
ls -la
- name: Setup PHP - name: Setup PHP
uses: shivammathur/setup-php@v2 uses: shivammathur/setup-php@v2
@@ -58,7 +61,7 @@ jobs:
cache: 'npm' cache: 'npm'
- name: Cache Composer Dependencies - name: Cache Composer Dependencies
uses: actions/cache@v3 uses: actions/cache@v4
with: with:
path: ~/.composer/cache path: ~/.composer/cache
key: composer-${{ hashFiles('**/composer.lock') }} key: composer-${{ hashFiles('**/composer.lock') }}
@@ -79,12 +82,12 @@ jobs:
run: | run: |
./vendor/bin/pest ./vendor/bin/pest
env: env:
DB_HOST: mariadb DB_HOST: localhost
DB_PORT: 3306 DB_PORT: 3306
DB_DATABASE: test DB_DATABASE: test
DB_USERNAME: root DB_USERNAME: root
DB_PASSWORD: test DB_PASSWORD: test
REDIS_HOST: redis REDIS_HOST: localhost
REDIS_PORT: 6379 REDIS_PORT: 6379
security-scan: security-scan:
@@ -93,9 +96,7 @@ jobs:
steps: steps:
- name: Checkout Code - name: Checkout Code
run: | uses: actions/checkout@v4
git clone --depth=1 --branch=${{ github.ref_name }} ${{ github.server_url }}/${{ github.repository }} .
ls -la
- name: Setup PHP - name: Setup PHP
uses: shivammathur/setup-php@v2 uses: shivammathur/setup-php@v2
@@ -123,16 +124,20 @@ jobs:
steps: steps:
- name: Checkout Code - name: Checkout Code
run: | uses: actions/checkout@v4
git clone --depth=1 --branch=${{ github.ref_name }} ${{ github.server_url }}/${{ github.repository }} .
ls -la
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3 uses: docker/setup-buildx-action@v3
- name: Configure Docker for Insecure Registry
run: |
# For self-signed certificates or local registry
echo '{"insecure-registries":["localhost:5000","registry.michaelschiemer.de"]}' | sudo tee /etc/docker/daemon.json
sudo systemctl restart docker
- name: Login to Private Registry - name: Login to Private Registry
run: | run: |
echo ${{ secrets.REGISTRY_PASSWORD }} | docker login ${{ env.REGISTRY_URL }} -u ${{ secrets.REGISTRY_USERNAME }} --password-stdin echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY_URL }} -u admin --password-stdin
- name: Determine Image Tag - name: Determine Image Tag
id: tag id: tag
@@ -148,7 +153,7 @@ jobs:
- name: Build and Push PHP Image - name: Build and Push PHP Image
run: | run: |
docker buildx build --push \ docker buildx build --push \
--platform linux/amd64,linux/arm64 \ --platform linux/amd64 \
--build-arg ENV=${{ steps.tag.outputs.env }} \ --build-arg ENV=${{ steps.tag.outputs.env }} \
--build-arg COMPOSER_INSTALL_FLAGS="--no-scripts --no-autoloader --optimize-autoloader" \ --build-arg COMPOSER_INSTALL_FLAGS="--no-scripts --no-autoloader --optimize-autoloader" \
-t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:${{ steps.tag.outputs.tag }} \ -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:${{ steps.tag.outputs.tag }} \
@@ -158,7 +163,7 @@ jobs:
- name: Build and Push Nginx Image - name: Build and Push Nginx Image
run: | run: |
docker buildx build --push \ docker buildx build --push \
--platform linux/amd64,linux/arm64 \ --platform linux/amd64 \
-t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/nginx:${{ steps.tag.outputs.tag }} \ -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/nginx:${{ steps.tag.outputs.tag }} \
-t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/nginx:${{ github.sha }} \ -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/nginx:${{ github.sha }} \
-f docker/nginx/Dockerfile . -f docker/nginx/Dockerfile .
@@ -166,7 +171,7 @@ jobs:
- name: Build and Push Worker Image - name: Build and Push Worker Image
run: | run: |
docker buildx build --push \ docker buildx build --push \
--platform linux/amd64,linux/arm64 \ --platform linux/amd64 \
-t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/worker:${{ steps.tag.outputs.tag }} \ -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/worker:${{ steps.tag.outputs.tag }} \
-t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/worker:${{ github.sha }} \ -t ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/worker:${{ github.sha }} \
-f docker/worker/Dockerfile . -f docker/worker/Dockerfile .
@@ -185,9 +190,7 @@ jobs:
steps: steps:
- name: Checkout Code - name: Checkout Code
run: | uses: actions/checkout@v4
git clone --depth=1 --branch=${{ github.ref_name }} ${{ github.server_url }}/${{ github.repository }} .
ls -la
- name: Setup SSH - name: Setup SSH
run: | run: |
@@ -202,7 +205,7 @@ jobs:
cd /var/www/michaelschiemer cd /var/www/michaelschiemer
# Registry-Login # Registry-Login
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY_URL }} -u ${{ secrets.REGISTRY_USERNAME }} --password-stdin echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY_URL }} -u admin --password-stdin
# Images pullen # Images pullen
docker pull ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:develop docker pull ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:develop
@@ -233,9 +236,7 @@ jobs:
steps: steps:
- name: Checkout Code - name: Checkout Code
run: | uses: actions/checkout@v4
git clone --depth=1 --branch=${{ github.ref_name }} ${{ github.server_url }}/${{ github.repository }} .
ls -la
- name: Setup SSH - name: Setup SSH
run: | run: |
@@ -250,7 +251,7 @@ jobs:
cd /var/www/michaelschiemer cd /var/www/michaelschiemer
# Registry-Login # Registry-Login
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY_URL }} -u ${{ secrets.REGISTRY_USERNAME }} --password-stdin echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY_URL }} -u admin --password-stdin
# Images pullen # Images pullen
docker pull ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:latest docker pull ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}/php:latest
@@ -282,7 +283,8 @@ jobs:
- name: Clean up old images - name: Clean up old images
run: | run: |
echo "Cleanup läuft..." echo "Cleanup läuft..."
# Hier könnten Sie Registry-API-Calls für Cleanup implementieren # Registry cleanup can be implemented here using registry API
# For now, just log that cleanup is running
echo "Cleanup abgeschlossen" echo "Cleanup abgeschlossen"
notify: notify:
@@ -303,3 +305,4 @@ jobs:
fi fi
# Hier könnten Sie Slack/Email-Benachrichtigungen hinzufügen # Hier könnten Sie Slack/Email-Benachrichtigungen hinzufügen
# Example: curl -X POST -H 'Content-type: application/json' --data '{"text":"Deployment Status: $STATUS for $BRANCH"}' $SLACK_WEBHOOK_URL