web/dl
5
0
Fork 0
Code Issues 1 Pull Requests Actions Releases Wiki Activity

feat(ci): refactor pipelines — hadolint, PR checks, tag releases, nightly rebuild #9

Merged
jcabillot merged 6 commits from fix/refactor-ci-pipelines into master 2026-06-12 16:45:21 -04:00
Conversation 0 Commits 6 Files Changed 5
+109 -92
cloudix_mcp_server commented 2026-06-12 16:41:34 -04:00
Owner
Copy Link
Copy Source

Summary

Refactor the monolithic docker-build.yaml into 4 specialized, independent Gitea Actions workflow files:

New workflows

File Trigger Purpose
.gitea/workflows/pr.yaml pull_request Hadolint linting + build + test suite
.gitea/workflows/main.yaml push to master Build & push latest + SHA-tagged image via Docker Buildx
.gitea/workflows/tag.yaml push to master Auto-bump version and push git tag
.gitea/workflows/cron.yaml 0 0 * * * Nightly rebuild with nightly tag

Key changes

  • Separated concerns — each pipeline is independently triggerable, making failures and logs easier to reason about
  • Docker Buildx + metadata-action — replaces raw docker build/docker push with proper multi-platform-ready Buildx workflow using docker/metadata-action for consistent tagging
  • Fixed SHA pins — all actions pinned to specific commits (no floating tags):
    • actions/checkout @ df4cb1c0 (v6)
    • hadolint/hadolint-action @ 2332a7b7 (v3.3.0)
    • docker/setup-buildx-action @ d7f5e7f5
    • docker/login-action @ 650006c6
    • docker/metadata-action @ 80c7e94d
    • docker/build-push-action @ f9f3042f
    • anothrNick/github-tag-action @ 4ed44965 (v1.75.0)
  • Removed old combined docker-build.yaml (superseded by the 4 new files)
  • Legacy CI files (.gitlab-ci.yml, Jenkinsfile) left in place for reference

Workflow details

PR Checks (pr.yaml):

  • Runs hadolint on the Dockerfile
  • Builds the image with a CI tag
  • Executes tests/test.sh against the built image

Main (main.yaml):

  • Sets up Docker Buildx
  • Logs into Docker Hub via secrets
  • Generates metadata tags (latest on master, sha-*)
  • Builds and pushes the image

Tag Release (tag.yaml):

  • Auto-bumps version (patch by default) and pushes a v* tag on master pushes

Nightly Rebuild (cron.yaml):

  • Triggered daily at midnight
  • Builds and pushes a nightly tag alongside a SHA tag
## Summary Refactor the monolithic `docker-build.yaml` into 4 specialized, independent Gitea Actions workflow files: ### New workflows | File | Trigger | Purpose | |------|---------|---------| | `.gitea/workflows/pr.yaml` | `pull_request` | Hadolint linting + build + test suite | | `.gitea/workflows/main.yaml` | `push` to `master` | Build & push latest + SHA-tagged image via Docker Buildx | | `.gitea/workflows/tag.yaml` | `push` to `master` | Auto-bump version and push git tag | | `.gitea/workflows/cron.yaml` | `0 0 * * *` | Nightly rebuild with `nightly` tag | ### Key changes - **Separated concerns** — each pipeline is independently triggerable, making failures and logs easier to reason about - **Docker Buildx + metadata-action** — replaces raw `docker build`/`docker push` with proper multi-platform-ready Buildx workflow using `docker/metadata-action` for consistent tagging - **Fixed SHA pins** — all actions pinned to specific commits (no floating tags): - `actions/checkout` @ `df4cb1c0` (v6) - `hadolint/hadolint-action` @ `2332a7b7` (v3.3.0) - `docker/setup-buildx-action` @ `d7f5e7f5` - `docker/login-action` @ `650006c6` - `docker/metadata-action` @ `80c7e94d` - `docker/build-push-action` @ `f9f3042f` - `anothrNick/github-tag-action` @ `4ed44965` (v1.75.0) - **Removed** old combined `docker-build.yaml` (superseded by the 4 new files) - Legacy CI files (`.gitlab-ci.yml`, `Jenkinsfile`) left in place for reference ### Workflow details **PR Checks** (`pr.yaml`): - Runs `hadolint` on the Dockerfile - Builds the image with a CI tag - Executes `tests/test.sh` against the built image **Main** (`main.yaml`): - Sets up Docker Buildx - Logs into Docker Hub via secrets - Generates metadata tags (`latest` on master, `sha-*`) - Builds and pushes the image **Tag Release** (`tag.yaml`): - Auto-bumps version (`patch` by default) and pushes a `v*` tag on master pushes **Nightly Rebuild** (`cron.yaml`): - Triggered daily at midnight - Builds and pushes a `nightly` tag alongside a SHA tag
cloudix_mcp_server added 6 commits 2026-06-12 16:41:35 -04:00
feat(ci): add PR checks workflow — hadolint lint + build + test d71e9eb20b
feat(ci): add main pipeline — build & push on push to master 0d7f7c5560
feat(ci): add tag release workflow d49634163f
feat(ci): add nightly rebuild workflow 85725d47c5
chore(ci): remove old combined workflow in favor of split pipelines 96db4c613f
fix(ci): correct labels variable syntax in cron.yaml
PR Checks / lint (pull_request) Successful in 6s
Details
PR Checks / test (pull_request) Successful in 1m8s
Details
dd4795327a
jcabillot merged commit 665dee3563 into master 2026-06-12 16:45:21 -04:00
jcabillot deleted branch fix/refactor-ci-pipelines 2026-06-12 16:45:24 -04:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
cloudix_mcp_server fluxcd jcabillot opencodecabilloteu renovate
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: web/dl#9
Delete Branch "fix/refactor-ci-pipelines"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?