actions/ci-cd
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

workflow to actions

Browse Source
This commit is contained in:
Torsten Ueberschar
2026-01-18 10:49:21 +01:00
parent 2b16422f5d
commit 6400976d19
10 changed files with 373 additions and 432 deletions
Download Patch File Download Diff File Expand all files Collapse all files

182
.github/actions/build-and-push/action.yaml vendored Normal file
View File

@@ -0,0 +1,182 @@
name: Build and Push Docker Image
description: Build a Docker image and push to a registry
inputs:
registry:
description: Container registry hostname
required: true
image_name:
description: Full image name including registry
required: false
default: ""
tag:
description: Override image tag (defaults to standard tags)
required: false
default: ""
dockerfile:
description: Path to Dockerfile
required: false
default: Dockerfile
context:
description: Build context
required: false
default: .
push:
description: Push image after build
required: false
default: "true"
registry_username:
description: Registry username
required: true
registry_password:
description: Registry password or token
required: true
runs:
using: "composite"
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Resolve image name
shell: bash
env:
REGISTRY: ${{ inputs.registry }}
IMAGE_NAME: ${{ inputs.image_name }}
REPO: ${{ gitea.repository != '' && gitea.repository || github.repository }}
run: |
if [ -z "${IMAGE_NAME}" ]; then
IMAGE_NAME="${REGISTRY}/${REPO}"
fi
echo "IMAGE_NAME=${IMAGE_NAME}" >> "$GITHUB_ENV"
- name: Log in to container registry
uses: docker/login-action@v3
with:
registry: ${{ inputs.registry }}
username: ${{ inputs.registry_username }}
password: ${{ inputs.registry_password }}
- name: Validate registry configuration
shell: bash
env:
REGISTRY: ${{ inputs.registry }}
run: |
if [ -z "${REGISTRY}" ]; then
echo "::error::REGISTRY input is missing or empty"
exit 1
fi
if [ -z "${IMAGE_NAME}" ] || [[ "${IMAGE_NAME}" == */ ]]; then
echo "::error::IMAGE_NAME is empty or malformed (resolved to '${IMAGE_NAME}')"
exit 1
fi
- name: Derive image tags
id: vars
shell: bash
env:
IMAGE_NAME: ${{ env.IMAGE_NAME }}
TAG_INPUT: ${{ inputs.tag }}
run: |
IMAGE="${IMAGE_NAME}"
TAGS=()
if [ -n "${TAG_INPUT}" ]; then
TAGS+=("${IMAGE}:${TAG_INPUT}")
else
TAG_NAME=""
REF="${GITHUB_REF:-${GITEA_REF}}"
SHA="${GITHUB_SHA:-${GITEA_SHA}}"
BRANCH=""
SHORT_SHA="$(git rev-parse --short=7 "${SHA}")"
# Extract tag name when we are on a tag ref (e.g. v1.4)
if [[ "${REF}" =~ refs/tags/(.+) ]]; then
TAG_NAME="${BASH_REMATCH[1]}"
fi
if [[ "${REF}" =~ refs/heads/(.+) ]]; then
BRANCH="${BASH_REMATCH[1]}"
else
# Tag build: detect which branch contains the tagged commit
git fetch --no-tags --depth=1 origin main release develop || true
if git branch -r --contains "${SHA}" | grep -q "origin/main"; then
BRANCH="main"
elif git branch -r --contains "${SHA}" | grep -q "origin/release"; then
BRANCH="release"
elif git branch -r --contains "${SHA}" | grep -q "origin/develop"; then
BRANCH="develop"
fi
fi
TAGS+=("${IMAGE}:${SHORT_SHA}")
[[ -n "${TAG_NAME}" ]] && TAGS+=("${IMAGE}:${TAG_NAME}")
case "${BRANCH}" in
main)
TAGS+=("${IMAGE}:latest")
;;
release*)
TAGS+=("${IMAGE}:latest-rc")
;;
develop)
TAGS+=("${IMAGE}:latest-dev")
;;
*)
TAGS+=("${IMAGE}:latest-snapshot")
;;
esac
fi
echo "Computed tags:"
printf '%s\n' "${TAGS[@]}"
{
echo "tags<<EOF"
printf '%s\n' "${TAGS[@]}"
echo "EOF"
} >> "$GITHUB_OUTPUT"
- name: Show build summary
shell: bash
env:
IMAGE_NAME: ${{ env.IMAGE_NAME }}
run: |
echo "Commit: ${GITHUB_SHA:-${GITEA_SHA}}"
echo "Image: ${IMAGE_NAME}"
echo "Tags:"
printf '%s\n' "${{ steps.vars.outputs.tags }}"
- name: Determine deploy target
id: deploy
shell: bash
run: |
REF="${GITHUB_REF:-${GITEA_REF}}"
SHA="${GITHUB_SHA:-${GITEA_SHA}}"
TARGET="dev"
if [[ "${REF}" == "refs/heads/main" ]]; then
TARGET="prod"
elif [[ "${REF}" =~ refs/tags/ ]]; then
# Tag builds deploy to prod only if the tagged commit is in main
git fetch --no-tags --depth=1 origin main || true
if git branch -r --contains "${SHA}" | grep -q "origin/main"; then
TARGET="prod"
fi
fi
echo "Deploy target: ${TARGET}"
echo "target=${TARGET}" >> "$GITHUB_OUTPUT"
- name: Build and push image
uses: docker/build-push-action@v5
with:
context: ${{ inputs.context }}
file: ${{ inputs.dockerfile }}
push: ${{ inputs.push }}
tags: ${{ steps.vars.outputs.tags }}
build-args: |
VITE_KEYCLOAK_URL=${{ vars.VITE_KEYCLOAK_URL }}
VITE_KEYCLOAK_REALM=${{ vars.VITE_KEYCLOAK_REALM }}
VITE_KEYCLOAK_CLIENT_ID=${{ vars.VITE_KEYCLOAK_CLIENT_ID }}

100
.github/actions/bump-version/action.yaml vendored Normal file
View File

@@ -0,0 +1,100 @@
name: Bump Version
description: Bump npm version, create tag, and push
inputs:
node_version:
description: Node.js version to use
required: false
default: "24"
gitea_token:
description: Token for checkout/push (optional)
required: false
default: ""
outputs:
tag:
description: Created tag
value: ${{ steps.bump.outputs.tag }}
runs:
using: "composite"
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
fetch-tags: true
token: ${{ inputs.gitea_token != '' && inputs.gitea_token || github.token }}
- name: Setup Git
shell: bash
run: |
git config user.name "CI Bot"
git config user.email "ci@git.uesome.de"
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: ${{ inputs.node_version }}
- name: Bump patch version and tag
id: bump
shell: bash
run: |
REF="${GITHUB_REF:-${GITEA_REF}}"
BRANCH="${REF#refs/heads/}"
git fetch origin "${BRANCH}" --tags
git checkout "${BRANCH}"
git pull --ff-only origin "${BRANCH}"
BRANCH_SAFE="$(echo "${BRANCH}" | tr '/[:space:].' '-' | tr -cd '[:alnum:]_-')"
BRANCH_SAFE="$(echo "${BRANCH_SAFE}" | sed 's/^-*//;s/-*$//')"
BRANCH_SAFE="${BRANCH_SAFE:-unknown}"
case "${BRANCH}" in
main)
COMMIT_MSG="$(git log -1 --pretty=%B)"
TARGET_VERSION=""
if [[ "${COMMIT_MSG}" =~ release/([0-9]+)\.([0-9]+) ]]; then
TARGET_VERSION="${BASH_REMATCH[1]}.${BASH_REMATCH[2]}.0"
elif [[ "${COMMIT_MSG}" =~ hotfix/([0-9]+\.[0-9]+\.[0-9]+) ]]; then
TARGET_VERSION="${BASH_REMATCH[1]}"
fi
if [[ -n "${TARGET_VERSION}" ]]; then
npm version "${TARGET_VERSION}" --no-git-tag-version --allow-same-version
BUMP_CMD="npm version patch --no-git-tag-version"
else
npm version patch --no-git-tag-version
BUMP_CMD="npm version patch --no-git-tag-version"
fi
;;
develop)
npm version prerelease --preid=dev --no-git-tag-version
BUMP_CMD="npm version prerelease --preid=dev --no-git-tag-version"
;;
release*)
npm version prerelease --preid=rc-${BRANCH_SAFE} --no-git-tag-version
BUMP_CMD="npm version prerelease --preid=rc-${BRANCH_SAFE} --no-git-tag-version"
;;
*)
npm version prerelease --preid=nightly-${BRANCH_SAFE} --no-git-tag-version
BUMP_CMD="npm version prerelease --preid=nightly-${BRANCH_SAFE} --no-git-tag-version"
;;
esac
VERSION="$(node -p "require('./package.json').version")"
while git rev-parse -q --verify "refs/tags/v${VERSION}" >/dev/null; do
echo "Tag v${VERSION} already exists; trying next version."
${BUMP_CMD}
VERSION="$(node -p "require('./package.json').version")"
done
if git diff --quiet; then
echo "No version file changes; tagging current commit."
else
git add package.json package-lock.json 2>/dev/null || true
git commit -m "update version: v${VERSION}"
fi
TAG="v${VERSION}"
git tag "${TAG}"
git push origin HEAD
git push origin "${TAG}"
echo "tag=${TAG}" >> "${GITHUB_OUTPUT}"

64
.github/actions/deploy-k8s/action.yaml vendored Normal file
View File

@@ -0,0 +1,64 @@
name: Deploy Image to Kubernetes
description: Update a Kubernetes deployment image and wait for rollout
inputs:
tag:
description: Image tag to deploy (e.g. v1.2.3)
required: true
deployment:
description: Kubernetes Deployment name
required: false
default: oumta-app
container:
description: Container name in the Deployment to update
required: false
default: app
namespace:
description: Kubernetes namespace
required: false
default: oumta-dev
registry:
description: Container registry hostname
required: true
image_name:
description: Full image name including registry
required: false
default: ""
kubeconfig:
description: Kubeconfig content
required: true
runs:
using: "composite"
steps:
- name: Install kubectl
uses: azure/setup-kubectl@v4
- name: Resolve image name
shell: bash
env:
REGISTRY: ${{ inputs.registry }}
IMAGE_NAME: ${{ inputs.image_name }}
REPO: ${{ gitea.repository != '' && gitea.repository || github.repository }}
run: |
if [ -z "${IMAGE_NAME}" ]; then
IMAGE_NAME="${REGISTRY}/${REPO}"
fi
echo "IMAGE_NAME=${IMAGE_NAME}" >> "$GITHUB_ENV"
- name: Configure kubeconfig
shell: bash
env:
KUBECONFIG_CONTENT: ${{ inputs.kubeconfig }}
run: |
mkdir -p ~/.kube
printf '%s' "$KUBECONFIG_CONTENT" > ~/.kube/config
chmod 600 ~/.kube/config
- name: Update deployment image
shell: bash
run: |
IMAGE="${IMAGE_NAME}:${{ inputs.tag }}"
kubectl set image deployment/${{ inputs.deployment }} \
${{ inputs.container }}=${IMAGE} \
--namespace ${{ inputs.namespace }}
kubectl rollout status deployment/${{ inputs.deployment }} \
--namespace ${{ inputs.namespace }}

13
.github/workflows/build-and-push-call-example.yaml vendored
View File

@@ -1,13 +0,0 @@
name: Build and Push (via reusable workflow)
run-name: ${{ gitea.actor }} triggers build-and-push
on:
workflow_dispatch:
jobs:
build-and-push:
uses: tanztee/ci-cd/.github/workflows/build-and-push.yml@main
secrets:
REGISTRY: ${{ secrets.REGISTRY }}
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}

184
.github/workflows/build-and-push.yaml vendored
View File

@@ -1,184 +0,0 @@
name: Build and Push Docker Image
run-name: ${{ gitea.actor }} builds and pushes image
on:
workflow_call:
inputs:
registry:
description: Container registry hostname (defaults to secret REGISTRY)
type: string
default: ""
image_name:
description: Full image name including registry (defaults to REGISTRY/repo)
type: string
default: ""
tag:
description: Override image tag (defaults to standard tags)
type: string
default: ""
dockerfile:
description: Path to Dockerfile
type: string
default: Dockerfile
context:
description: Build context
type: string
default: .
push:
description: Push image after build
type: boolean
default: true
secrets:
REGISTRY:
description: Container registry hostname
required: false
REGISTRY_USERNAME:
description: Registry username
required: true
REGISTRY_PASSWORD:
description: Registry password or token
required: true
jobs:
build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
env:
REGISTRY: ${{ inputs.registry != '' && inputs.registry || secrets.REGISTRY }}
IMAGE_NAME: ${{ inputs.image_name }}
TAG_INPUT: ${{ inputs.tag }}
REPO: ${{ gitea.repository }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Resolve image name
run: |
if [ -z "${IMAGE_NAME}" ]; then
IMAGE_NAME="${REGISTRY}/${REPO}"
fi
echo "IMAGE_NAME=${IMAGE_NAME}" >> "$GITHUB_ENV"
- name: Log in to Gitea Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Validate registry configuration
run: |
if [ -z "${REGISTRY}" ]; then
echo "::error::REGISTRY secret is missing or empty"
exit 1
fi
if [ -z "${IMAGE_NAME}" ] || [[ "${IMAGE_NAME}" == */ ]]; then
echo "::error::IMAGE_NAME is empty or malformed (resolved to '${IMAGE_NAME}')"
exit 1
fi
- name: Derive image tags
id: vars
run: |
IMAGE="${IMAGE_NAME}"
TAGS=()
if [ -n "${TAG_INPUT}" ]; then
TAGS+=("${IMAGE}:${TAG_INPUT}")
else
TAG_NAME=""
REF="${GITHUB_REF:-${GITEA_REF}}"
SHA="${GITHUB_SHA:-${GITEA_SHA}}"
BRANCH=""
SHORT_SHA="$(git rev-parse --short=7 "${SHA}")"
# Extract tag name when we are on a tag ref (e.g. v1.4)
if [[ "${REF}" =~ refs/tags/(.+) ]]; then
TAG_NAME="${BASH_REMATCH[1]}"
fi
if [[ "${REF}" =~ refs/heads/(.+) ]]; then
BRANCH="${BASH_REMATCH[1]}"
else
# Tag build: detect which branch contains the tagged commit
git fetch --no-tags --depth=1 origin main release develop || true
if git branch -r --contains "${SHA}" | grep -q "origin/main"; then
BRANCH="main"
elif git branch -r --contains "${SHA}" | grep -q "origin/release"; then
BRANCH="release"
elif git branch -r --contains "${SHA}" | grep -q "origin/develop"; then
BRANCH="develop"
fi
fi
TAGS+=("${IMAGE}:${SHORT_SHA}")
[[ -n "${TAG_NAME}" ]] && TAGS+=("${IMAGE}:${TAG_NAME}")
case "${BRANCH}" in
main)
TAGS+=("${IMAGE}:latest")
;;
release*)
TAGS+=("${IMAGE}:latest-rc")
;;
develop)
TAGS+=("${IMAGE}:latest-dev")
;;
*)
TAGS+=("${IMAGE}:latest-snapshot")
;;
esac
fi
echo "Computed tags:"
printf '%s\n' "${TAGS[@]}"
{
echo "tags<<EOF"
printf '%s\n' "${TAGS[@]}"
echo "EOF"
} >> "$GITHUB_OUTPUT"
- name: Show build summary
run: |
echo "Commit: ${GITHUB_SHA:-${GITEA_SHA}}"
echo "Image: ${IMAGE_NAME}"
echo "Tags:"
printf '%s\n' "${{ steps.vars.outputs.tags }}"
- name: Determine deploy target
id: deploy
run: |
REF="${GITHUB_REF:-${GITEA_REF}}"
SHA="${GITHUB_SHA:-${GITEA_SHA}}"
TARGET="dev"
if [[ "${REF}" == "refs/heads/main" ]]; then
TARGET="prod"
elif [[ "${REF}" =~ refs/tags/ ]]; then
# Tag builds deploy to prod only if the tagged commit is in main
git fetch --no-tags --depth=1 origin main || true
if git branch -r --contains "${SHA}" | grep -q "origin/main"; then
TARGET="prod"
fi
fi
echo "Deploy target: ${TARGET}"
echo "target=${TARGET}" >> "$GITHUB_OUTPUT"
- name: Build and push image
uses: docker/build-push-action@v5
with:
context: ${{ inputs.context }}
file: ${{ inputs.dockerfile }}
push: ${{ inputs.push }}
tags: ${{ steps.vars.outputs.tags }}
build-args: |
VITE_KEYCLOAK_URL=${{ vars.VITE_KEYCLOAK_URL }}
VITE_KEYCLOAK_REALM=${{ vars.VITE_KEYCLOAK_REALM }}
VITE_KEYCLOAK_CLIENT_ID=${{ vars.VITE_KEYCLOAK_CLIENT_ID }}

17
.github/workflows/bump-version-call-example.yaml vendored
View File

@@ -1,17 +0,0 @@
name: Bump Version (via reusable workflow)
run-name: ${{ gitea.actor }} triggers bump-version
on:
workflow_dispatch:
push:
branches:
- main
- develop
jobs:
bump-version:
uses: tanztee/ci-cd/.github/workflows/bump-version.yaml@main
with:
node_version: "24"
secrets:
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}

106
.github/workflows/bump-version.yaml vendored
View File

@@ -1,106 +0,0 @@
name: Bump Version
run-name: ${{ gitea.actor }} runs patch update
on:
workflow_call:
inputs:
node_version:
description: Node.js version to use
type: string
default: "24"
outputs:
tag:
description: Created tag
value: ${{ jobs.bump-version.outputs.tag }}
secrets:
GITEA_TOKEN:
description: Token for checkout/push (optional)
required: false
jobs:
bump-version:
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.bump.outputs.tag }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
fetch-tags: true
token: ${{ secrets.GITEA_TOKEN }}
- name: Setup Git
run: |
git config user.name "CI Bot"
git config user.email "ci@git.uesome.de"
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: ${{ inputs.node_version }}
- name: Bump patch version and tag
id: bump
run: |
REF="${GITHUB_REF:-${GITEA_REF}}"
BRANCH="${REF#refs/heads/}"
git fetch origin "${BRANCH}" --tags
git checkout "${BRANCH}"
git pull --ff-only origin "${BRANCH}"
BRANCH_SAFE="$(echo "${BRANCH}" | tr '/[:space:].' '-' | tr -cd '[:alnum:]_-')"
BRANCH_SAFE="$(echo "${BRANCH_SAFE}" | sed 's/^-*//;s/-*$//')"
BRANCH_SAFE="${BRANCH_SAFE:-unknown}"
case "${BRANCH}" in
main)
COMMIT_MSG="$(git log -1 --pretty=%B)"
TARGET_VERSION=""
if [[ "${COMMIT_MSG}" =~ release/([0-9]+)\.([0-9]+) ]]; then
TARGET_VERSION="${BASH_REMATCH[1]}.${BASH_REMATCH[2]}.0"
elif [[ "${COMMIT_MSG}" =~ hotfix/([0-9]+\.[0-9]+\.[0-9]+) ]]; then
TARGET_VERSION="${BASH_REMATCH[1]}"
fi
if [[ -n "${TARGET_VERSION}" ]]; then
npm version "${TARGET_VERSION}" --no-git-tag-version --allow-same-version
BUMP_CMD="npm version patch --no-git-tag-version"
else
npm version patch --no-git-tag-version
BUMP_CMD="npm version patch --no-git-tag-version"
fi
;;
develop)
npm version prerelease --preid=dev --no-git-tag-version
BUMP_CMD="npm version prerelease --preid=dev --no-git-tag-version"
;;
release*)
npm version prerelease --preid=rc-${BRANCH_SAFE} --no-git-tag-version
BUMP_CMD="npm version prerelease --preid=rc-${BRANCH_SAFE} --no-git-tag-version"
;;
*)
npm version prerelease --preid=nightly-${BRANCH_SAFE} --no-git-tag-version
BUMP_CMD="npm version prerelease --preid=nightly-${BRANCH_SAFE} --no-git-tag-version"
;;
esac
VERSION="$(node -p "require('./package.json').version")"
while git rev-parse -q --verify "refs/tags/v${VERSION}" >/dev/null; do
echo "Tag v${VERSION} already exists; trying next version."
${BUMP_CMD}
VERSION="$(node -p "require('./package.json').version")"
done
if git diff --quiet; then
echo "No version file changes; tagging current commit."
else
git add package.json package-lock.json 2>/dev/null || true
git commit -m "update version: v${VERSION}"
fi
TAG="v${VERSION}"
git tag "${TAG}"
git push origin HEAD
git push origin "${TAG}"
echo "tag=${TAG}" >> "${GITHUB_OUTPUT}"

19
.github/workflows/deploy-k8s-call-example.yml vendored
View File

@@ -1,19 +0,0 @@
name: Deploy to Kubernetes (via reusable workflow)
run-name: ${{ gitea.actor }} triggers deploy-k8s
on:
workflow_dispatch:
inputs:
tag:
description: Image tag to deploy (e.g. v1.2.3)
required: true
type: string
jobs:
deploy:
uses: tanztee/ci-cd/.github/workflows/deploy-k8s.yml@main
with:
tag: ${{ inputs.tag }}
secrets:
KUBECONFIG: ${{ secrets.KUBECONFIG }}
REGISTRY: ${{ secrets.REGISTRY }}

76
.github/workflows/deploy-k8s.yaml vendored
View File

@@ -1,76 +0,0 @@
name: Deploy Image to Kubernetes
run-name: ${{ gitea.actor }} deploys to k8s
on:
workflow_call:
inputs:
tag:
description: Image tag to deploy (e.g. v1.2.3)
type: string
required: true
deployment:
description: Kubernetes Deployment name
type: string
default: oumta-app
container:
description: Container name in the Deployment to update
type: string
default: app
namespace:
description: Kubernetes namespace
type: choice
default: oumta-dev
options:
- oumta-dev
- oumta-beta
- oumta-app
registry:
description: Container registry hostname (defaults to secret REGISTRY)
type: string
default: ""
image_name:
description: Full image name including registry (defaults to REGISTRY/repo)
type: string
default: ""
secrets:
KUBECONFIG:
description: Kubeconfig content
required: true
REGISTRY:
description: Container registry hostname
required: false
jobs:
deploy:
runs-on: ubuntu-latest
env:
REGISTRY: ${{ inputs.registry != '' && inputs.registry || secrets.REGISTRY }}
IMAGE_NAME: ${{ inputs.image_name }}
REPO: ${{ gitea.repository }}
steps:
- name: Install kubectl
uses: azure/setup-kubectl@v4
- name: Resolve image name
run: |
if [ -z "${IMAGE_NAME}" ]; then
IMAGE_NAME="${REGISTRY}/${REPO}"
fi
echo "IMAGE_NAME=${IMAGE_NAME}" >> "$GITHUB_ENV"
- name: Configure kubeconfig
env:
KUBECONFIG_CONTENT: ${{ secrets.KUBECONFIG }}
run: |
mkdir -p ~/.kube
printf '%s' "$KUBECONFIG_CONTENT" > ~/.kube/config
chmod 600 ~/.kube/config
- name: Update deployment image
run: |
IMAGE="${IMAGE_NAME}:${{ inputs.tag }}"
kubectl set image deployment/${{ inputs.deployment }} \
${{ inputs.container }}=${IMAGE} \
--namespace ${{ inputs.namespace }}
kubectl rollout status deployment/${{ inputs.deployment }} \
--namespace ${{ inputs.namespace }}

44
README.md
View File

@@ -1,6 +1,6 @@
## Reusable Workflows ## Actions
This repo provides reusable Gitea Actions workflows that can be referenced with `uses:`. This repo provides reusable Gitea Actions as composite actions that can be referenced with `uses:`.
### Bump Version ### Bump Version
@@ -9,9 +9,13 @@ Example:
```yaml ```yaml
jobs: jobs:
bump-version: bump-version:
uses: tanztee/ci-cd/.github/workflows/bump-version.yaml@main runs-on: ubuntu-latest
secrets: permissions:
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} contents: write
steps:
- uses: tanztee/ci-cd/.github/actions/bump-version@main
with:
gitea_token: ${{ secrets.GITEA_TOKEN }}
``` ```
### Build and Push Docker Image ### Build and Push Docker Image
@@ -21,11 +25,16 @@ Example:
```yaml ```yaml
jobs: jobs:
build-and-push: build-and-push:
uses: tanztee/ci-cd/.github/workflows/build-and-push.yml@main runs-on: ubuntu-latest
secrets: permissions:
REGISTRY: ${{ secrets.REGISTRY }} contents: read
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} packages: write
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} steps:
- uses: tanztee/ci-cd/.github/actions/build-and-push@main
with:
registry: ${{ secrets.REGISTRY }}
registry_username: ${{ secrets.REGISTRY_USERNAME }}
registry_password: ${{ secrets.REGISTRY_PASSWORD }}
``` ```
### Deploy Image to Kubernetes ### Deploy Image to Kubernetes
@@ -43,11 +52,12 @@ on:
jobs: jobs:
deploy: deploy:
uses: tanztee/ci-cd/.github/workflows/deploy-k8s.yml@main runs-on: ubuntu-latest
with: steps:
tag: ${{ inputs.tag }} - uses: tanztee/ci-cd/.github/actions/deploy-k8s@main
namespace: oumta-dev with:
secrets: tag: ${{ inputs.tag }}
KUBECONFIG: ${{ secrets.KUBECONFIG }} namespace: oumta-dev
REGISTRY: ${{ secrets.REGISTRY }} kubeconfig: ${{ secrets.KUBECONFIG }}
registry: ${{ secrets.REGISTRY }}
``` ```