.gitea/workflows/ci.yml

@@ -8,64 +8,15 @@ on:
       - reopened
 
 jobs:
+  validate_pr_title:
+    uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/conventional-commit.yml@main
+    with:
+      commit_message: ${{ gitea.event.pull_request.title }}
+
   ci:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v4.2.2
+    uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/ci-python-uv-with-docker.yml@main
     with:
-          fetch-depth: 0
-
-      - name: Run Hadolint
-        uses: hadolint/hadolint-action@v3.1.0
-        with:
-          dockerfile: Dockerfile
-          output-file: hadolint.out
-          format: sonarqube
-          no-fail: true
-
-      - name: Setup Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.13"
-
-      - name: uv cache
-        uses: actions/cache@v4
-        with:
-          path: /tmp/.uv-cache
-          key: uv-${{ runner.os }}-${{ hashFiles('uv.lock') }}
-          restore-keys: |
-            uv-${{ runner.os }}-${{ hashFiles('uv.lock') }}
-            uv-${{ runner.os }}
-
-      - name: Install dependencies
-        run: uv sync
-
-      - name: Lint
-        run: |
-          uv run pylint --fail-under=8 --recursive=yes --output-format=parseable --output=lintreport.txt app/ tests/
-          cat lintreport.txt
-
-      - name: Unit Test
-        run: |
-          uv run coverage run -m pytest -v --junitxml=testresults.xml
-          uv run coverage xml
-          sed -i 's@${{ gitea.workspace }}@/github/workspace@g' coverage.xml
-
-      - name: Minimize uv cache
-        run: uv cache prune --ci
-
-      - name: SonarQube Scan
-        uses: SonarSource/sonarqube-scan-action@v4.2.1
-        env:
-          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
-          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
-
-      - name: Snyk Vulnerability Scan
-        uses: snyk/actions/python@master
-        continue-on-error: true # Sometimes vulns aren't immediately fixable
-        env:
+      python-version: 3.13
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
       SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          command: snyk
-          args: test --all-projects

.gitea/workflows/conventional_commit.yml

@@ -1,16 +0,0 @@
-name: Validate PR Title
-on:
-  pull_request:
-    types:
-      - opened
-      - edited
-      - synchronize
-      - reopened
-
-jobs:
-  validate:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: https://git.tainton.uk/actions/conventional-commits-check-action@v1.2.4
-        with:
-          commit-message: ${{ gitea.event.pull_request.title }}

.gitea/workflows/release.yml

@@ -7,12 +7,11 @@ on:
 jobs:
   test:
     name: Test
-    uses: https://git.tainton.uk/repos/roboluke-tasks/.gitea/workflows/ci.yml@main
+    uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/ci-python-uv-with-docker.yml@main
     with:
       python-version: 3.13
     secrets:
-      SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
-      SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
       SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
   create_release:

.gitea/workflows/snyk.yml

@@ -1,24 +0,0 @@
-name: Snyk
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - main
-  schedule:
-    - cron: "@daily"
-
-jobs:
-  security:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@v4.2.2
-
-      - name: Snyk
-        uses: snyk/actions/python@master
-        continue-on-error: true
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          command: monitor

sonar-project.properties

@@ -1,5 +1,7 @@
-sonar.projectKey=roboluke
-sonar.projectName=roboluke
+sonar.organization=luketainton
+sonar.projectKey=luketainton_roboluke-tasks2
+sonar.projectName=roboluke-tasks
+sonar.projectVersion=1.0
 sonar.python.version=3.13
 sonar.python.coverage.reportPaths=coverage.xml
 sonar.python.pylint.reportPaths=lintreport.txt