From 3746f9be490a250de7cbb04bcca6d827e6629ef0 Mon Sep 17 00:00:00 2001 From: nocci Date: Thu, 8 Jan 2026 13:00:05 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=93=A6=20build(ci):=20enhance=20build=20w?= =?UTF-8?q?orkflow=20with=20container=20and=20cleanup?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - add node:20-alpine container for consistent linting environment - remove duplicate docker setup and login steps - streamline job steps for better readability and maintenance --- .forgejo/workflows/build.yml | 103 ++++++++++++++++++----------------- 1 file changed, 54 insertions(+), 49 deletions(-) diff --git a/.forgejo/workflows/build.yml b/.forgejo/workflows/build.yml index 85b7aa5..b9bc321 100644 --- a/.forgejo/workflows/build.yml +++ b/.forgejo/workflows/build.yml @@ -12,11 +12,15 @@ env: jobs: lint: runs-on: self-hosted + container: + image: node:20-alpine steps: - name: Checkout uses: actions/checkout@v4 + - name: Install dependencies run: npm ci + - name: Run ESLint run: npm run lint @@ -86,66 +90,66 @@ jobs: uses: actions/checkout@v4 - name: Login to registry + run: echo "${{ secrets.REG_TOKEN }}" | docker login "${{ secrets.REGISTRY }}" -u "${{ secrets.REG_USER }}" --password-stdin - - name: Build image - run: | - docker buildx build --load \ - -t "${{ secrets.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}" . - - - name: Push image - run: | - docker push "${{ secrets.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}" - run: | - WORKDIR=${GITHUB_WORKSPACE:-$PWD} - HOST_URL=${SONAR_HOST_URL:?SONAR_HOST_URL secret not set} - BRANCH_NAME=${GITHUB_REF#refs/heads/} - PROJECT_KEY=${SONAR_PROJECT_KEY:-} - if [ -z "$PROJECT_KEY" ] && [ -f sonar-project.properties ]; then - PROJECT_KEY=$(grep -E '^sonar.projectKey=' sonar-project.properties | cut -d= -f2 | tr -d '\r') - fi - if [ -z "$PROJECT_KEY" ]; then - echo "SONAR_PROJECT_KEY secret not set and no sonar-project.properties entry found" >&2 - exit 1 - fi - echo "Sonar project key: $PROJECT_KEY" - echo "Listing workspace:" - ls -la - echo "Sample files:" - find . -maxdepth 2 -type f | head -n 20 - echo "Running local sonar-scanner..." - set -- \ - -Dsonar.host.url="$HOST_URL" \ - -Dsonar.token="$SONAR_TOKEN" \ - -Dsonar.projectKey="$PROJECT_KEY" \ - -Dsonar.sources=. \ - -Dsonar.scm.disabled=true \ - -Dsonar.projectBaseDir="$WORKDIR" - if [ "${SONAR_ENABLE_BRANCH:-}" = "true" ]; then - set -- "$@" -Dsonar.branch.name="$BRANCH_NAME" - else - echo "Branch analysis disabled (requires SonarQube Developer Edition)" - fi - sonar-scanner "$@" - docker: - needs: [lint, sonar] - runs-on: self-hosted - steps: - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Checkout - uses: actions/checkout@v4 - - name: Login to registry - run: echo "${{ secrets.REG_TOKEN }}" | docker login "${{ secrets.REGISTRY }}" -u "${{ secrets.REG_USER }}" --password-stdin + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - name: Build image run: | @@ -156,3 +160,4 @@ jobs: - name: Push image run: | docker push "${{ secrets.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}" +