📦 build(ci): enhance build workflow with container and cleanup
- add node:20-alpine container for consistent linting environment - remove duplicate docker setup and login steps - streamline job steps for better readability and maintenance
This commit is contained in:
nocci
parent
7b5e819528
commit
3746f9be49
1 changed files with 54 additions and 49 deletions
|
|
@ -12,11 +12,15 @@ env:
|
|||
jobs:
|
||||
lint:
|
||||
runs-on: self-hosted
|
||||
container:
|
||||
image: node:20-alpine
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install dependencies
|
||||
run: npm ci
|
||||
|
||||
- name: Run ESLint
|
||||
run: npm run lint
|
||||
|
||||
|
|
@ -86,66 +90,66 @@ jobs:
|
|||
uses: actions/checkout@v4
|
||||
|
||||
- name: Login to registry
|
||||
|
||||
run: echo "${{ secrets.REG_TOKEN }}" | docker login "${{ secrets.REGISTRY }}" -u "${{ secrets.REG_USER }}" --password-stdin
|
||||
|
||||
- name: Build image
|
||||
run: |
|
||||
docker buildx build --load \
|
||||
-t "${{ secrets.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}" .
|
||||
|
||||
- name: Push image
|
||||
run: |
|
||||
docker push "${{ secrets.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}"
|
||||
run: |
|
||||
|
||||
|
||||
|
||||
|
||||
WORKDIR=${GITHUB_WORKSPACE:-$PWD}
|
||||
HOST_URL=${SONAR_HOST_URL:?SONAR_HOST_URL secret not set}
|
||||
BRANCH_NAME=${GITHUB_REF#refs/heads/}
|
||||
PROJECT_KEY=${SONAR_PROJECT_KEY:-}
|
||||
if [ -z "$PROJECT_KEY" ] && [ -f sonar-project.properties ]; then
|
||||
PROJECT_KEY=$(grep -E '^sonar.projectKey=' sonar-project.properties | cut -d= -f2 | tr -d '\r')
|
||||
fi
|
||||
if [ -z "$PROJECT_KEY" ]; then
|
||||
echo "SONAR_PROJECT_KEY secret not set and no sonar-project.properties entry found" >&2
|
||||
exit 1
|
||||
fi
|
||||
echo "Sonar project key: $PROJECT_KEY"
|
||||
echo "Listing workspace:"
|
||||
ls -la
|
||||
echo "Sample files:"
|
||||
find . -maxdepth 2 -type f | head -n 20
|
||||
echo "Running local sonar-scanner..."
|
||||
set -- \
|
||||
-Dsonar.host.url="$HOST_URL" \
|
||||
-Dsonar.token="$SONAR_TOKEN" \
|
||||
-Dsonar.projectKey="$PROJECT_KEY" \
|
||||
-Dsonar.sources=. \
|
||||
-Dsonar.scm.disabled=true \
|
||||
-Dsonar.projectBaseDir="$WORKDIR"
|
||||
|
||||
if [ "${SONAR_ENABLE_BRANCH:-}" = "true" ]; then
|
||||
set -- "$@" -Dsonar.branch.name="$BRANCH_NAME"
|
||||
else
|
||||
echo "Branch analysis disabled (requires SonarQube Developer Edition)"
|
||||
fi
|
||||
|
||||
sonar-scanner "$@"
|
||||
|
||||
docker:
|
||||
needs: [lint, sonar]
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Login to registry
|
||||
run: echo "${{ secrets.REG_TOKEN }}" | docker login "${{ secrets.REGISTRY }}" -u "${{ secrets.REG_USER }}" --password-stdin
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
- name: Build image
|
||||
run: |
|
||||
|
||||
|
|
@ -156,3 +160,4 @@ jobs:
|
|||
- name: Push image
|
||||
run: |
|
||||
docker push "${{ secrets.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}"
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue