name: CI on: push: branches: [main] tags-ignore: - 'v*' pull_request: branches: [main] jobs: build: runs-on: ubuntu-latest container: image: maven:3.9-eclipse-temurin-17 steps: - name: Install Node.js run: | apt-get update && apt-get install -y nodejs - uses: actions/checkout@v4 - name: Configure Gitea Maven Registry run: | mkdir -p ~/.m2 cat > ~/.m2/settings.xml << 'SETTINGS' gitea cameleer ${env.REGISTRY_TOKEN} SETTINGS env: REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} - name: Cache Maven dependencies uses: actions/cache@v4 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-maven- - name: Build and Test run: mvn clean verify -DskipITs --batch-mode docker: needs: build runs-on: ubuntu-latest if: github.ref == 'refs/heads/main' container: image: docker:27 steps: - name: Checkout run: | apk add --no-cache git git clone --depth=1 --branch=${GITHUB_REF_NAME} https://cameleer:${REGISTRY_TOKEN}@gitea.siegeln.net/${GITHUB_REPOSITORY}.git . env: REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} - name: Login to registry run: echo "$REGISTRY_TOKEN" | docker login gitea.siegeln.net -u cameleer --password-stdin env: REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} - name: Set up QEMU for cross-platform builds run: docker run --rm --privileged tonistiigi/binfmt --install all - name: Build and push run: | docker buildx create --use --name cibuilder docker buildx build --platform linux/amd64 \ --build-arg REGISTRY_TOKEN="$REGISTRY_TOKEN" \ -t gitea.siegeln.net/cameleer/cameleer3-server:${{ github.sha }} \ -t gitea.siegeln.net/cameleer/cameleer3-server:latest \ --cache-from type=registry,ref=gitea.siegeln.net/cameleer/cameleer3-server:buildcache \ --cache-to type=registry,ref=gitea.siegeln.net/cameleer/cameleer3-server:buildcache,mode=max \ --provenance=false \ --push . env: REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} - name: Cleanup local Docker run: docker system prune -af --filter "until=24h" if: always() - name: Cleanup old container images run: | apk add --no-cache curl jq API="https://gitea.siegeln.net/api/v1" AUTH="Authorization: token ${REGISTRY_TOKEN}" CURRENT_SHA="${{ github.sha }}" curl -sf -H "$AUTH" "$API/packages/cameleer/container/cameleer3-server" | \ jq -r '.[] | "\(.id) \(.version)"' | \ while read id version; do if [ "$version" != "latest" ] && [ "$version" != "$CURRENT_SHA" ]; then echo "Deleting old image tag: $version" curl -sf -X DELETE -H "$AUTH" "$API/packages/cameleer/container/cameleer3-server/$version" fi done env: REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} if: always() deploy: needs: docker runs-on: ubuntu-latest if: github.ref == 'refs/heads/main' container: image: bitnami/kubectl:latest steps: - name: Checkout run: | git clone --depth=1 --branch=${GITHUB_REF_NAME} https://cameleer:${REGISTRY_TOKEN}@gitea.siegeln.net/${GITHUB_REPOSITORY}.git . env: REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} - name: Configure kubectl run: | mkdir -p ~/.kube echo "$KUBECONFIG_B64" | base64 -d > ~/.kube/config env: KUBECONFIG_B64: ${{ secrets.KUBECONFIG_BASE64 }} - name: Deploy run: | kubectl create namespace cameleer --dry-run=client -o yaml | kubectl apply -f - kubectl create secret docker-registry gitea-registry \ --namespace=cameleer \ --docker-server=gitea.siegeln.net \ --docker-username=cameleer \ --docker-password="$REGISTRY_TOKEN" \ --dry-run=client -o yaml | kubectl apply -f - kubectl create secret generic cameleer-auth \ --namespace=cameleer \ --from-literal=CAMELEER_AUTH_TOKEN="$CAMELEER_AUTH_TOKEN" \ --dry-run=client -o yaml | kubectl apply -f - kubectl apply -f deploy/clickhouse.yaml kubectl -n cameleer rollout status statefulset/clickhouse --timeout=120s kubectl apply -f deploy/server.yaml kubectl -n cameleer set image deployment/cameleer3-server \ server=gitea.siegeln.net/cameleer/cameleer3-server:${{ github.sha }} kubectl -n cameleer rollout status deployment/cameleer3-server --timeout=120s env: REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} CAMELEER_AUTH_TOKEN: ${{ secrets.CAMELEER_AUTH_TOKEN }}