Files
nfoguard/.gitea/workflows/ci.yml
T
2025-09-09 16:40:57 -04:00

154 lines
5.4 KiB
YAML

name: Docker Build & Deploy
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: host
steps:
- name: Checkout code
run: |
echo "Current workspace: $(pwd)"
# Clean workspace first
rm -rf * .git* 2>/dev/null || true
# Clone the repository since Gitea runner doesn't auto-checkout
echo "Cloning repository..."
git clone http://192.168.253.221:3000/jskala/NFOguard.git /tmp/repo
cp -r /tmp/repo/* .
cp -r /tmp/repo/.* . 2>/dev/null || true
rm -rf /tmp/repo
echo "Repository cloned successfully"
ls -la
echo "Checking Dockerfile:"
head -30 Dockerfile
- name: Check Docker availability
run: |
echo "Checking Docker installation..."
which docker || (echo "Docker not found in PATH" && exit 1)
docker --version || (echo "Docker not available" && exit 1)
docker info || (echo "Docker daemon not running" && exit 1)
- name: Configure Docker for local registry
run: |
echo "Configuring Docker client for insecure local registry..."
LOCAL_REGISTRY="192.168.253.221:3000"
# We can't use sudo in the container, so we'll configure the client differently
export DOCKER_CONFIG=/tmp/docker-config
mkdir -p $DOCKER_CONFIG
# Create Docker client config for insecure registry
cat > $DOCKER_CONFIG/config.json << EOF
{
"auths": {},
"HttpHeaders": {
"User-Agent": "Docker-Client/20.10.0 (linux)"
},
"credsStore": "",
"credHelpers": {},
"experimental": "disabled"
}
EOF
echo "Docker client config created"
echo "Note: Since we can't modify daemon config in container, we'll use --insecure-registry flag"
echo "Testing registry connectivity..."
curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Registry accessible via HTTP" || echo "❌ Registry not accessible"
- name: Build Docker image
run: |
echo "Building Docker image..."
docker build -t nfoguard:latest .
docker tag nfoguard:latest nfoguard:${{ github.sha }}
echo "Docker image built and tagged successfully"
- name: Login and Push to Gitea registry (local network)
run: |
echo "Using local network connection to avoid Cloudflare tunnel timeouts..."
export DOCKER_CONFIG=/tmp/docker-config
# Use local IP directly - no tunnel overhead
LOCAL_REGISTRY="192.168.253.221:3000"
echo "Registry: $LOCAL_REGISTRY"
echo "Testing registry connectivity..."
curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Registry accessible via HTTP" || echo "❌ Registry not accessible"
# Since we can't configure daemon, we need to use a workaround
# Let's try to create a custom docker command wrapper
cat > /tmp/docker-insecure << 'EOF'
#!/bin/bash
# Custom docker wrapper for insecure registry
if [[ "$*" == *"192.168.253.221:3000"* ]]; then
# For registry operations, we need to find an alternative approach
# Let's try using the domain name but with HTTP
original_cmd="$*"
modified_cmd="${original_cmd//192.168.253.221:3000/gitea.skalas.org}"
echo "Executing: docker $modified_cmd"
exec docker $modified_cmd
else
exec docker "$@"
fi
EOF
chmod +x /tmp/docker-insecure
# Fallback: Use domain name which should support HTTPS
REGISTRY="gitea.skalas.org"
echo "Fallback to domain registry: $REGISTRY"
# Login to registry
echo "Attempting login to registry..."
echo "${{ secrets.token }}" | docker --config $DOCKER_CONFIG login "$REGISTRY" -u "${{ secrets.username }}" --password-stdin
# Tag images for registry
docker tag nfoguard:latest "$REGISTRY/jskala/nfoguard:latest"
docker tag nfoguard:latest "$REGISTRY/jskala/nfoguard:${{ github.sha }}"
echo "Pushing to registry..."
# Push with shorter timeout since local network should be faster
echo "=== Pushing latest tag ==="
if timeout 300 docker --config $DOCKER_CONFIG push "$REGISTRY/jskala/nfoguard:latest"; then
echo "✅ Latest tag pushed successfully"
echo "=== Pushing SHA tag ==="
if timeout 180 docker --config $DOCKER_CONFIG push "$REGISTRY/jskala/nfoguard:${{ github.sha }}"; then
echo "✅ SHA tag pushed successfully"
else
echo "⚠️ SHA tag push failed but latest succeeded"
fi
else
echo "❌ Registry push failed"
docker images | grep nfoguard
exit 1
fi
echo "🎉 Registry push completed!"
deploy:
needs: build
runs-on: host
if: github.ref == 'refs/heads/main'
steps:
- name: Deploy application
run: |
echo "Deploying application..."
# Add your deployment commands here
# Examples:
# docker-compose pull
# docker-compose up -d
# or
# docker stop nfoguard || true
# docker run -d --name nfoguard -p 8080:8080 nfoguard:latest
echo "Deployment completed"