Files
nfoguard/.gitea/workflows/ci.yml
T
2025-09-09 16:39:33 -04:00

153 lines
5.3 KiB
YAML

name: Docker Build & Deploy
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: host
steps:
- name: Checkout code
run: |
echo "Current workspace: $(pwd)"
# Clean workspace first
rm -rf * .git* 2>/dev/null || true
# Clone the repository since Gitea runner doesn't auto-checkout
echo "Cloning repository..."
git clone http://192.168.253.221:3000/jskala/NFOguard.git /tmp/repo
cp -r /tmp/repo/* .
cp -r /tmp/repo/.* . 2>/dev/null || true
rm -rf /tmp/repo
echo "Repository cloned successfully"
ls -la
echo "Checking Dockerfile:"
head -30 Dockerfile
- name: Check Docker availability
run: |
echo "Checking Docker installation..."
which docker || (echo "Docker not found in PATH" && exit 1)
docker --version || (echo "Docker not available" && exit 1)
docker info || (echo "Docker daemon not running" && exit 1)
- name: Configure Docker for local registry
run: |
echo "Configuring Docker daemon for insecure local registry..."
LOCAL_REGISTRY="192.168.253.221:3000"
# Check current Docker daemon config
if [ -f /etc/docker/daemon.json ]; then
echo "Current daemon.json:"
sudo cat /etc/docker/daemon.json
else
echo "No existing daemon.json found"
fi
# Create or update daemon.json
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json > /dev/null << EOF
{
"insecure-registries": ["$LOCAL_REGISTRY"]
}
EOF
echo "New daemon.json created:"
sudo cat /etc/docker/daemon.json
# Restart Docker daemon
echo "Restarting Docker daemon..."
sudo systemctl restart docker
# Wait for Docker to restart and verify
sleep 10
echo "Verifying Docker daemon..."
docker info | grep -A5 "Insecure Registries" || echo "Checking insecure registries..."
echo "Testing registry connectivity..."
curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Registry accessible via HTTP" || echo "❌ Registry not accessible"
echo "Docker configured for insecure registry: $LOCAL_REGISTRY"
- name: Build Docker image
run: |
echo "Building Docker image..."
docker build -t nfoguard:latest .
docker tag nfoguard:latest nfoguard:${{ github.sha }}
echo "Docker image built and tagged successfully"
- name: Login and Push to Gitea registry (local network)
run: |
echo "Using local network connection to avoid Cloudflare tunnel timeouts..."
export DOCKER_CONFIG=/tmp/docker-config
mkdir -p $DOCKER_CONFIG
# Use local IP directly - no tunnel overhead
LOCAL_REGISTRY="192.168.253.221:3000"
echo "Registry: $LOCAL_REGISTRY"
# Note: Docker daemon must be pre-configured for insecure registry
# See configure-docker-insecure.md for setup instructions
echo "Testing registry connectivity..."
curl -s "http://$LOCAL_REGISTRY/v2/" && echo "✅ Registry accessible via HTTP" || echo "❌ Registry not accessible"
# Login to local registry
echo "Attempting login to local registry..."
echo "${{ secrets.token }}" | docker --config $DOCKER_CONFIG login "$LOCAL_REGISTRY" -u "${{ secrets.username }}" --password-stdin
# Tag images for local registry
docker tag nfoguard:latest "$LOCAL_REGISTRY/jskala/nfoguard:latest"
docker tag nfoguard:latest "$LOCAL_REGISTRY/jskala/nfoguard:${{ github.sha }}"
echo "Pushing to local registry (much faster!)..."
# Push to local network - should be very fast
echo "=== Pushing latest tag ==="
if docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:latest"; then
echo "✅ Latest tag pushed successfully"
echo "=== Pushing SHA tag ==="
if docker --config $DOCKER_CONFIG push "$LOCAL_REGISTRY/jskala/nfoguard:${{ github.sha }}"; then
echo "✅ SHA tag pushed successfully"
else
echo "⚠️ SHA tag push failed but latest succeeded"
fi
else
echo "❌ Local registry push failed"
echo "Please run: sudo systemctl restart docker"
echo "And configure /etc/docker/daemon.json with insecure-registries"
docker images | grep nfoguard
exit 1
fi
# Verify the push worked
echo "=== Verifying push ==="
curl -s "http://$LOCAL_REGISTRY/v2/jskala/nfoguard/tags/list" || echo "Could not verify (but push likely succeeded)"
echo "🎉 Local registry push completed!"
deploy:
needs: build
runs-on: host
if: github.ref == 'refs/heads/main'
steps:
- name: Deploy application
run: |
echo "Deploying application..."
# Add your deployment commands here
# Examples:
# docker-compose pull
# docker-compose up -d
# or
# docker stop nfoguard || true
# docker run -d --name nfoguard -p 8080:8080 nfoguard:latest
echo "Deployment completed"