ci: add image verification, YAML validation, and Telegram notifications
CI/CD / build-and-push (push) Failing after 4s
CI/CD / build-and-push (push) Failing after 4s
- Verify n8n image exists in Gitea registry via Docker API before updating manifest - Validate YAML of modified manifest after sed (python3 yaml.safe_load) - Notify Telegram on success/failure with job status (if: always()) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
chemavx
@@ -9,6 +9,7 @@ env:
|
|||||||
REGISTRY: gitea.gitea.svc.cluster.local:3000
|
REGISTRY: gitea.gitea.svc.cluster.local:3000
|
||||||
K8S_MANIFESTS_REPO: http://chemavx:${{ secrets.CI_TOKEN }}@gitea.gitea.svc.cluster.local:3000/chemavx/k8s-manifests.git
|
K8S_MANIFESTS_REPO: http://chemavx:${{ secrets.CI_TOKEN }}@gitea.gitea.svc.cluster.local:3000/chemavx/k8s-manifests.git
|
||||||
GIT_SSL_NO_VERIFY: "true"
|
GIT_SSL_NO_VERIFY: "true"
|
||||||
|
TELEGRAM_CHAT_ID: "5138407666"
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build-and-push:
|
build-and-push:
|
||||||
@@ -59,6 +60,19 @@ jobs:
|
|||||||
--push \
|
--push \
|
||||||
-f Dockerfile .
|
-f Dockerfile .
|
||||||
|
|
||||||
|
- name: Verify image in registry
|
||||||
|
run: |
|
||||||
|
TAG=${{ steps.tag.outputs.TAG }}
|
||||||
|
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" \
|
||||||
|
-u "chemavx:${{ secrets.CI_TOKEN }}" \
|
||||||
|
-H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
|
||||||
|
"http://gitea.gitea.svc.cluster.local:3000/v2/chemavx/n8n/manifests/${TAG}")
|
||||||
|
if [ "$HTTP_CODE" != "200" ]; then
|
||||||
|
echo "ERROR: chemavx/n8n:${TAG} not found in registry (HTTP $HTTP_CODE)"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo "OK: chemavx/n8n:${TAG} verified in registry"
|
||||||
|
|
||||||
- name: Update k8s manifests
|
- name: Update k8s manifests
|
||||||
run: |
|
run: |
|
||||||
TAG=${{ steps.tag.outputs.TAG }}
|
TAG=${{ steps.tag.outputs.TAG }}
|
||||||
@@ -74,6 +88,33 @@ jobs:
|
|||||||
sed -i "s|imagePullPolicy: Always|imagePullPolicy: IfNotPresent|g" \
|
sed -i "s|imagePullPolicy: Always|imagePullPolicy: IfNotPresent|g" \
|
||||||
n8n/deployment-n8n.yaml
|
n8n/deployment-n8n.yaml
|
||||||
|
|
||||||
|
python3 -c "
|
||||||
|
import yaml, sys
|
||||||
|
try:
|
||||||
|
yaml.safe_load(open('n8n/deployment-n8n.yaml'))
|
||||||
|
print('OK: n8n/deployment-n8n.yaml')
|
||||||
|
except yaml.YAMLError as e:
|
||||||
|
print('FAIL: n8n/deployment-n8n.yaml: ' + str(e), file=sys.stderr)
|
||||||
|
sys.exit(1)
|
||||||
|
"
|
||||||
|
|
||||||
git add n8n/deployment-n8n.yaml
|
git add n8n/deployment-n8n.yaml
|
||||||
git diff --cached --quiet || git commit -m "ci: update n8n image to ${TAG} [skip ci]"
|
git diff --cached --quiet || git commit -m "ci: update n8n image to ${TAG} [skip ci]"
|
||||||
git push
|
git push
|
||||||
|
|
||||||
|
- name: Notify Telegram
|
||||||
|
if: always()
|
||||||
|
env:
|
||||||
|
TAG: ${{ steps.tag.outputs.TAG }}
|
||||||
|
JOB_STATUS: ${{ job.status }}
|
||||||
|
TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_BOT_TOKEN }}
|
||||||
|
run: |
|
||||||
|
TAG="${TAG:-${GITHUB_SHA:0:8}}"
|
||||||
|
if [ "$JOB_STATUS" = "success" ]; then
|
||||||
|
MSG="✅ Deploy n8n:${TAG} completado"
|
||||||
|
else
|
||||||
|
MSG="❌ Deploy n8n:${TAG} fallido (status: ${JOB_STATUS})"
|
||||||
|
fi
|
||||||
|
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
|
||||||
|
-d "chat_id=${{ env.TELEGRAM_CHAT_ID }}" \
|
||||||
|
--data-urlencode "text=${MSG}"
|
||||||
|
|||||||
Reference in New Issue
Block a user