devteam/sharenet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make docker compose .ymls consistent with ci workflow
Some checks are pending
CI/CD Pipeline (Fully Isolated DinD) / Run Tests (DinD) (push) Waiting to run
Details
CI/CD Pipeline (Fully Isolated DinD) / Build and Push Docker Images (DinD) (push) Blocked by required conditions
Details
CI/CD Pipeline (Fully Isolated DinD) / Deploy to Production (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
continuist 2025-07-05 01:57:33 -04:00
parent f37825f845
commit bbfd03e9fd
3 changed files with 19 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
.forgejo/workflows/ci.yml
View file

@ -7,7 +7,7 @@ on:
branches: [ main ] branches: [ main ]
env: env:
REGISTRY: ${{ secrets.CI_HOST }}:80 REGISTRY: ${{ secrets.CI_HOST }}:443
IMAGE_NAME: ${{ secrets.APP_NAME || 'sharenet' }} IMAGE_NAME: ${{ secrets.APP_NAME || 'sharenet' }}
jobs: jobs:
@ -40,10 +40,11 @@ jobs:
# Copy Harbor certificate to DinD container # Copy Harbor certificate to DinD container
docker cp /etc/ssl/registry/registry.crt ci-dind:/usr/local/share/ca-certificates/ docker cp /etc/ssl/registry/registry.crt ci-dind:/usr/local/share/ca-certificates/
docker exec ci-dind chown root:root /usr/local/share/ca-certificates/registry.crt
docker exec ci-dind update-ca-certificates docker exec ci-dind update-ca-certificates
# Login to Harbor registry # Login to Harbor registry (using HTTPS port 443)
echo "${{ secrets.HARBOR_CI_PASSWORD }}" | docker exec -i ci-dind docker login ${{ secrets.CI_HOST }}:80 -u ${{ secrets.HARBOR_CI_USER }} --password-stdin echo "${{ secrets.HARBOR_CI_PASSWORD }}" | docker exec -i ci-dind docker login ${{ secrets.CI_HOST }}:443 -u ${{ secrets.HARBOR_CI_USER }} --password-stdin
echo "DinD container setup complete" echo "DinD container setup complete"
else else
@ -54,6 +55,12 @@ jobs:
- name: Setup Containerized Testing Environment - name: Setup Containerized Testing Environment
run: | run: |
# Copy docker-compose.test.yml to DinD container
docker cp docker-compose.test.yml ci-dind:/workspace/
docker cp backend ci-dind:/workspace/
docker cp frontend ci-dind:/workspace/
docker cp scripts ci-dind:/workspace/
# Start testing environment using dedicated compose file inside DinD # Start testing environment using dedicated compose file inside DinD
docker exec ci-dind docker compose -f /workspace/docker-compose.test.yml up -d docker exec ci-dind docker compose -f /workspace/docker-compose.test.yml up -d
@ -186,7 +193,7 @@ jobs:
run: | run: |
# Create environment file for this deployment # Create environment file for this deployment
echo "IMAGE_TAG=${{ github.sha }}" > .env echo "IMAGE_TAG=${{ github.sha }}" > .env
echo "REGISTRY=${{ secrets.CI_HOST }}:5000" >> .env echo "REGISTRY=${{ secrets.CI_HOST }}:443" >> .env
echo "IMAGE_NAME=${{ secrets.APP_NAME || 'sharenet' }}" >> .env echo "IMAGE_NAME=${{ secrets.APP_NAME || 'sharenet' }}" >> .env
echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD || 'your_secure_password_here' }}" >> .env echo "POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD || 'your_secure_password_here' }}" >> .env
echo "POSTGRES_USER=${{ secrets.POSTGRES_USER || 'sharenet' }}" >> .env echo "POSTGRES_USER=${{ secrets.POSTGRES_USER || 'sharenet' }}" >> .env
@ -200,9 +207,9 @@ jobs:
- name: Configure Docker for Harbor access - name: Configure Docker for Harbor access
run: | run: |
# Configure Docker to access Harbor registry on CI Linode # Configure Docker to access Harbor registry on CI Linode (using HTTPS)
echo '{"insecure-registries": ["${{ secrets.CI_HOST }}:80"]}' | sudo tee /etc/docker/daemon.json # The Harbor certificate should already be installed on the production server
sudo systemctl restart docker # as described in the CI guide Step 13
# Wait for Docker to be ready # Wait for Docker to be ready
timeout 30 bash -c 'until docker info; do sleep 1; done' timeout 30 bash -c 'until docker info; do sleep 1; done'

1
docker-compose.prod.yml
View file

@ -67,6 +67,7 @@ services:
- "443:443" - "443:443"
volumes: volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
# SSL certificates directory (optional - create nginx/ssl/ for SSL support)
- ./nginx/ssl:/etc/nginx/ssl:ro - ./nginx/ssl:/etc/nginx/ssl:ro
depends_on: depends_on:
- frontend - frontend

30
docker-compose.test.yml
View file

@ -1,26 +1,6 @@
version: '3.8' version: '3.8'
services: services:
# DinD container for isolated Docker operations
dind:
image: docker:dind
container_name: ci-cd-test-dind
privileged: true
restart: unless-stopped
environment:
DOCKER_TLS_CERTDIR: ""
ports:
- "2375:2375"
volumes:
- /var/lib/docker
healthcheck:
test: ["CMD", "docker", "version"]
interval: 10s
timeout: 5s
retries: 5
networks:
- ci-cd-test-network
# PostgreSQL for testing # PostgreSQL for testing
postgres: postgres:
image: postgres:15-alpine image: postgres:15-alpine
@ -46,12 +26,9 @@ services:
container_name: ci-cd-test-rust container_name: ci-cd-test-rust
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- ./backend:/workspace/backend - /workspace/backend:/workspace/backend
- /var/run/docker.sock:/var/run/docker.sock
working_dir: /workspace/backend working_dir: /workspace/backend
depends_on: depends_on:
dind:
condition: service_healthy
postgres: postgres:
condition: service_healthy condition: service_healthy
networks: networks:
@ -64,11 +41,10 @@ services:
container_name: ci-cd-test-node container_name: ci-cd-test-node
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- ./frontend:/workspace/frontend - /workspace/frontend:/workspace/frontend
- /var/run/docker.sock:/var/run/docker.sock
working_dir: /workspace/frontend working_dir: /workspace/frontend
depends_on: depends_on:
dind: postgres:
condition: service_healthy condition: service_healthy
networks: networks:
- ci-cd-test-network - ci-cd-test-network