From 5cc0635630331ee1189f36de05f41efc677412ef Mon Sep 17 00:00:00 2001 From: Denis Lugowski Date: Tue, 10 Mar 2026 19:03:21 +0100 Subject: [PATCH] feat(pipeline): Add Gitea pipeline back --- .github/workflows/pipeline.yaml | 447 ++++++++++++++++---------------- 1 file changed, 226 insertions(+), 221 deletions(-) diff --git a/.github/workflows/pipeline.yaml b/.github/workflows/pipeline.yaml index 95987ef..ea9a4fa 100644 --- a/.github/workflows/pipeline.yaml +++ b/.github/workflows/pipeline.yaml @@ -1,221 +1,226 @@ -#name: CI/CD Pipeline -#run-name: ${{ github.actor }} triggered pipeline on ${{ github.ref_name }} -# -#on: -# pull_request: -# paths: -# - 'legalconsenthub/**' -# - 'legalconsenthub-backend/**' -# - 'api/**' -# - '.github/workflows/pipeline.yaml' -# push: -# branches: -# - main -# paths: -# - 'legalconsenthub/**' -# - 'legalconsenthub-backend/**' -# - 'api/**' -# - '.github/workflows/pipeline.yaml' -# -#concurrency: -# group: ci-${{ github.ref }} -# cancel-in-progress: true -# -#jobs: -# frontend: -# runs-on: ubuntu-latest -# defaults: -# run: -# working-directory: ./legalconsenthub -# -# steps: -# - name: Checkout code -# uses: actions/checkout@v4 -# -# - name: Setup Node.js -# uses: actions/setup-node@v4 -# with: -# node-version: '22.16.0' -# -# - name: Setup Java -# uses: actions/setup-java@v4 -# with: -# distribution: 'temurin' -# java-version: '21' -# -# - name: Setup pnpm -# uses: pnpm/action-setup@v4 -# with: -# version: 10.13.1 -# run_install: false -# -# - name: Get pnpm store directory -# id: pnpm-cache -# run: | -# echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT -# -# - name: Setup pnpm cache -# uses: actions/cache@v4 -# with: -# path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} -# key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} -# restore-keys: | -# ${{ runner.os }}-pnpm-store- -# -# - name: Install dependencies -# run: pnpm install --frozen-lockfile -# -# - name: Build application -# run: pnpm build -# -# - name: Run linting -# run: pnpm lint -# -# - name: Run type checking -# run: pnpm type-check -# -# - name: Set up Docker Buildx -# uses: docker/setup-buildx-action@v3 -# -# - name: Log in to Gitea Container Registry -# if: github.event_name == 'push' && github.ref == 'refs/heads/main' -# uses: docker/login-action@v3 -# with: -# registry: gitea.lugnas.de -# username: ${{ github.actor }} -# password: ${{ secrets.DOCKER_PUSH_TOKEN }} -# -# - name: Extract metadata for Docker -# id: meta -# uses: docker/metadata-action@v5 -# with: -# images: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub -# tags: | -# type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} -# type=sha,prefix=,format=long -# -# - name: Build and push Docker image -# uses: docker/build-push-action@v5 -# with: -# context: . -# file: ./legalconsenthub/Dockerfile -# push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} -# platforms: linux/amd64 -# tags: ${{ steps.meta.outputs.tags }} -# labels: ${{ steps.meta.outputs.labels }} -# cache-from: type=local,src=/tmp/.buildx-cache -# cache-to: type=local,dest=/tmp/.buildx-cache -# -# - name: Image built successfully -# if: github.event_name == 'push' && github.ref == 'refs/heads/main' -# run: | -# echo "✅ Docker image built and pushed successfully" -# echo "📦 Image: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub:latest" -# echo "📦 Image: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub:${{ github.sha }}" -# -# - name: Dry-run completed -# if: github.event_name == 'pull_request' -# run: | -# echo "✅ Dry-run build completed successfully (image not pushed)" -# -# backend: -# runs-on: ubuntu-latest -# -# defaults: -# run: -# working-directory: ./legalconsenthub-backend -# -# steps: -# - name: Checkout code -# uses: actions/checkout@v4 -# -# - name: Setup Java -# uses: actions/setup-java@v4 -# with: -# distribution: 'temurin' -# java-version: '21' -# -# - name: Setup Gradle cache -# uses: actions/cache@v4 -# with: -# path: | -# ~/.gradle/caches -# ~/.gradle/wrapper -# legalconsenthub-backend/.gradle -# key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} -# restore-keys: | -# ${{ runner.os }}-gradle- -# -# - name: Build application -# run: ./gradlew build -x test -# -# - name: Run ktlint check -# run: ./gradlew ktlintCheck -# -# - name: Run tests -# run: ./gradlew test -# env: -# # Fixes Ryuk testcontainers error during test (https://github.com/testcontainers/testcontainers-java/issues/7036) -# TESTCONTAINERS_HOST_OVERRIDE: host.docker.internal -# -# - name: Set up Docker Buildx -# uses: docker/setup-buildx-action@v3 -# -# - name: Log in to Gitea Container Registry -# if: github.event_name == 'push' && github.ref == 'refs/heads/main' -# uses: docker/login-action@v3 -# with: -# registry: gitea.lugnas.de -# username: ${{ github.actor }} -# password: ${{ secrets.DOCKER_PUSH_TOKEN }} -# -# - name: Extract metadata for Docker -# id: meta -# uses: docker/metadata-action@v5 -# with: -# images: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub-backend -# tags: | -# type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} -# type=sha,prefix=,format=long -# -# - name: Build and push Docker image -# uses: docker/build-push-action@v5 -# with: -# context: . -# file: ./legalconsenthub-backend/Dockerfile -# push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} -# platforms: linux/amd64 -# tags: ${{ steps.meta.outputs.tags }} -# labels: ${{ steps.meta.outputs.labels }} -# cache-from: type=local,src=/tmp/.buildx-cache -# cache-to: type=local,dest=/tmp/.buildx-cache -# -# - name: Image built successfully -# if: github.event_name == 'push' && github.ref == 'refs/heads/main' -# run: | -# echo "✅ Docker image built and pushed successfully" -# echo "📦 Image: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub-backend:latest" -# echo "📦 Image: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub-backend:${{ github.sha }}" -# -# - name: Dry-run completed -# if: github.event_name == 'pull_request' -# run: | -# echo "✅ Dry-run build completed successfully (image not pushed)" -# -# deploy: -# runs-on: ubuntu-latest -# needs: [frontend, backend] -# if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} -# -# steps: -# - name: Checkout code -# uses: actions/checkout@v4 -# -# - name: Deploy to server -# run: | -# ssh -i ~/.ssh/id_rsa -p 32766 -o StrictHostKeyChecking=accept-new deploy@ds218 "sudo /usr/local/bin/deployLegalconsenthub.sh" -# -# - name: Deployment successful -# run: | -# echo "✅ Deployment triggered successfully" -# echo "🚀 Application is being deployed to production" +name: CI/CD Pipeline +run-name: ${{ github.actor }} triggered pipeline on ${{ github.ref_name }} + +on: + pull_request: + paths: + - 'legalconsenthub/**' + - 'legalconsenthub-backend/**' + - 'api/**' + - '.github/workflows/pipeline.yaml' + push: + branches: + - main + paths: + - 'legalconsenthub/**' + - 'legalconsenthub-backend/**' + - 'api/**' + - '.github/workflows/pipeline.yaml' + +concurrency: + group: ci-${{ github.ref }} + cancel-in-progress: true + +jobs: + frontend: + runs-on: ubuntu-latest + defaults: + run: + working-directory: ./legalconsenthub + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '22.16.0' + + - name: Setup Java + uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '21' + + - name: Setup pnpm + uses: pnpm/action-setup@v4 + with: + version: 10.13.1 + run_install: false + + - name: Get pnpm store directory + id: pnpm-cache + run: | + echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT + + - name: Setup pnpm cache + uses: actions/cache@v4 + with: + path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} + key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} + restore-keys: | + ${{ runner.os }}-pnpm-store- + + - name: Install dependencies + run: pnpm install --frozen-lockfile + + - name: Build application + run: pnpm build + + - name: Run linting + run: pnpm lint + + - name: Run type checking + run: pnpm type-check + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to Gitea Container Registry + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + uses: docker/login-action@v3 + with: + registry: git.gremiumhub.de + username: ${{ github.actor }} + password: ${{ secrets.DOCKER_PUSH_TOKEN }} + + - name: Extract metadata for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: git.gremiumhub.de/${{ github.repository_owner }}/legalconsenthub + tags: | + type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} + type=sha,prefix=,format=long + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./legalconsenthub/Dockerfile + push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} + platforms: linux/amd64 + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=local,src=/tmp/.buildx-cache-frontend + cache-to: type=local,dest=/tmp/.buildx-cache-frontend,mode=max + + - name: Image built successfully + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + run: | + echo "✅ Docker image built and pushed successfully" + echo "📦 Image: git.gremiumhub.de/${{ github.repository_owner }}/legalconsenthub:latest" + echo "📦 Image: git.gremiumhub.de/${{ github.repository_owner }}/legalconsenthub:${{ github.sha }}" + + - name: Dry-run completed + if: github.event_name == 'pull_request' + run: | + echo "✅ Dry-run build completed successfully (image not pushed)" + + backend: + runs-on: ubuntu-latest + + defaults: + run: + working-directory: ./legalconsenthub-backend + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Java + uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '21' + + - name: Setup Gradle cache + uses: actions/cache@v4 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + legalconsenthub-backend/.gradle + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} + restore-keys: | + ${{ runner.os }}-gradle- + + - name: Build application + run: ./gradlew build -x test + + - name: Run ktlint check + run: ./gradlew ktlintCheck + + - name: Run tests + run: ./gradlew test + env: + # Fixes Ryuk testcontainers error during test (https://github.com/testcontainers/testcontainers-java/issues/7036) + TESTCONTAINERS_HOST_OVERRIDE: host.docker.internal + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to Gitea Container Registry + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + uses: docker/login-action@v3 + with: + registry: git.gremiumhub.de + username: ${{ github.actor }} + password: ${{ secrets.DOCKER_PUSH_TOKEN }} + + - name: Extract metadata for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: git.gremiumhub.de/${{ github.repository_owner }}/legalconsenthub-backend + tags: | + type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} + type=sha,prefix=,format=long + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./legalconsenthub-backend/Dockerfile + push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} + platforms: linux/amd64 + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=local,src=/tmp/.buildx-cache-backend + cache-to: type=local,dest=/tmp/.buildx-cache-backend,mode=max + + - name: Image built successfully + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + run: | + echo "✅ Docker image built and pushed successfully" + echo "📦 Image: git.gremiumhub.de/${{ github.repository_owner }}/legalconsenthub-backend:latest" + echo "📦 Image: git.gremiumhub.de/${{ github.repository_owner }}/legalconsenthub-backend:${{ github.sha }}" + + - name: Dry-run completed + if: github.event_name == 'pull_request' + run: | + echo "✅ Dry-run build completed successfully (image not pushed)" + + deploy: + runs-on: ubuntu-latest + needs: [frontend, backend] + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + + steps: + - name: Trigger Coolify redeploy (frontend) + run: | + curl -s -X POST \ + -H "Authorization: Bearer ${{ secrets.COOLIFY_DEPLOY_TOKEN }}" \ + "https://coolify.gremiumhub.de/api/v1/deploy?uuid=${{ secrets.COOLIFY_FRONTEND_UUID }}&force=false" + + - name: Trigger Coolify redeploy (backend) + run: | + curl -s -X POST \ + -H "Authorization: Bearer ${{ secrets.COOLIFY_DEPLOY_TOKEN }}" \ + "https://coolify.gremiumhub.de/api/v1/deploy?uuid=${{ secrets.COOLIFY_BACKEND_UUID }}&force=false" + + - name: Deployment triggered + run: | + echo "✅ Coolify redeployment triggered successfully" + echo "🚀 Frontend and backend are being redeployed"