chemavx/researchowl
1
0
Fork 0
Code Issues Pull Requests 4 Actions Packages Projects Releases Wiki Activity
Files
main
researchowl/.gitea/workflows/build.yml
T
ChemaVX 8c259b2b2e
Build & Deploy ResearchOwl / build-and-push (push) Successful in 5s
Details
ci: clean ci-builder before create to prevent stale BuildKit state
2026-05-04 11:09:56 +00:00

129 lines
4.4 KiB
YAML
Raw Permalink Blame History

name: Build & Deploy ResearchOwl
on:
push:
branches:
- main
env:
REGISTRY: gitea.gitea.svc.cluster.local:3000
K8S_MANIFESTS_REPO: http://chemavx:${{ secrets.CI_TOKEN }}@gitea.gitea.svc.cluster.local:3000/chemavx/k8s-manifests.git
GIT_SSL_NO_VERIFY: "true"
TELEGRAM_CHAT_ID: "5138407666"
jobs:
build-and-push:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ssl-verify: false
- name: Set image tag
id: tag
run: echo "TAG=${GITHUB_SHA::8}" >> $GITHUB_OUTPUT
- name: Log in to registry
run: echo "${{ secrets.CI_TOKEN }}" | docker login gitea.gitea.svc.cluster.local:3000 -u chemavx --password-stdin
- name: Clean previous buildx builder
run: docker buildx rm ci-builder 2>/dev/null || true
- name: Create buildx builder
run: |
cat > /tmp/buildkitd.toml << 'EOF'
[registry."registry-cache.registry-cache.svc.cluster.local:5000"]
http = true
insecure = true
[registry."gitea.gitea.svc.cluster.local:3000"]
http = true
insecure = true
[registry."docker.io"]
mirrors = ["registry-cache.registry-cache.svc.cluster.local:5000"]
EOF
docker buildx create \
--name ci-builder \
--driver docker-container \
--driver-opt network=host \
--config /tmp/buildkitd.toml \
--use
docker buildx inspect --bootstrap
- name: Build and push image
run: |
TAG=${{ steps.tag.outputs.TAG }}
docker buildx build \
--builder ci-builder \
--cache-from type=registry,ref=gitea.gitea.svc.cluster.local:3000/chemavx/researchowl:buildcache \
--cache-to type=registry,ref=gitea.gitea.svc.cluster.local:3000/chemavx/researchowl:buildcache,mode=max \
-t gitea.gitea.svc.cluster.local:3000/chemavx/researchowl:${TAG} \
--push \
-f Dockerfile .
- name: Verify image in registry
run: |
TAG=${{ steps.tag.outputs.TAG }}
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" \
-u "chemavx:${{ secrets.CI_TOKEN }}" \
-H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
"http://gitea.gitea.svc.cluster.local:3000/v2/chemavx/researchowl/manifests/${TAG}")
if [ "$HTTP_CODE" != "200" ]; then
echo "ERROR: chemavx/researchowl:${TAG} not found in registry (HTTP $HTTP_CODE)"
exit 1
fi
echo "OK: chemavx/researchowl:${TAG} verified in registry"
- name: Update k8s manifests
run: |
pip3 install pyyaml -q
TAG=${{ steps.tag.outputs.TAG }}
git config --global user.email "ci@git.chemavx.xyz"
git config --global user.name "Gitea CI"
git clone ${{ env.K8S_MANIFESTS_REPO }} /tmp/k8s-manifests
cd /tmp/k8s-manifests
sed -i "s|image: .*researchowl:.*|image: git.chemavx.xyz/chemavx/researchowl:${TAG}|g" \
researchowl/deployment.yaml
sed -i "s|imagePullPolicy: Never|imagePullPolicy: Always|g" \
researchowl/deployment.yaml
python3 -c "
import yaml, sys
f = 'researchowl/deployment.yaml'
try:
list(yaml.safe_load_all(open(f)))
print('OK: ' + f)
except yaml.YAMLError as e:
print('FAIL: ' + f + ': ' + str(e), file=sys.stderr)
sys.exit(1)
"
git add researchowl/deployment.yaml
git diff --cached --quiet || git commit -m "ci: update researchowl image to ${TAG} [skip ci]"
git push
- name: Notify Telegram
if: always()
env:
TAG: ${{ steps.tag.outputs.TAG }}
JOB_STATUS: ${{ job.status }}
TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_BOT_TOKEN }}
run: |
TAG="${TAG:-${GITHUB_SHA:0:8}}"
if [ "$JOB_STATUS" = "success" ]; then
MSG="✅ Deploy researchowl:${TAG} completado"
else
MSG="❌ Deploy researchowl:${TAG} fallido (status: ${JOB_STATUS})"
fi
if [ -n "${TELEGRAM_TOKEN}" ]; then
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
-d "chat_id=${{ env.TELEGRAM_CHAT_ID }}" \
--data-urlencode "text=${MSG}"
fi
Reference in New Issue View Git Blame Copy Permalink