denis/gremiumhub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(pipeline): Migration from Gitea pipeline to act runner

Browse Source
This commit is contained in:
Denis Lugowski
2025-11-22 17:09:25 +01:00
parent b084041d32
commit 85261efe70
5 changed files with 113 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
.actrc Normal file
View File

@@ -0,0 +1,18 @@
# Act configuration file
# This file contains default options for the act command
# Use the medium-sized Docker image (includes common tools)
-P ubuntu-latest=catthehacker/ubuntu:act-latest
# Enable verbose logging (comment out if too noisy)
# --verbose
# Always use secrets file if it exists
--secret-file .secrets
# Set container architecture
--container-architecture linux/amd64
# Use Docker BuildKit
--env DOCKER_BUILDKIT=1

56
.gitea/workflows/pipeline.yaml → .github/workflows/pipeline.yaml vendored
View File

@@ -1,5 +1,5 @@
name: CI/CD Pipeline name: CI/CD Pipeline
run-name: ${{ gitea.actor }} triggered pipeline on ${{ gitea.ref_name }} run-name: ${{ github.actor }} triggered pipeline on ${{ github.ref_name }}
on: on:
pull_request: pull_request:
@@ -7,7 +7,7 @@ on:
- 'legalconsenthub/**' - 'legalconsenthub/**'
- 'legalconsenthub-backend/**' - 'legalconsenthub-backend/**'
- 'api/**' - 'api/**'
- '.gitea/workflows/pipeline.yaml' - '.github/workflows/pipeline.yaml'
push: push:
branches: branches:
- main - main
@@ -15,10 +15,10 @@ on:
- 'legalconsenthub/**' - 'legalconsenthub/**'
- 'legalconsenthub-backend/**' - 'legalconsenthub-backend/**'
- 'api/**' - 'api/**'
- '.gitea/workflows/pipeline.yaml' - '.github/workflows/pipeline.yaml'
concurrency: concurrency:
group: ci-${{ gitea.ref }} group: ci-${{ github.ref }}
cancel-in-progress: true cancel-in-progress: true
jobs: jobs:
@@ -52,7 +52,7 @@ jobs:
- name: Get pnpm store directory - name: Get pnpm store directory
id: pnpm-cache id: pnpm-cache
run: | run: |
echo "STORE_PATH=$(pnpm store path)" >> $GITEA_OUTPUT echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
- name: Setup pnpm cache - name: Setup pnpm cache
uses: actions/cache@v4 uses: actions/cache@v4
@@ -78,20 +78,20 @@ jobs:
uses: docker/setup-buildx-action@v3 uses: docker/setup-buildx-action@v3
- name: Log in to Gitea Container Registry - name: Log in to Gitea Container Registry
if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: docker/login-action@v3 uses: docker/login-action@v3
with: with:
registry: gitea.lugnas.de registry: gitea.lugnas.de
username: ${{ gitea.actor }} username: ${{ github.actor }}
password: ${{ secrets.DOCKER_PUSH_TOKEN }} password: ${{ secrets.DOCKER_PUSH_TOKEN }}
- name: Extract metadata for Docker - name: Extract metadata for Docker
id: meta id: meta
uses: docker/metadata-action@v5 uses: docker/metadata-action@v5
with: with:
images: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub images: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub
tags: | tags: |
type=raw,value=latest,enable=${{ gitea.ref == 'refs/heads/main' }} type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
type=sha,prefix=,format=long type=sha,prefix=,format=long
- name: Build and push Docker image - name: Build and push Docker image
@@ -99,7 +99,7 @@ jobs:
with: with:
context: . context: .
file: ./legalconsenthub/Dockerfile file: ./legalconsenthub/Dockerfile
push: ${{ gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' }} push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
platforms: linux/amd64 platforms: linux/amd64
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
@@ -107,14 +107,14 @@ jobs:
cache-to: type=local,dest=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache
- name: Image built successfully - name: Image built successfully
if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' if: github.event_name == 'push' && github.ref == 'refs/heads/main'
run: | run: |
echo "✅ Docker image built and pushed successfully" echo "✅ Docker image built and pushed successfully"
echo "📦 Image: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub:latest" echo "📦 Image: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub:latest"
echo "📦 Image: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub:${{ gitea.sha }}" echo "📦 Image: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub:${{ github.sha }}"
- name: Dry-run completed - name: Dry-run completed
if: gitea.event_name == 'pull_request' if: github.event_name == 'pull_request'
run: | run: |
echo "✅ Dry-run build completed successfully (image not pushed)" echo "✅ Dry-run build completed successfully (image not pushed)"
@@ -162,20 +162,20 @@ jobs:
uses: docker/setup-buildx-action@v3 uses: docker/setup-buildx-action@v3
- name: Log in to Gitea Container Registry - name: Log in to Gitea Container Registry
if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: docker/login-action@v3 uses: docker/login-action@v3
with: with:
registry: gitea.lugnas.de registry: gitea.lugnas.de
username: ${{ gitea.actor }} username: ${{ github.actor }}
password: ${{ secrets.DOCKER_PUSH_TOKEN }} password: ${{ secrets.DOCKER_PUSH_TOKEN }}
- name: Extract metadata for Docker - name: Extract metadata for Docker
id: meta id: meta
uses: docker/metadata-action@v5 uses: docker/metadata-action@v5
with: with:
images: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub-backend images: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub-backend
tags: | tags: |
type=raw,value=latest,enable=${{ gitea.ref == 'refs/heads/main' }} type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
type=sha,prefix=,format=long type=sha,prefix=,format=long
- name: Build and push Docker image - name: Build and push Docker image
@@ -183,7 +183,7 @@ jobs:
with: with:
context: . context: .
file: ./legalconsenthub-backend/Dockerfile file: ./legalconsenthub-backend/Dockerfile
push: ${{ gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' }} push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
platforms: linux/amd64 platforms: linux/amd64
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
@@ -191,33 +191,26 @@ jobs:
cache-to: type=local,dest=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache
- name: Image built successfully - name: Image built successfully
if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' if: github.event_name == 'push' && github.ref == 'refs/heads/main'
run: | run: |
echo "✅ Docker image built and pushed successfully" echo "✅ Docker image built and pushed successfully"
echo "📦 Image: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub-backend:latest" echo "📦 Image: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub-backend:latest"
echo "📦 Image: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub-backend:${{ gitea.sha }}" echo "📦 Image: gitea.lugnas.de/${{ github.repository_owner }}/legalconsenthub-backend:${{ github.sha }}"
- name: Dry-run completed - name: Dry-run completed
if: gitea.event_name == 'pull_request' if: github.event_name == 'pull_request'
run: | run: |
echo "✅ Dry-run build completed successfully (image not pushed)" echo "✅ Dry-run build completed successfully (image not pushed)"
deploy: deploy:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: [frontend, backend] needs: [frontend, backend]
if: ${{ gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' }} if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Setup SSH
run: |
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "${{ secrets.SYNOLOGY_DEPLOY_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
- name: Deploy to server - name: Deploy to server
run: | run: |
ssh -i ~/.ssh/id_rsa -p 32766 -o StrictHostKeyChecking=accept-new deploy@ds218 "sudo /usr/local/bin/deployLegalconsenthub.sh" ssh -i ~/.ssh/id_rsa -p 32766 -o StrictHostKeyChecking=accept-new deploy@ds218 "sudo /usr/local/bin/deployLegalconsenthub.sh"
@@ -226,4 +219,3 @@ jobs:
run: | run: |
echo "✅ Deployment triggered successfully" echo "✅ Deployment triggered successfully"
echo "🚀 Application is being deployed to production" echo "🚀 Application is being deployed to production"

3
.gitignore vendored
View File

@@ -32,6 +32,9 @@ sqlite.db
.env.* .env.*
!.env.example !.env.example
# Act secrets file
.secrets
HELP.md HELP.md
.gradle .gradle
build/ build/

28
CLAUDE.md
View File

@@ -54,7 +54,7 @@ The application follows a **three-tier architecture**:
#### Infrastructure #### Infrastructure
- **Containerization**: Docker - **Containerization**: Docker
- **Orchestration**: Docker Compose (dev and prod configurations) - **Orchestration**: Docker Compose (dev and prod configurations)
- **CI/CD**: Gitea workflows (`.gitea/workflows/pipeline.yaml`) - **CI/CD**: Local act execution with GitHub Actions format (`.github/workflows/pipeline.yaml`)
--- ---
@@ -475,6 +475,7 @@ Main config in `src/main/resources/application.yaml`:
- pnpm 10.11.0+ - pnpm 10.11.0+
- Java 21 - Java 21
- PostgreSQL (or use Docker) - PostgreSQL (or use Docker)
- act (for running CI/CD workflows locally)
**Frontend**: **Frontend**:
```bash ```bash
@@ -501,6 +502,28 @@ docker-compose -f deployment/docker-compose-dev.yaml up
docker-compose -f deployment/docker-compose-prod.yaml up docker-compose -f deployment/docker-compose-prod.yaml up
``` ```
### CI/CD with Act
Workflows are executed locally using nektos/act:
```bash
# List workflows
act -l
# Run specific jobs
act -j frontend
act -j backend
# Run all jobs
act push
# Run with secrets (for Docker push/deploy)
act push --secret-file .secrets
# Dry run
act -n
```
--- ---
## Testing ## Testing
@@ -532,7 +555,8 @@ docker-compose -f deployment/docker-compose-prod.yaml up
- OpenAPI Specification: `api/legalconsenthub.yml` - OpenAPI Specification: `api/legalconsenthub.yml`
- Thymeleaf Template: `legalconsenthub-backend/src/main/resources/templates/application_form_template.html` - Thymeleaf Template: `legalconsenthub-backend/src/main/resources/templates/application_form_template.html`
- CI/CD Pipeline: `.gitea/workflows/pipeline.yaml` - CI/CD Pipeline: `.github/workflows/pipeline.yaml`
- Act Configuration: `.actrc` and `.secrets.example`
- Database Management Script: `manage-db.sh` - Database Management Script: `manage-db.sh`
- Test Data: `testdata.json` - Test Data: `testdata.json`
- IT System Config: `it-system.json` - IT System Config: `it-system.json`

47
README.md
View File

@@ -4,11 +4,48 @@ A comprehensive platform for digital applications, approvals, and discussions, d
## Documentation ## Documentation
For detailed documentation, architecture, and development guidelines, see [claude.md](./claude.md). For detailed documentation, architecture, and development guidelines, see [CLAUDE.md](./CLAUDE.md).
## Issues ## CI/CD with Act
### Pipeline Issues This project uses [nektos/act](https://nektosact.com/) for local workflow execution. Workflows are defined in `.github/workflows/` in GitHub Actions format.
- Gitea config can cause issues. When runner is not picking up jobs, run runner without config. ### Running Workflows Locally
- Backend tests fail when a Postgres database is running on the host machine.
```bash
# List available workflows and jobs
act -l
# Run specific jobs
act -j frontend # Run frontend job only
act -j backend # Run backend job only
# Run all jobs for push event
act push
# Run with secrets (required for Docker push and deployment)
act push --secret-file .secrets
# Dry run to see what would execute
act -n
# Run a specific workflow file
act -W .github/workflows/pipeline.yaml
```
### Setup
1. Ensure [act](https://nektosact.com/) is installed (already available locally)
2. Copy `.secrets.example` to `.secrets` and fill in your credentials:
```bash
cp .secrets.example .secrets
# Edit .secrets with your actual tokens/keys
```
3. The `.actrc` file contains default configuration for act
### Important Notes
- **Manual Execution**: Workflows must be run manually via `act` command
- **Secrets Required**: Docker push and deployment require secrets from `.secrets` file
- **No Automation**: Unlike traditional CI/CD, act runs locally on demand
- Backend tests may fail if PostgreSQL is running on the host machine