setting up gitea actions

.gitea/workflows/build-and-pubilsh.yaml

@@ -0,0 +1,43 @@
+
+name: Build and publish container images
+
+on:
+- workflow_dispatch
+
+jobs:
+  build-and-publish:
+    runs-on: ubuntu-latest
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+    - name: Check out the repo
+      uses: actions/checkout@v3
+
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v2
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v2
+
+    - name: Log in to the Container registry
+      uses: docker/login-action@v2
+      with:
+        registry: gitea.jbrumond.me
+        username: ${{ secrets.REGISTRY_USER }}
+        password: ${{ secrets.REGISTRY_TOKEN }}
+
+    - name: Build and publish
+      uses: docker/build-push-action@v4
+      env:
+        # see <https://docs.gitea.com/usage/actions/comparison#dockerbuild-push-actionv4>
+        ACTIONS_RUNTIME_TOKEN: ''
+      with:
+        context: .
+        push: true
+        tags: |
+          gitea.jbrumond.me/james/dashboard:latest
+        platforms: |
+          linux/amd64
+          linux/arm64
+        secrets: |
+          npmrc=${{ secrets.NPMRC }}

.gitea/workflows/build.yaml

@@ -0,0 +1,36 @@
+
+name: Build container images
+
+on:
+  push:
+    branches:
+    - master
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+    - name: Check out the repo
+      uses: actions/checkout@v3
+
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v2
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v2
+
+    - name: Build and publish
+      uses: docker/build-push-action@v4
+      env:
+        # see <https://docs.gitea.com/usage/actions/comparison#dockerbuild-push-actionv4>
+        ACTIONS_RUNTIME_TOKEN: ''
+      with:
+        context: .
+        push: false
+        platforms: |
+          linux/amd64
+          linux/arm64
+        secrets: |
+          npmrc=${{ secrets.NPMRC }}

.gitea/workflows/deploy-prd.yaml

@@ -0,0 +1,46 @@
+
+name: Deploy staging to production environment
+
+on:
+- workflow_dispatch
+
+jobs:
+  tag-image:
+    runs-on: ubuntu-latest
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+    - name: Check out the repo
+      uses: actions/checkout@v3
+
+    - name: Log in to the Container registry
+      uses: docker/login-action@v2
+      with:
+        registry: gitea.jbrumond.me
+        username: ${{ secrets.REGISTRY_USER }}
+        password: ${{ secrets.REGISTRY_TOKEN }}
+
+    - name: Tag "stg" with "prod"
+      run: |
+        docker pull gitea.jbrumond.me/james/dashboard:stg
+        docker tag gitea.jbrumond.me/james/dashboard:stg gitea.jbrumond.me/james/dashboard:prod
+        docker push gitea.jbrumond.me/james/dashboard:prod
+
+  deploy:
+    runs-on: ubuntu-latest
+    container:
+      image: gitea.jbrumond.me/images/kubectl:1.28
+    needs:
+    - tag-image
+    env:
+      KUBERNETES_SERVER: https://nephthys.local.jbrumond.me:6443
+      KUBERNETES_TOKEN: ${{ secrets.K8S_WEB_NS_SERVICE_ACCT_TOKEN }}
+      KUBERNETES_CERT: ${{ secrets.K8S_WEB_NS_SERVICE_ACCT_CERT }}
+    steps:
+    - name: Configure kubectl and set credentials
+      run: /bin/kubectl-setup
+    - name: Deploy "prod" image to kubernetes production (<prod hostname>)
+      run: |
+        kubectl -n web set image "deployment/<prod deploy name>" "<prod container name>=gitea.jbrumond.me/james/dashboard:prod"
+        kubectl -n web rollout restart "deployment/<prod deploy name>"
+        kubectl -n web rollout status "deployment/<prod deploy name>"

.gitea/workflows/deploy-stg.yaml

@@ -0,0 +1,46 @@
+
+name: Deploy latest to staging environment
+
+on:
+- workflow_dispatch
+
+jobs:
+  tag-image:
+    runs-on: ubuntu-latest
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+    - name: Check out the repo
+      uses: actions/checkout@v3
+
+    - name: Log in to the Container registry
+      uses: docker/login-action@v2
+      with:
+        registry: gitea.jbrumond.me
+        username: ${{ secrets.REGISTRY_USER }}
+        password: ${{ secrets.REGISTRY_TOKEN }}
+
+    - name: Tag "latest" with "stg"
+      run: |
+        docker pull gitea.jbrumond.me/james/dashboard:latest
+        docker tag gitea.jbrumond.me/james/dashboard:latest gitea.jbrumond.me/james/dashboard:stg
+        docker push gitea.jbrumond.me/james/dashboard:stg
+
+  deploy:
+    runs-on: ubuntu-latest
+    container:
+      image: gitea.jbrumond.me/images/kubectl:1.28
+    needs:
+    - tag-image
+    env:
+      KUBERNETES_SERVER: https://nephthys.local.jbrumond.me:6443
+      KUBERNETES_TOKEN: ${{ secrets.K8S_WEB_NS_SERVICE_ACCT_TOKEN }}
+      KUBERNETES_CERT: ${{ secrets.K8S_WEB_NS_SERVICE_ACCT_CERT }}
+    steps:
+    - name: Configure kubectl and set credentials
+      run: /bin/kubectl-setup
+    - name: Deploy "stg" image to kubernetes staging (<stg hostname>)
+      run: |
+        kubectl -n web set image "deployment/<stg deploy name>" "<stg container name>=gitea.jbrumond.me/james/dashboard:stg"
+        kubectl -n web rollout restart "deployment/<stg deploy name>"
+        kubectl -n web rollout status "deployment/<stg deploy name>"

Dockerfile

@@ -29,7 +29,8 @@ COPY package.json package-lock.json tsconfig.json ${BUILD_PATH}/
 COPY src/ ${BUILD_PATH}/src/
 
 # Install dependencies and build the application source
-RUN npm ci
+# (mount the NPM credentials so we can install private packages)
+RUN --mount-type=secret,id=npmrc,target=/root/.npmrc npm ci
 RUN npm run tsc
 
 # Remove any dev dependencies now that the app is built