Merge pull request 'feat(ci): refactor pipelines — hadolint, PR checks, tag releases, nightly rebuild' (#11 ) from fix/refactor-ci-pipelines into master

Reviewed-on: #11
chore(ci): remove workflows from .forgejo/workflows
2026-06-12 16:18:16 -04:00 · 2026-06-12 16:15:32 -04:00 · 2026-06-12 16:15:29 -04:00 · 2026-06-12 16:15:23 -04:00 · 2026-06-12 16:15:20 -04:00 · 2026-06-12 16:15:08 -04:00
5 changed files with 155 additions and 71 deletions
@@ -0,0 +1,42 @@
+name: Nightly Rebuild
+on:
+  schedule:
+    - cron: '0 0 * * *'
+jobs:
+  hadolint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0
+        continue-on-error: true
+        with:
+          dockerfile: Dockerfile
+  build-push:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+        with:
+          fetch-depth: 0
+      - uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
+      - uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - id: get-latest-tag
+        run: |
+          TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "")
+          echo "tag=$TAG" >> $GITHUB_OUTPUT
+      - id: meta
+        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6
+        with:
+          images: jcabillot/cipherscan
+          tags: |
+            type=raw,value=latest
+            type=raw,value=${{ steps.get-latest-tag.outputs.tag }},enable=${{ steps.get-latest-tag.outputs.tag != '' }}
+      - uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          pull: true
@@ -1,71 +0,0 @@
-name: Docker Build and Push
-
-on:
-  pull_request:
-  push:
-    branches: [master]
-  schedule:
-    - cron: '30 3 * * 3'
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
-      - name: Hadolint
-        uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0
-
-  build:
-    runs-on: ubuntu-latest
-    needs: lint
-    steps:
-      - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
-      - name: Build image
-        run: docker build -t ci-image:${{ github.sha }} .
-      - name: Save image
-        run: docker save ci-image:${{ github.sha }} > image.tar
-      - name: Upload artifact
-        uses: ChristopherHX/gitea-upload-artifact@62ac910c5d3dfa85c7cb2df15afe2e342b2407c2 # main
-        with:
-          name: docker-image
-          path: image.tar
-
-  test:
-    runs-on: ubuntu-latest
-    needs: build
-    steps:
-      - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
-      - name: Download artifact
-        uses: ChristopherHX/gitea-download-artifact@75635f32b4c1c41c4b3d64e8f85210112ed4c9c7 # main
-        with:
-          name: docker-image
-      - name: Load image
-        run: docker load < image.tar
-      - name: Run tests
-        run: bash tests/test.sh ci-image:${{ github.sha }}
-
-  push:
-    runs-on: ubuntu-latest
-    if: github.event_name != 'pull_request'
-    needs: test
-    steps:
-      - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
-      - name: Download artifact
-        uses: ChristopherHX/gitea-download-artifact@75635f32b4c1c41c4b3d64e8f85210112ed4c9c7 # main
-        with:
-          name: docker-image
-      - name: Load image
-        run: docker load < image.tar
-      - name: Login to Docker Hub
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Tag and push
-        run: |
-          docker tag ci-image:${{ github.sha }} jcabillot/cipherscan:latest
-          docker push jcabillot/cipherscan:latest
@@ -0,0 +1,58 @@
+name: Main Release
+on:
+  push:
+    branches: [master]
+jobs:
+  hadolint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0
+        continue-on-error: true
+        with:
+          dockerfile: Dockerfile
+  build-push:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
+      - uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - id: meta
+        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6
+        with:
+          images: jcabillot/cipherscan
+          tags: |
+            type=raw,value=latest
+      - uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          pull: true
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
+      - run: docker build -t ci-image:${{ github.sha }} .
+      - run: bash tests/test.sh ci-image:${{ github.sha }}
+  tag:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+        with:
+          fetch-depth: 0
+      - name: Configure git auth
+        run: |
+          git remote set-url origin "https://x-access-token:${{ secrets.GITHUB_TOKEN }}@scm.cabillot.eu/perso/cipherscan.git"
+      - uses: anothrNick/github-tag-action@4ed44965e0db8dab2b466a16da04aec3cc312fd8 # v1.75.0
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          DEFAULT_BUMP: patch
+          RELEASE_BRANCHES: master
+          WITH_V: true
+          GIT_API_TAGGING: false
@@ -0,0 +1,20 @@
+name: PR Checks
+on:
+  pull_request:
+    branches: [master]
+jobs:
+  hadolint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0
+        continue-on-error: true
+        with:
+          dockerfile: Dockerfile
+  build-test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
+      - run: docker build -t ci-image:${{ github.sha }} .
+      - run: bash tests/test.sh ci-image:${{ github.sha }}
@@ -0,0 +1,35 @@
+name: Tag Release
+on:
+  push:
+    tags: ['*']
+jobs:
+  hadolint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0
+        continue-on-error: true
+        with:
+          dockerfile: Dockerfile
+  build-push:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
+      - uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - id: meta
+        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6
+        with:
+          images: jcabillot/cipherscan
+          tags: |
+            type=ref,event=tag
+      - uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          pull: true
Author	SHA1	Message	Date
jcabillot	41237fed5e	Merge pull request 'feat(ci): refactor pipelines — hadolint, PR checks, tag releases, nightly rebuild' (#11 ) from fix/refactor-ci-pipelines into master Main Release / hadolint (push) Successful in 7s Details Main Release / test (push) Successful in 13s Details Main Release / tag (push) Successful in 16s Details Main Release / build-push (push) Successful in 1m36s Details Reviewed-on: #11	2026-06-12 16:18:16 -04:00
cloudix_mcp_server	de092a9212	chore(ci): remove workflows from .forgejo/workflows PR Checks / hadolint (pull_request) Successful in 6s Details PR Checks / build-test (pull_request) Successful in 13s Details	2026-06-12 16:15:32 -04:00
cloudix_mcp_server	a5e2b98660	chore(ci): remove workflows from .forgejo/workflows	2026-06-12 16:15:29 -04:00
cloudix_mcp_server	33666c5e19	chore(ci): remove workflows from .forgejo/workflows PR Checks / hadolint (pull_request) Successful in 7s Details PR Checks / build-test (pull_request) Successful in 14s Details	2026-06-12 16:15:23 -04:00
cloudix_mcp_server	c933607153	chore(ci): remove workflows from .forgejo/workflows (using .gitea/workflows instead) PR Checks / hadolint (pull_request) Successful in 7s Details PR Checks / build-test (pull_request) Successful in 14s Details	2026-06-12 16:15:20 -04:00
cloudix_mcp_server	8cc464e912	feat(ci): add nightly rebuild workflow to .gitea/workflows PR Checks / build-test (pull_request) Successful in 1m10s Details PR Checks / hadolint (pull_request) Successful in 8s Details	2026-06-12 16:15:08 -04:00
cloudix_mcp_server	0ca56d600b	feat(ci): add tag release workflow to .gitea/workflows PR Checks / hadolint (pull_request) Successful in 5s Details PR Checks / build-test (pull_request) Successful in 15s Details	2026-06-12 16:15:01 -04:00
cloudix_mcp_server	1bc33752ea	feat(ci): add main release workflow to .gitea/workflows	2026-06-12 16:14:55 -04:00
cloudix_mcp_server	a895fd1b89	feat(ci): add PR checks workflow to .gitea/workflows PR Checks / hadolint (pull_request) Successful in 9s Details PR Checks / build-test (pull_request) Successful in 1m16s Details	2026-06-12 16:14:52 -04:00
cloudix_mcp_server	3ed62439a9	chore(ci): force CI re-trigger	2026-06-12 16:12:26 -04:00
cloudix_mcp_server	aef8753e44	chore(ci): remove stale workflow files from .gitea/workflows	2026-06-12 16:09:20 -04:00
cloudix_mcp_server	886ac56bdf	chore(ci): remove stale workflow files from .gitea/workflows	2026-06-12 16:09:15 -04:00
cloudix_mcp_server	0ee799e27f	chore(ci): remove stale workflow files from .gitea/workflows	2026-06-12 16:09:12 -04:00
cloudix_mcp_server	35ddb9eb4d	chore(ci): remove stale workflow files from .gitea/workflows	2026-06-12 16:09:05 -04:00
cloudix_mcp_server	abb697e67d	feat(ci): add nightly rebuild workflow PR Checks / hadolint (pull_request) Failing after 2s Details PR Checks / build-test (pull_request) Failing after 2s Details	2026-06-12 16:08:02 -04:00
cloudix_mcp_server	6647757813	feat(ci): add tag release workflow PR Checks / build-test (pull_request) Failing after 2s Details PR Checks / hadolint (pull_request) Failing after 8s Details	2026-06-12 16:07:57 -04:00
cloudix_mcp_server	11d2e6596c	feat(ci): add main release workflow PR Checks / hadolint (pull_request) Failing after 1s Details PR Checks / build-test (pull_request) Failing after 2s Details	2026-06-12 16:07:50 -04:00
cloudix_mcp_server	a4519dbc04	feat(ci): add PR checks workflow PR Checks / build-test (pull_request) Failing after 7s Details PR Checks / hadolint (pull_request) Failing after 8s Details	2026-06-12 16:07:44 -04:00
cloudix_mcp_server	7fdbd1bffc	chore: remove old docker-build.yaml in favor of 4-workflow pipeline PR Checks / build-test (pull_request) Failing after 13s Details PR Checks / hadolint (pull_request) Failing after 11m10s Details	2026-06-12 15:33:26 -04:00
cloudix_mcp_server	354e0b9f8a	feat(ci): add nightly rebuild workflow	2026-06-12 15:33:15 -04:00
cloudix_mcp_server	2d27619355	feat(ci): add tag release workflow	2026-06-12 15:33:08 -04:00
cloudix_mcp_server	574a66691e	feat(ci): add PR checks workflow	2026-06-12 15:32:56 -04:00
cloudix_mcp_server	411f780f5e	feat(ci): add main release workflow	2026-06-12 15:32:48 -04:00
jcabillot	54eb8f5e5e	Merge pull request 'ci: add automatic semver tagging on merge to master' (#10 ) from feat/semver-tag-action into master Docker Build and Push / lint (push) Successful in 6s Details Docker Build and Push / build (push) Successful in 1m55s Details Docker Build and Push / test (push) Successful in 28s Details Docker Build and Push / push (push) Failing after 57s Details Reviewed-on: #10	2026-06-12 13:45:01 -04:00
cloudix_mcp_server	18ca0a4366	ci: add automatic semver tagging on merge to master Docker Build and Push / lint (pull_request) Successful in 7s Details Docker Build and Push / build (pull_request) Successful in 1m56s Details Docker Build and Push / test (pull_request) Successful in 34s Details Docker Build and Push / push (pull_request) Has been skipped Details	2026-06-12 13:16:47 -04:00