diff --git a/.github/workflows/build-monorepo.yaml b/.github/workflows/build-monorepo.yaml index 12888db..818c6a8 100644 --- a/.github/workflows/build-monorepo.yaml +++ b/.github/workflows/build-monorepo.yaml @@ -8,10 +8,6 @@ on: PROJECT_ID: required: true type: string - DOCKER_REGISTRY: - required: false - type: string - default: git.kvant.cloud jobs: build_and_push: @@ -30,12 +26,10 @@ jobs: tags: | type=ref,event=branch,branch=dev,suffix=-{{sha}},optional=true type=ref,event=branch,branch=dev,value=dev,optional=true - type=match,event=tag,pattern=.*_?(v\d+\.\d+\.\d+(?:-[\w\d.-]+)?),group=1,prefix=,optional=true - type=match,event=tag,pattern=.*_?(v\d+\.\d+\.\d+(?:-[\w\d.-]+)?),value=latest,optional=true - type=match,event=tag,pattern=.*v(\\d+\\.\\d+\\.\\d+).*,group=1,prefix=v,optional=true + type=match,event=tag,pattern=v(.*),group=1,prefix=v,optional=true - name: Print (debug) Docker meta JSON - uses: https://github.com/actions/github-script@v8 + uses: https://github.com/actions/github-script@v7 with: script: | const json = JSON.parse(process.env.JSON_STRING); @@ -51,7 +45,7 @@ jobs: - name: Login into gitea registry uses: docker/login-action@v3 with: - registry: ${{ inputs.DOCKER_REGISTRY }} + registry: git.kvant.cloud username: ${{ inputs.PACKAGE_WRITER_USERNAME }} password: ${{ secrets.PACKAGE_WRITER_TOKEN }} diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 409c2e7..999f29d 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -5,10 +5,6 @@ on: PACKAGE_WRITER_USERNAME: required: true type: string - DOCKER_REGISTRY: - required: false - type: string - default: git.kvant.cloud jobs: build_and_push: runs-on: ubuntu-latest @@ -26,11 +22,13 @@ jobs: tags: | type=ref,event=branch,branch=dev,suffix=-{{sha}},optional=true type=ref,event=branch,branch=dev,value=dev,optional=true - type=match,event=tag,pattern=v(\d+\.\d+\.\d+(?:-[\w\d.-]+)?),group=1,prefix=v,optional=true - type=match,event=tag,pattern=v(\d+\.\d+\.\d+(?:-[\w\d.-]+)?),value=latest,optional=true + type=match,event=tag,pattern=v(.*),group=1,prefix=v,optional=true + type=match,event=tag,pattern=v(.*),value=latest,optional=true + flavor: | + latest=false - name: Print (debug) Docker meta JSON - uses: https://github.com/actions/github-script@v8 + uses: https://github.com/actions/github-script@v7 with: script: | const json = JSON.parse(process.env.JSON_STRING); @@ -40,18 +38,13 @@ jobs: console.log(JSON.stringify(json, null, 2)); console.log(""); console.log("------------------------------------------------------------"); - console.log("Container meta runtime env:") - console.log("IMAGE_TAG: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}") - console.log("VCS_REF: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}") - console.log("BUILD_DATE: ${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}") - console.log("------------------------------------------------------------"); env: JSON_STRING: ${{ steps.meta.outputs.json }} - name: Login into gitea registry uses: docker/login-action@v3 with: - registry: ${{ inputs.DOCKER_REGISTRY }} + registry: git.kvant.cloud username: ${{ inputs.PACKAGE_WRITER_USERNAME }} password: ${{ secrets.PACKAGE_WRITER_TOKEN }} diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index fff5418..443dc81 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -17,23 +17,7 @@ on: TEST_SCRIPT: required: false type: string - default: yarn run test - LINT_SCRIPT: - required: false - type: string - default: yarn run lint - CHECK_TYPES_SCRIPT: - required: false - type: string - default: yarn run check-types - INSTALL_SCRIPT: - required: false - type: string - default: yarn install --immutable --inline-builds - NODE_VERSION: - required: false - type: string - default: "24" + default: yarn run test --ci --passWithNoTests --coverage jobs: linting_type_checking: @@ -41,18 +25,14 @@ jobs: env: NO_YARN_POSTINSTALL: 1 FONTAWESOME_PACKAGE_TOKEN: ${{ secrets.FONTAWESOME_PACKAGE_TOKEN }} - TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} - TURBO_API: ${{ vars.TURBO_API }} - TURBO_TEAM: ${{ vars.TURBO_TEAM }} - TURBO_URL: ${{ vars.TURBO_URL }} steps: - name: Checkout repository uses: actions/checkout@v5 - name: Set up Node.js and Corepack - uses: actions/setup-node@v6 + uses: actions/setup-node@v4 with: - node-version: ${{ inputs.NODE_VERSION }} + node-version: "22" - name: Enable Corepack run: | @@ -60,7 +40,7 @@ jobs: - name: Install dependencies run: | - ${{ inputs.INSTALL_SCRIPT }} + yarn install --immutable --inline-builds - name: Setup repostitory run: | @@ -68,11 +48,11 @@ jobs: - name: Lint source code (eslint) run: | - ${{ inputs.LINT_SCRIPT }} + yarn run lint --max-warnings=0 - name: Static type checking (TypeScript) run: | - ${{ inputs.CHECK_TYPES_SCRIPT }} + yarn run check-types - name: Run tests if: ${{ inputs.TESTS_ENABLED == true }} @@ -80,7 +60,7 @@ jobs: ${{ inputs.TEST_SCRIPT }} - name: Static code analysis with SonarQube - uses: https://github.com/SonarSource/sonarqube-scan-action@v6 + uses: https://github.com/SonarSource/sonarqube-scan-action@v5 if: ${{ inputs.SONARQUBE_ENABLED == true }} env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/README.md b/README.md index 47d0f65..716d225 100644 --- a/README.md +++ b/README.md @@ -8,60 +8,36 @@ GitHub (forgejo) pipelines and other CI/CD utilities for the frontends Phoenix T ## .Github Workflows: Build and push containers -### Docker / Container build - Containers are built using dedicated `Dockerfile`s located in the `/docker` directory within each project repository. After the build, the images are pushed to the registry. -### Tagging - -Only tags following the specified patterns will be considered within container tags. Any other patterns will be ignored, ensuring adherence to the established tagging policy. - -#### Standalone - -- v1.0.0 -- v1.0.0-\ - -#### Monorepo - -- \_v1.0.0 -- \_v1.0.0-\ - -### Pipelines - -#### `Build` +### `Build Standalone` A standard single-repository project with a `package.json` file located at the root, managing dependencies for the entire project. -###### Vars (inherited) - -Setuped on org or repo level. +##### Vars (inherited) | Key | Description | Required | | ------------ | --------------- | -------- | | `IMAGE_PATH` | Image base path | ✓ | -###### Inputs +##### Inputs | Key | Description | Required | | ------------------------- | ------------------------------- | -------- | | `PACKAGE_WRITER_USERNAME` | User name of the package writer | ✓ | -###### Secrets - -Note: Secrets must be explicitly passed to workflows, even if they are defined at the repository or organization level. This is due to the way Forgejo handles secrets in workflows. +##### Secrets | Key | Description | Required | | --------------------------- | --------------------------------------------------------- | -------- | | `PACKAGE_WRITE_TOKEN` | Accesstoken of the package writer | ✓ | | `FONTAWESOME_PACKAGE_TOKEN` | Fontawesome Pro library token (Only needed if FA in use ) | | -#### `Build-Monorepo` +### `Build Monorepo` A monorepo project based on Turborepo, with individual projects located under the `/apps/` directory. -###### Vars (inherited) - -Setuped on org or repo level. +##### Vars (inherited) | Key | Description | Required | | ----------------- | ------------------ | -------- | @@ -69,16 +45,14 @@ Setuped on org or repo level. | `TURBO_TEAM` | Turbo repo team ID | | | `TURBO_API` | Turbo repo api url | | -###### Inputs +##### Inputs | Key | Description | Required | | ------------------------- | ------------------------------- | -------- | | `PACKAGE_WRITER_USERNAME` | User name of the package writer | ✓ | | `PROJECT_ID` | ID of the projcet | ✓ | -###### Secrets - -Note: Secrets must be explicitly passed to workflows, even if they are defined at the repository or organization level. This is due to the way Forgejo handles secrets in workflows. +##### Secrets | Key | Description | Required | | --------------------------- | -------------------------------------------------- | -------- | @@ -88,15 +62,11 @@ Note: Secrets must be explicitly passed to workflows, even if they are defined a ## .Github Workflows: Linting, type checking, code analyzis, dependency tracking -### Pipelines - -#### `Lint` +### `Lint` Linting, type checking, sonarqube, dependency tracking, any testing -###### Vars (inherited) - -Setuped on org or repo level. +##### Vars (inherited) | Key | Description | Required | | ---------------- | ------------------------------------------------- | -------- | @@ -104,20 +74,18 @@ Setuped on org or repo level. | `TURBO_API` | Turbo repo api url (only applicable on monorepos) | | | `SONAR_HOST_URL` | Sonarqube Host (required if sonarqube is enabled) | | -###### Inputs +##### Inputs -| Key | Description | Required | -| -------------------- | ---------------------------------------------------------------------------------- | -------- | -| `SONARQUBE_ENABLED` | Send source to sonarqube for code analysis; default: `false` | | -| `TESTS_ENABLED` | Enable test suites; default: `false` | | -| `SETUP_REPO_SCRIPT` | Script which runs after install for setting up the repo; default: `yarn run setup` | | -| `TEST_SCRIPT` | Script which runs when tests are enabled; default: `yarn run test` | | -| `LINT_SCRIPT` | Script which runs eslint; default: `yarn run lint` | | -| `CHECK_TYPES_SCRIPT` | Script which runs tsc type checking: `yarn run check-types` | | +| Key | Description | Required | +| ------------------- | ---------------------------------------------------------------------------------- | -------- | +| `SONARQUBE_ENABLED` | Send source to sonarqube for code analysis; default: `false` | | +| `TESTS_ENABLED` | Enable test suites; default: `false` | | +| `SETUP_REPO_SCRIPT` | Script which runs after install for setting up the repo; default: `yarn run setup` | | +| `TEST_SCRIPT` | Script which runs when tests are enabled; default: `yarn run test:coverage:lcov` | | -###### Secrets +TEST_SCRIPT -Note: Secrets must be explicitly passed to workflows, even if they are defined at the repository or organization level. This is due to the way Forgejo handles secrets in workflows. +##### Secrets | Key | Description | Required | | --------------------------- | ----------------------------------------------------------- | -------- |