117 lines
3.9 KiB
YAML
117 lines
3.9 KiB
YAML
name: Talks slides — image & chart
|
||
|
||
# Déclenché uniquement si l’image Docker ou le chart Helm change (évite les builds sur contenu slides seul).
|
||
on:
|
||
push:
|
||
branches: [main, develop, cicd]
|
||
tags: ['v*']
|
||
paths:
|
||
- 'server/**'
|
||
- 'talks-slides-dist/**'
|
||
- '.gitea/workflows/**'
|
||
pull_request:
|
||
branches: [main, develop]
|
||
paths:
|
||
- 'server/**'
|
||
- 'talks-slides-dist/**'
|
||
- '.gitea/workflows/**'
|
||
|
||
env:
|
||
# GIT_DEFAULT_HASH: sha256
|
||
DOCKER_HOST: 'unix:///var/run/docker.sock'
|
||
DOCKER_CERT_PATH: '/certs/client'
|
||
IMAGE_REGISTRY: git.specificat.io
|
||
IMAGE_NAME: specificat.io/talks-slides
|
||
# Même registre OCI Helm que les autres charts (ex. knowledge-mcp).
|
||
HELM_OCI_REPOSITORY: oci://git.specificat.io/specificat.io
|
||
HELM_DIR: ./talks-slides-dist
|
||
|
||
jobs:
|
||
vars:
|
||
runs-on: ubuntu-latest
|
||
outputs:
|
||
version: ${{ steps.out.outputs.version }}
|
||
steps:
|
||
- id: out
|
||
env:
|
||
RUN_NUMBER: ${{ github.run_number }}
|
||
REF_NAME: ${{ github.ref_name }}
|
||
run: |
|
||
if [[ "${{ github.ref }}" == refs/tags/* ]]; then
|
||
echo "version=${REF_NAME#v}" >> $GITHUB_OUTPUT
|
||
else
|
||
echo "version=0.0.${RUN_NUMBER}" >> $GITHUB_OUTPUT
|
||
fi
|
||
|
||
build-image:
|
||
runs-on: ubuntu-latest
|
||
name: Build container image
|
||
needs: vars
|
||
steps:
|
||
- uses: actions/checkout@v4
|
||
with:
|
||
fetch-depth: 0
|
||
- uses: docker/setup-buildx-action@v3
|
||
- uses: docker/login-action@v3
|
||
if: github.event_name == 'push'
|
||
with:
|
||
registry: ${{ env.IMAGE_REGISTRY }}
|
||
username: ${{ secrets.CI_USER }}
|
||
password: ${{ secrets.CI_TOKEN }}
|
||
- name: Build and push image
|
||
if: github.event_name == 'push'
|
||
env:
|
||
VERSION: ${{ needs.vars.outputs.version }}
|
||
run: |
|
||
set -euo pipefail
|
||
IMAGE="${IMAGE_REGISTRY}/${IMAGE_NAME}:${VERSION}"
|
||
docker build -f server/Dockerfile -t "${IMAGE}" server/
|
||
docker push "${IMAGE}"
|
||
if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
|
||
docker tag "${IMAGE}" "${IMAGE_REGISTRY}/${IMAGE_NAME}:latest"
|
||
docker push "${IMAGE_REGISTRY}/${IMAGE_NAME}:latest"
|
||
fi
|
||
- name: Build image (PR, no push)
|
||
if: github.event_name == 'pull_request'
|
||
run: |
|
||
set -euo pipefail
|
||
docker build -f server/Dockerfile -t talks-slides:ci server/
|
||
|
||
helm:
|
||
runs-on: ubuntu-latest
|
||
name: Helm chart
|
||
needs: vars
|
||
steps:
|
||
- uses: actions/checkout@v4
|
||
- name: Install Helm
|
||
run: |
|
||
set -euo pipefail
|
||
curl -fsSL -o helm.tgz --user "${{ secrets.CI_USER }}:${{ secrets.CI_TOKEN }}" \
|
||
"https://git.specificat.io/api/packages/Specificat.io/generic/helm/4.1.1/helm-v4.1.1-linux-amd64.tar.gz"
|
||
tar -xzf helm.tgz
|
||
sudo mv linux-amd64/helm /usr/local/bin/helm
|
||
helm version
|
||
# Chart publié avec le même tag que l’image (évite latest / oubli de --set au déploiement).
|
||
- name: Aligner slides.image.tag sur la version build
|
||
env:
|
||
VERSION: ${{ needs.vars.outputs.version }}
|
||
run: |
|
||
set -euo pipefail
|
||
f="${HELM_DIR}/values.yaml"
|
||
sed -i 's|^ tag: ".*"| tag: "'"${VERSION}"'"|' "$f"
|
||
grep -E '^ tag:' "$f" || true
|
||
- name: Helm lint & template
|
||
run: |
|
||
set -euo pipefail
|
||
helm lint "${HELM_DIR}"
|
||
helm template talks-slides "${HELM_DIR}"
|
||
- name: Package and push chart (OCI)
|
||
if: github.event_name == 'push'
|
||
env:
|
||
VERSION: ${{ needs.vars.outputs.version }}
|
||
run: |
|
||
set -euo pipefail
|
||
helm package "${HELM_DIR}" --version "${VERSION}" --app-version "${VERSION}"
|
||
helm registry login "${IMAGE_REGISTRY}" -u "${{ secrets.CI_USER }}" -p "${{ secrets.CI_TOKEN }}"
|
||
helm push "talks-slides-chart-${VERSION}.tgz" "${HELM_OCI_REPOSITORY}"
|