MasterMito/work-club-manager
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
9b1ceb1fb4e457c2e26d60ab7b3a70d9b3fc0337
work-club-manager/.gitea/workflows/cd-bootstrap.yml
WorkClub Automation 785502f113
All checks were successful
CI Pipeline / Backend Build & Test (push) Successful in 1m9s
Details
CI Pipeline / Frontend Lint, Test & Build (push) Successful in 54s
Details
CI Pipeline / Infrastructure Validation (push) Successful in 4s
Details
fix(cd): configure buildx for HTTP-only insecure registry 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
2026-03-08 16:05:28 +01:00

243 lines
9.3 KiB
YAML
Raw Blame History

name: CD Bootstrap - Release Image Publish
on:
workflow_dispatch:
inputs:
image_tag:
description: 'Image tag (e.g., v1.0.0, latest, dev)'
required: true
default: 'latest'
type: string
build_backend:
description: 'Build backend image'
required: false
default: true
type: boolean
build_frontend:
description: 'Build frontend image'
required: false
default: true
type: boolean
env:
REGISTRY_HOST: 192.168.241.13:8080
BACKEND_IMAGE: workclub-api
FRONTEND_IMAGE: workclub-frontend
jobs:
prepare:
name: Prepare Build Metadata
runs-on: ubuntu-latest
outputs:
image_tag: ${{ steps.metadata.outputs.image_tag }}
image_sha: ${{ steps.metadata.outputs.image_sha }}
build_backend: ${{ steps.metadata.outputs.build_backend }}
build_frontend: ${{ steps.metadata.outputs.build_frontend }}
steps:
- name: Generate build metadata
id: metadata
run: |
IMAGE_TAG="${{ github.event.inputs.image_tag }}"
if [[ -z "$IMAGE_TAG" ]]; then
IMAGE_TAG="latest"
fi
IMAGE_SHA="${{ github.sha }}"
IMAGE_SHA_SHORT="${IMAGE_SHA:0:7}"
BUILD_BACKEND="${{ github.event.inputs.build_backend }}"
BUILD_FRONTEND="${{ github.event.inputs.build_frontend }}"
if [[ -z "$BUILD_BACKEND" || "$BUILD_BACKEND" == "false" ]]; then
BUILD_BACKEND="false"
else
BUILD_BACKEND="true"
fi
if [[ -z "$BUILD_FRONTEND" || "$BUILD_FRONTEND" == "false" ]]; then
BUILD_FRONTEND="false"
else
BUILD_FRONTEND="true"
fi
echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT
echo "image_sha=$IMAGE_SHA_SHORT" >> $GITHUB_OUTPUT
echo "build_backend=$BUILD_BACKEND" >> $GITHUB_OUTPUT
echo "build_frontend=$BUILD_FRONTEND" >> $GITHUB_OUTPUT
echo "✅ Build configuration:"
echo " Image Tag: $IMAGE_TAG"
echo " Commit SHA: $IMAGE_SHA_SHORT"
echo " Build Backend: $BUILD_BACKEND"
echo " Build Frontend: $BUILD_FRONTEND"
backend-image:
name: Build & Push Backend Image
runs-on: ubuntu-latest
needs: [prepare]
if: needs.prepare.outputs.build_backend == 'true'
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Login to registry (if credentials provided)
if: ${{ secrets.REGISTRY_USERNAME != '' && secrets.REGISTRY_PASSWORD != '' }}
run: |
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY_HOST }} \
--username "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
config-inline: |
[registry."192.168.241.13:8080"]
http = true
insecure = true
- name: Build and push backend multi-arch image
working-directory: ./backend
run: |
docker buildx build \
--platform linux/amd64,linux/arm64 \
--tag ${{ env.REGISTRY_HOST }}/${{ env.BACKEND_IMAGE }}:${{ needs.prepare.outputs.image_tag }} \
--tag ${{ env.REGISTRY_HOST }}/${{ env.BACKEND_IMAGE }}:sha-${{ needs.prepare.outputs.image_sha }} \
--push \
-f Dockerfile \
.
- name: Capture push evidence (multi-arch)
run: |
mkdir -p .sisyphus/evidence
cat > .sisyphus/evidence/task-31-backend-push.json <<EOF
{
"scenario": "backend_image_push_multiarch",
"result": "success",
"timestamp": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
"details": {
"image": "${{ env.REGISTRY_HOST }}/${{ env.BACKEND_IMAGE }}",
"version_tag": "${{ needs.prepare.outputs.image_tag }}",
"sha_tag": "sha-${{ needs.prepare.outputs.image_sha }}",
"platforms": "linux/amd64,linux/arm64",
"registry": "${{ env.REGISTRY_HOST }}"
}
}
EOF
- name: Upload backend push evidence
uses: actions/upload-artifact@v3
with:
name: backend-push-evidence
path: .sisyphus/evidence/task-31-backend-push.json
retention-days: 30
frontend-image:
name: Build & Push Frontend Image
runs-on: ubuntu-latest
needs: [prepare]
if: needs.prepare.outputs.build_frontend == 'true'
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Login to registry (if credentials provided)
if: ${{ secrets.REGISTRY_USERNAME != '' && secrets.REGISTRY_PASSWORD != '' }}
run: |
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY_HOST }} \
--username "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
config-inline: |
[registry."192.168.241.13:8080"]
http = true
insecure = true
- name: Build and push frontend multi-arch image
working-directory: ./frontend
run: |
docker buildx build \
--platform linux/amd64,linux/arm64 \
--tag ${{ env.REGISTRY_HOST }}/${{ env.FRONTEND_IMAGE }}:${{ needs.prepare.outputs.image_tag }} \
--tag ${{ env.REGISTRY_HOST }}/${{ env.FRONTEND_IMAGE }}:sha-${{ needs.prepare.outputs.image_sha }} \
--push \
-f Dockerfile \
.
- name: Capture push evidence (multi-arch)
run: |
mkdir -p .sisyphus/evidence
cat > .sisyphus/evidence/task-32-frontend-push.json <<EOF
{
"scenario": "frontend_image_push_multiarch",
"result": "success",
"timestamp": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
"details": {
"image": "${{ env.REGISTRY_HOST }}/${{ env.FRONTEND_IMAGE }}",
"version_tag": "${{ needs.prepare.outputs.image_tag }}",
"sha_tag": "sha-${{ needs.prepare.outputs.image_sha }}",
"platforms": "linux/amd64,linux/arm64",
"registry": "${{ env.REGISTRY_HOST }}"
}
}
EOF
- name: Upload frontend push evidence
uses: actions/upload-artifact@v3
with:
name: frontend-push-evidence
path: .sisyphus/evidence/task-32-frontend-push.json
retention-days: 30
release-summary:
name: Create Release Summary Evidence
runs-on: ubuntu-latest
needs: [prepare, backend-image, frontend-image]
if: always()
steps:
- name: Generate release summary
run: |
mkdir -p .sisyphus/evidence
# Task 33 evidence: CD bootstrap release summary
cat > .sisyphus/evidence/task-33-cd-bootstrap-release.json <<EOF
{
"release_tag": "${{ needs.prepare.outputs.image_tag }}",
"commit_sha": "${{ needs.prepare.outputs.image_sha }}",
"backend_image": "${{ env.REGISTRY_HOST }}/${{ env.BACKEND_IMAGE }}:${{ needs.prepare.outputs.image_tag }}",
"frontend_image": "${{ env.REGISTRY_HOST }}/${{ env.FRONTEND_IMAGE }}:${{ needs.prepare.outputs.image_tag }}",
"backend_job_conclusion": "${{ needs.backend-image.result }}",
"frontend_job_conclusion": "${{ needs.frontend-image.result }}",
"build_platforms": "linux/amd64,linux/arm64",
"timestamp": "$(date -u +%Y-%m-%dT%H:%M:%SZ)"
}
EOF
- name: Upload all evidence artifacts
uses: actions/upload-artifact@v3
with:
name: cd-bootstrap-evidence
path: .sisyphus/evidence/*.json
retention-days: 30
- name: Summary report
run: |
echo "## 🚀 CD Bootstrap Release Summary" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Release Tag:** ${{ needs.prepare.outputs.image_tag }}" >> $GITHUB_STEP_SUMMARY
echo "**Commit SHA:** ${{ needs.prepare.outputs.image_sha }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### Published Multi-Arch Images" >> $GITHUB_STEP_SUMMARY
echo "- **Backend:** \`${{ env.REGISTRY_HOST }}/${{ env.BACKEND_IMAGE }}:${{ needs.prepare.outputs.image_tag }}\` (linux/amd64, linux/arm64)" >> $GITHUB_STEP_SUMMARY
echo "- **Backend SHA:** \`${{ env.REGISTRY_HOST }}/${{ env.BACKEND_IMAGE }}:sha-${{ needs.prepare.outputs.image_sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "- **Frontend:** \`${{ env.REGISTRY_HOST }}/${{ env.FRONTEND_IMAGE }}:${{ needs.prepare.outputs.image_tag }}\` (linux/amd64, linux/arm64)" >> $GITHUB_STEP_SUMMARY
echo "- **Frontend SHA:** \`${{ env.REGISTRY_HOST }}/${{ env.FRONTEND_IMAGE }}:sha-${{ needs.prepare.outputs.image_sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### Job Results" >> $GITHUB_STEP_SUMMARY
echo "- Backend Image: ${{ needs.backend-image.result }}" >> $GITHUB_STEP_SUMMARY
echo "- Frontend Image: ${{ needs.frontend-image.result }}" >> $GITHUB_STEP_SUMMARY
Reference in New Issue View Git Blame Copy Permalink