repos/pypilot
4
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 11 Activity

feat(repo): migrate to Gitea (#300)

Browse Source 
Reviewed-on: public/pypilot#300
This commit is contained in:
Luke Tainton
2025-01-17 00:30:00 +01:00
parent e78bc2db78
commit 4f78024645
36 changed files with 944 additions and 1001 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitea/CODEOWNERS Normal file
View File

@ -0,0 +1 @@
* @luke

70
.gitea/workflows/ci.yml Normal file
View File

@ -0,0 +1,70 @@
name: CI
on:
pull_request:
types:
- opened
- edited
- synchronize
- reopened
jobs:
ci:
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v4.2.2
with:
fetch-depth: 0
- name: Run Hadolint
uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: Dockerfile
output-file: hadolint.out
format: sonarqube
no-fail: true
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: 3.13
- name: uv cache
uses: actions/cache@v4
with:
path: /tmp/.uv-cache
key: uv-${{ runner.os }}-${{ hashFiles('uv.lock') }}
restore-keys: |
uv-${{ runner.os }}-${{ hashFiles('uv.lock') }}
uv-${{ runner.os }}
- name: Install dependencies
run: uv sync
- name: Lint
run: |
uv run pylint --fail-under=8 --recursive=yes --output-format=parseable --output=lintreport.txt app/ tests/
cat lintreport.txt
- name: Unit Test
run: |
uv run coverage run -m pytest -v --junitxml=testresults.xml
uv run coverage xml
sed -i 's@${{ gitea.workspace }}@/github/workspace@g' coverage.xml
- name: Minimize uv cache
run: uv cache prune --ci
- name: SonarQube Cloud Scan
uses: SonarSource/sonarqube-scan-action@v4.2.1
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Snyk Vulnerability Scan
uses: snyk/actions/python@master
continue-on-error: true # Sometimes vulns aren't immediately fixable
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
command: snyk
args: test --all-projects

17
.gitea/workflows/conventional-commit.yml Normal file
View File

@ -0,0 +1,17 @@
name: Conventional Commit
on:
pull_request:
types:
- opened
- edited
- synchronize
- reopened
jobs:
validate_pr_title:
name: Validate PR Title
runs-on: ubuntu-latest
steps:
- uses: https://git.tainton.uk/actions/conventional-commits-check-action@v1.2.3
with:
commit-message: ${{ gitea.event.pull_request.title }}

169
.gitea/workflows/release.yml Normal file
View File

@ -0,0 +1,169 @@
name: Release
on:
workflow_dispatch:
schedule:
- cron: "0 9 * * 0"
jobs:
test:
name: Test
uses: ${{ gitea.server_url }}/${{ gitea.repository }}/.gitea/workflows/ci.yml@main
with:
python-version: 3.13
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
create_release:
name: Create Release
needs: test
uses: ${{ gitea.server_url }}/actions/gha-workflows/.gitea/workflows/create-release.yml@main
secrets:
ACTIONS_TOKEN: ${{ secrets.ACTIONS_TOKEN }}
print_release:
name: Print Release
runs-on: ubuntu-latest
needs: create_release
outputs:
releaseid: ${{ steps.getid.outputs.releaseid }}
steps:
- run: echo "Created release ${{ needs.create_release.outputs.release_name }}."
- name: Get Release ID
id: getid
run: |
rid=$(curl -s -X 'GET' \
-H 'accept: application/json'
'${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}/releases/latest' | jq -r '.[].id')
echo "releaseid=$rid" >> "$GITEA_OUTPUT"
build_whl:
name: Build Wheel File
needs: [create_release, print_release]
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v4.2.2
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.13"
- name: Setup Poetry
uses: abatilo/actions-poetry@v4
- name: Update pyproject.toml
run:
./tools/update_pyproject.sh ${{ needs.create_release.outputs.release_name }}
- name: Install dependencies
run: poetry install
- name: Build wheel file
run: poetry build
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: whl
path: dist/
- name: Upload Release Asset
run: |
for file in dist/*.whl; do
curl -s -X POST \
-H "Authorization: token ${{ secrets.ACTIONS_TOKEN }}" \
-H "Content-Type: multipart/form-data" \
-F "attachment=@${{ gitea.workspace }}/$file" \
"${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}/releases/${{ needs.print_release.outputs.releaseid }}"
done
publish_pypi:
name: Publish to PyPI
needs: build_whl
runs-on: ubuntu-latest
steps:
- name: Create dist folder
run: mkdir -p dist
- uses: actions/download-artifact@v4
with:
name: whl
path: dist
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
# user: ${{ vars.PYPI_USERNAME }}
user: __token__
password: ${{ secrets.PYPI_API_TOKEN }}
create_docker:
name: Publish Docker Images
runs-on: ubuntu-latest
needs: create_release
steps:
- name: Update Docker configuration
continue-on-error: true
run: |
mkdir -p /etc/default
mkdir -p /etc/docker
touch -a /etc/default/docker
touch -a /etc/docker/daemon.json
echo "DOCKER_OPTS=\"--insecure-registry ${{ vars.PACKAGES_REGISTRY_URL }}\"" >> /etc/default/docker
echo "{\"insecure-registries\": [\"${{ vars.PACKAGES_REGISTRY_URL }}\"]}" > /etc/docker/daemon.json
- name: Get repo name
id: split
run: echo "repo=${REPO##*/}" >> "$GITEA_OUTPUT"
env:
REPO: ${{ gitea.repository }}
- name: Check out repository
uses: actions/checkout@v4.2.2
with:
fetch-depth: 0
ref: ${{ needs.create_release.outputs.release_name }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Gitea Container Registry
uses: docker/login-action@v3
with:
registry: ${{ vars.PACKAGES_REGISTRY_URL }}
username: ${{ vars.ACTIONS_USERNAME }}
password: ${{ secrets.ACTIONS_TOKEN }}
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ vars.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
tags: type=semver,pattern=v{{version}},value=${{ needs.create_release.outputs.release_name }}
images: |
ghcr.io/${{ vars.GHCR_USERNAME }}/${{ steps.split.outputs.repo }}
${{ vars.PACKAGES_REGISTRY_URL }}/${{ gitea.repository }}
- name: Print metadata
run: |
printf "Annotations:\n${{ steps.meta.outputs.annotations }}"
echo ""
printf "Labels:\n${{ steps.meta.outputs.labels }}"
echo ""
printf "Tags:\n${{ steps.meta.outputs.tags }}"
- name: Build images
uses: docker/build-push-action@v6
with:
context: .
push: false
load: true
annotations: ${{ steps.meta.outputs.annotations }}
labels: ${{ steps.meta.outputs.labels }}
tags: ${{ steps.meta.outputs.tags }}
- name: Push images
run: |
strtags="${{ steps.meta.outputs.tags }}"
readarray -t lines <<<"$strtags"
for element in "${lines[@]}"; do docker push "$element"; done
unset strtags lines