name: CI/CD Pipeline run-name: ${{ gitea.actor }} triggered pipeline on ${{ gitea.ref_name }} on: pull_request: paths: - 'legalconsenthub/**' - 'legalconsenthub-backend/**' - 'api/**' - '.gitea/workflows/ci-cd.yaml' push: branches: - main paths: - 'legalconsenthub/**' - 'legalconsenthub-backend/**' - 'api/**' - '.gitea/workflows/ci-cd.yaml' jobs: # frontend: # runs-on: ubuntu-latest # defaults: # run: # working-directory: ./legalconsenthub # # steps: # - name: Checkout code # uses: actions/checkout@v4 # # - name: Setup Node.js # uses: actions/setup-node@v4 # with: # node-version: '22.16.0' # # - name: Setup Java # uses: actions/setup-java@v4 # with: # distribution: 'temurin' # java-version: '21' # # - name: Setup pnpm # uses: pnpm/action-setup@v4 # with: # version: 10.13.1 # run_install: false # # - name: Get pnpm store directory # id: pnpm-cache # run: | # echo "STORE_PATH=$(pnpm store path)" >> $GITEA_OUTPUT # # - name: Setup pnpm cache # uses: actions/cache@v4 # with: # path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} # key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} # restore-keys: | # ${{ runner.os }}-pnpm-store- # # - name: Install dependencies # run: pnpm install --frozen-lockfile # # - name: Build application # run: pnpm build # # - name: Run linting # run: pnpm lint # # - name: Run type checking # run: pnpm type-check # # - name: Set up Docker Buildx # uses: docker/setup-buildx-action@v3 # # - name: Log in to Gitea Container Registry # if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' # uses: docker/login-action@v3 # with: # registry: gitea.lugnas.de # username: ${{ gitea.actor }} # password: ${{ secrets.DOCKER_PUSH_TOKEN }} # # - name: Extract metadata for Docker # id: meta # uses: docker/metadata-action@v5 # with: # images: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub # tags: | # type=raw,value=latest,enable=${{ gitea.ref == 'refs/heads/main' }} # type=sha,prefix=,format=long # # - name: Build and push Docker image # uses: docker/build-push-action@v5 # with: # context: . # file: ./legalconsenthub/Dockerfile # push: ${{ gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' }} # platforms: linux/amd64 # tags: ${{ steps.meta.outputs.tags }} # labels: ${{ steps.meta.outputs.labels }} # cache-from: type=local,src=/tmp/.buildx-cache # cache-to: type=local,dest=/tmp/.buildx-cache # # - name: Image built successfully # if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' # run: | # echo "✅ Docker image built and pushed successfully" # echo "📦 Image: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub:latest" # echo "📦 Image: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub:${{ gitea.sha }}" # # - name: Dry-run completed # if: gitea.event_name == 'pull_request' # run: | # echo "✅ Dry-run build completed successfully (image not pushed)" backend: runs-on: ubuntu-latest defaults: run: working-directory: ./legalconsenthub-backend steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Java uses: actions/setup-java@v4 with: distribution: 'temurin' java-version: '21' - name: Setup Gradle uses: gradle/gradle-build-action@v2 with: gradle-version: wrapper - name: Make gradlew executable run: chmod +x gradlew - name: Build application run: ./gradlew build -x test - name: Run ktlint check run: ./gradlew ktlintCheck - name: Run tests run: ./gradlew test env: SPRING_PROFILES_ACTIVE: testcontainers - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to Gitea Container Registry if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' uses: docker/login-action@v3 with: registry: gitea.lugnas.de username: ${{ gitea.actor }} password: ${{ secrets.DOCKER_PUSH_TOKEN }} - name: Extract metadata for Docker id: meta uses: docker/metadata-action@v5 with: images: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub-backend tags: | type=raw,value=latest,enable=${{ gitea.ref == 'refs/heads/main' }} type=sha,prefix=,format=long - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: . file: ./legalconsenthub-backend/Dockerfile push: ${{ gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' }} platforms: linux/amd64 tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache - name: Image built successfully if: gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' run: | echo "✅ Docker image built and pushed successfully" echo "📦 Image: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub-backend:latest" echo "📦 Image: gitea.lugnas.de/${{ gitea.repository_owner }}/legalconsenthub-backend:${{ gitea.sha }}" - name: Dry-run completed if: gitea.event_name == 'pull_request' run: | echo "✅ Dry-run build completed successfully (image not pushed)" deploy: runs-on: ubuntu-latest needs: [frontend, backend] if: ${{ gitea.event_name == 'push' && gitea.ref == 'refs/heads/main' }} steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup SSH run: | mkdir -p ~/.ssh chmod 700 ~/.ssh echo "${{ secrets.SYNOLOGY_DEPLOY_KEY }}" > ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa - name: Deploy to server run: | ssh -i ~/.ssh/id_rsa -p 32766 -o StrictHostKeyChecking=accept-new deploy@ds218 "sudo /usr/local/bin/deployLegalconsenthub.sh" - name: Deployment successful run: | echo "✅ Deployment triggered successfully" echo "🚀 Application is being deployed to production"