gapodo
/
forgejo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Quick test
ci/woodpecker/push/compliance-and-tests Pipeline is pending Details
ci/woodpecker/push/release-version Pipeline is pending Details
ci/woodpecker/tag/compliance-and-tests Pipeline was successful Details
ci/woodpecker/tag/release-version Pipeline failed Details

minimal-dockerfile
gapodo 2022-12-07 17:40:58 +01:00
parent e0c205082d
commit 5e0cff5eb6
6 changed files with 280 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

114
.woodpecker/compliance-and-tests.yml Normal file
View File

@ -0,0 +1,114 @@
platform: linux/amd64
variables:
- &golang_image 'golang:1.19'
- &gitea_test_env_image 'gitea/test_env:linux-amd64'
- &git_image 'docker:git'
- &drone_git_image 'drone/git'
workspace:
base: /go
path: src/codeberg/gitea
pipeline:
dummy:
image: *golang_image
commands:
- exit 0
# deps-backend:
# image: *golang_image
# pull: true
# secrets:
# - goproxy_override
# commands:
# - test "$${GOPROXY_OVERRIDE-}" != "" && export GOPROXY="$${GOPROXY_OVERRIDE}"
# - make deps-backend
# security-check:
# image: *golang_image
# pull: true
# secrets:
# - goproxy_override
# commands:
# - test "$${GOPROXY_OVERRIDE-}" != "" && export GOPROXY="$${GOPROXY_OVERRIDE}"
# - make security-check
# lint-backend:
# image: *gitea_test_env_image
# pull: true
# secrets:
# - goproxy_override
# environment:
# - TAGS=bindata sqlite sqlite_unlock_notify
# - GOSUMDB=sum.golang.org
# commands:
# - test "$${GOPROXY_OVERRIDE-}" != "" && export GOPROXY="$${GOPROXY_OVERRIDE}"
# - make lint-backend
# checks-backend:
# image: *golang_image
# pull: true
# secrets:
# - goproxy_override
# commands:
# - test "$${GOPROXY_OVERRIDE-}" != "" && export GOPROXY="$${GOPROXY_OVERRIDE}"
# - make --always-make checks-backend
# fetch-tags:
# image: *git_image
# pull: true
# commands:
# - git config --add safe.directory '*'
# - git fetch --tags --force
# tag-pre-condition:
# image: *drone_git_image
# pull: true
# commands:
# - git update-ref refs/heads/tag_test ${CI_COMMIT_SHA}
# prepare-test-env:
# image: *gitea_test_env_image
# pull: true
# secrets:
# - goproxy_override
# commands:
# - test "$${GOPROXY_OVERRIDE-}" != "" && export GOPROXY="$${GOPROXY_OVERRIDE}"
# - ./build/test-env-prepare.sh
# build-test:
# image: *gitea_test_env_image
# pull: true
# secrets:
# - goproxy_override
# environment:
# - GOSUMDB=sum.golang.org
# - TAGS=bindata sqlite sqlite_unlock_notify
# commands:
# - test "$${GOPROXY_OVERRIDE-}" != "" && export GOPROXY="$${GOPROXY_OVERRIDE}"
# - su gitea -c './build/test-env-check.sh'
# - su gitea -c 'make backend'
# unit-test:
# image: *gitea_test_env_image
# pull: true
# secrets:
# - github_read_token
# - goproxy_override
# environment:
# - TAGS=bindata sqlite sqlite_unlock_notify
# - RACE_ENABLED=true
# commands:
# - test "$${GOPROXY_OVERRIDE-}" != "" && export GOPROXY="$${GOPROXY_OVERRIDE}"
# - su gitea -c 'make unit-test-coverage test-check'
# test-sqlite:
# image: *gitea_test_env_image
# environment:
# - USE_REPO_TEST_DIR=1
# - GOPROXY=off
# - TAGS=bindata gogit sqlite sqlite_unlock_notify
# - TEST_TAGS=bindata gogit sqlite sqlite_unlock_notify
# commands:
# - su gitea -c 'timeout -s ABRT 120m make test-sqlite-migration test-sqlite'

32
.woodpecker/compliance.yml
View File

@ -1,32 +0,0 @@
platform: linux/amd64
workspace:
base: /go
path: src/codeberg/gitea
pipeline:
deps-backend:
image: golang:1.19
pull: true
commands:
- make deps-backend
security-check:
image: golang:1.19
pull: true
commands:
- make security-check
lint-backend:
image: gitea/test_env:linux-amd64
pull: true
environment:
- TAGS=bindata sqlite sqlite_unlock_notify
- GOSUMDB=sum.golang.org
commands:
- make lint-backend
checks-backend:
image: golang:1.19
commands:
- make --always-make checks-backend

28
.woodpecker/docker-linux-amd64-release-version.yml
View File

@ -1,28 +0,0 @@
platform: linux/amd64
depends_on:
- testing-amd64
pipeline:
fetch-tags:
image: docker:git
pull: true
commands:
- git config --add safe.directory '*'
- git fetch --tags --force
publish:
image: woodpeckerci/plugin-docker-buildx
pull: true
settings:
platforms: linux/amd64
registry:
from_secret: domain
tag: ${CI_COMMIT_TAG##v}
repo: ${CI_REPO_LINK##https://}
password:
from_secret: releaseteamtoken
username:
from_secret: releaseteamuser
when:
event: tag

72
.woodpecker/release-version.yml
View File

@ -1,45 +1,69 @@
platform: linux/amd64
depends_on:
- testing-amd64
- compliance-and-tests
workspace:
base: /source
path: /
variables:
- &git_image 'docker:git'
- &golang_image 'golang:1.19'
- &node_image 'node:18'
- &xgo_image 'techknowlogick/xgo:go-1.19.x'
- &buildx_plugin_image 'woodpeckerci/plugin-docker-buildx'
- &gpgsign_plugin_image 'plugins/gpgsign:1'
# Docker and XGO platforms may vary in name (arm/v6/v7,...), please make sure,
# that all platforms listed in docker_platforms are also in make_platforms
# for the mapping look at docker/map-binaries.sh
- &make_platforms 'linux/amd64,linux/arm64'
#- &docker_platforms 'linux/amd64,linux/arm64'
# Just building docker for amd64, as codeberg.org/forgejo/alpine:3.17 does not provide arm64
- &docker_platforms 'linux/amd64,linux/arm64'
pipeline:
fetch-tags:
image: docker:git
image: *git_image
pull: true
commands:
- git config --add safe.directory '*'
- git fetch --tags --force
deps-frontend:
image: node:18
image: *node_image
pull: true
commands:
- make deps-frontend
deps-backend:
image: golang:1.19
image: *golang_image
pull: true
commands:
- make deps-backend
- test "$${GOPROXY_OVERRIDE-}" != "" && export GOPROXY="$${GOPROXY_OVERRIDE}"
- make deps-backend
secrets:
- goproxy_override
static:
image: techknowlogick/xgo:go-1.19.x
build-static:
image: *xgo_image
pull: true
commands:
- test "$${GOPROXY_OVERRIDE-}" != "" && export GOPROXY="$${GOPROXY_OVERRIDE}"
- echo "installing nodejs"
- curl -sL https://deb.nodesource.com/setup_16.x | bash - && apt-get -qqy install nodejs
- export PATH=$PATH:$GOPATH/bin
- make CI=true LINUX_ARCHS=linux/amd64,linux/arm64 release
- echo "building forgejo"
- make CI=true LINUX_ARCHS=$${LINUX_ARCHS} release
environment:
TAGS: bindata sqlite sqlite_unlock_notify
DEBIAN_FRONTEND: noninteractive
LINUX_ARCHS: *make_platforms
secrets:
- goproxy_override
gpg-sign:
image: plugins/gpgsign:1
image: *gpgsign_plugin_image
pull: true
settings:
detach_sign: true
@ -49,17 +73,43 @@ pipeline:
- "dist/release/*"
key:
from_secret: releaseteamgpg
when:
event: tag
release:
image: golang:1.19
image: *golang_image
commands:
- curl -sL https://dl.gitea.io/tea/0.9.0/tea-0.9.0-linux-amd64 > /bin/tea && chmod +x /bin/tea
- REMOTE=$(echo $CI_REPO_LINK | sed -e 's|.*://||' -e 's|/.*||')
- GITEA_SERVER_URL=$CI_REPO_LINK GITEA_SERVER_TOKEN=$RELEASETEAMTOKEN tea login add --name $RELEASETEAMUSER --url $REMOTE
- ASSETS=$(ls dist/release/* | sed -e 's/^/-a /')
- tea release create $ASSETS --tag $CI_COMMIT_TAG --title $CI_COMMIT_TAG
- echo "$${CI_COMMIT_TAG##v}" | grep -qi '\-rc' && export RELEASETYPE="--prerelease" && echo "Uploading as Pre-Release"
- echo "$${CI_COMMIT_TAG##v}" | grep -qi '\-test' && export RELEASETYPE="--draft" && echo "Uploading as Draft"
- test $${RELEASETYPE+false} || echo "Uploading as Stable"
- tea release create $ASSETS --tag $CI_COMMIT_TAG --title $CI_COMMIT_TAG $${RELEASETYPE}
when:
event: tag
secrets:
- releaseteamtoken
- releaseteamuser
build-docker:
image: *buildx_plugin_image
pull: true
settings:
dockerfile: Dockerfile.ci
no_cache: true
platforms: *docker_platforms
registry:
from_secret: domain
tag: ${CI_COMMIT_TAG##v}
repo: ${CI_REPO_LINK##https://}
build_args_from_env:
- CI_COMMIT_TAG
- CI_REPO_CLONE_URL
password:
from_secret: releaseteamtoken
username:
from_secret: releaseteamuser
when:
event: tag

63
.woodpecker/testing-amd64.yml
View File

@ -1,63 +0,0 @@
platform: linux/amd64
depends_on:
- compliance
workspace:
base: /go
path: src/codeberg/gitea
pipeline:
fetch-tags:
image: docker:git
pull: true
commands:
- git config --add safe.directory '*'
- git fetch --tags --force
deps-backend:
image: golang:1.19
pull: true
commands:
- make deps-backend
tag-pre-condition:
image: drone/git
pull: true
commands:
- git update-ref refs/heads/tag_test ${CI_COMMIT_SHA}
prepare-test-env:
image: gitea/test_env:linux-amd64
pull: true
commands:
- ./build/test-env-prepare.sh
build:
image: gitea/test_env:linux-amd64
environment:
- GOSUMDB=sum.golang.org
- TAGS=bindata sqlite sqlite_unlock_notify
commands:
- su gitea -c './build/test-env-check.sh'
- su gitea -c 'make backend'
unit-test:
image: gitea/test_env:linux-amd64
environment:
- TAGS=bindata sqlite sqlite_unlock_notify
- RACE_ENABLED=true
secrets:
- github_read_token
commands:
- su gitea -c 'make unit-test-coverage test-check'
# test-sqlite:
# image: gitea/test_env:linux-amd64
# environment:
# - USE_REPO_TEST_DIR=1
# - GOPROXY=off
# - TAGS=bindata gogit sqlite sqlite_unlock_notify
# - TEST_TAGS=bindata gogit sqlite sqlite_unlock_notify
# commands:
# - su gitea -c 'timeout -s ABRT 120m make test-sqlite-migration test-sqlite'

105
Dockerfile.ci Normal file
View File

@ -0,0 +1,105 @@
FROM --platform=$BUILDPLATFORM codeberg.org/forgejo/golang:1.19-alpine3.17 AS build-env
ARG BUILDPLATFORM
ARG GOPROXY
ENV GOPROXY ${GOPROXY:-direct}
ARG TAG
ENV TAG ${CI_COMMIT_TAG##v:-main}
ARG CI_COMMIT_SHA
ARG CI_REPO_CLONE_URL
# Shorthands for easy use and ease of replacement
ARG OUT "/out-bins"
ARG DR "/docker/root"
# Check vars and create directories
RUN test -n "$CI_COMMIT_SHA" || (echo "CI_COMMIT_SHA is required but not set" >&2 && exit 1) && \
test -n "$CI_REPO_CLONE_URL" || (echo "CI_REPO_CLONE_URL is required but not set" >&2 && exit 1) && \
echo "Running prep for ${CI_REPO_CLONE_URL} commit ${CI_COMMIT_SHA}" && \
mkdir -p "${OUT}/linux/amd64" && \
mkdir -p "${OUT}/linux/arm64" && \
mkdir /build && \
mkdir -p "${DR}"
# Copying the arch specific binaries to the path easily accessible in the next step and rename them to gitea
COPY --chmod=755 dist/binaries/forgejo-$TAG-linux-amd64 "${OUT}/linux/amd64/gitea"
COPY --chmod=755 dist/binaries/forgejo-$TAG-linux-arm64 "${OUT}/linux/arm64/gitea"
WORKDIR /build
RUN echo "setting up git" && \
# quiet down git
git config --global init.defaultBranch dummy && \
git config --global advice.detachedHead false && \
git init && \
git remote add origin ${CI_REPO_CLONE_URL} && \
# shallow clone as we just need the current data, keeps the "clone" really small
git fetch --depth 1 origin ${CI_COMMIT_SHA} && \
git checkout FETCH_HEAD && \
export ENV2INI="environment-to-ini" && \
export GOFILE="contrib/$ENV2INI/$ENV2INI.go" && \
echo "compiling for linux/amd64" && \
GOOS=linux GOARCH=amd64 go build -o "${OUT}/linux/amd64/$ENV2INI" "${GOFILE}" && \
echo "compiling for linux/arm64" && \
GOOS=linux GOARCH=arm64 go build -o "${OUT}/linux/arm64/$ENV2INI "${GOFILE}" && \
cd / && \
echo "Copying future root addons" && \
cp -r /build"${DR}/* "${DR}/ && \
echo "Fixing permissions" && \
chmod 755 "${DR}/usr/bin/entrypoint "${DR}/usr/local/bin/gitea "${DR}/etc/s6/gitea/* "${DR}/etc/s6/openssh/* "${DR}/etc/s6/.s6-svscan/* && \
echo "removing git repo" && \
rm -Rf /build
# Main build
FROM codeberg.org/forgejo/alpine:3.17.0
LABEL maintainer="contact@forgejo.org"
ARG TARGETPLATFORM
ENV TARGETPLATFORM=${TARGETPLATFORM:-linux/amd64}
EXPOSE 22 3000
RUN apk --no-cache add \
bash \
ca-certificates \
curl \
gettext \
git \
linux-pam \
openssh \
s6 \
sqlite \
su-exec \
gnupg \
tzdata
RUN addgroup \
-S -g 1000 \
git && \
adduser \
-S -H -D \
-h /data/git \
-s /bin/bash \
-u 1000 \
-G git \
git && \
echo "git:*" | chpasswd -e
ENV USER git
ENV GITEA_CUSTOM /data/gitea
VOLUME ["/data"]
ENTRYPOINT ["/usr/bin/entrypoint"]
CMD ["/bin/s6-svscan", "/etc/s6"]
ARG OUT "/out-bins"
ARG DR "/docker/root"
COPY --from=build-env "${DR}" /
COPY --from=build-env --chmod=755 "${OUT}/$TARGETPLATFORM/*" /app/gitea/
# unsure it it's better to just use 2 copys and bring it to the correct place
# or ln -s (had mixed results usually ln -s makes a smaller end result)
RUN ln -s /app/gitea/environment-to-ini /usr/local/bin/environment-to-ini