web/ip
5
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Releases Wiki Activity

Convert CI to standard htpasswd 4-workflow pattern (no artifact) #16

Merged
jcabillot merged 4 commits from fix/workflow-standard into master 2026-06-13 17:59:49 -04:00
Conversation 0 Commits 4 Files Changed 4
+108 -156
cloudix_mcp_server commented 2026-06-13 17:55:14 -04:00
Owner
Copy Link
Copy Source

Summary

Migrates the 4 Gitea Actions workflow files (cron.yaml, main.yaml, pr.yaml, tag.yaml) from the artifact upload/download pattern to the standard htpasswd 4-workflow pattern.

Changes

What was removed

  • docker save / docker load artifact tarball handoffs
  • ChristopherHX/gitea-upload-artifact action
  • ChristopherHX/gitea-download-artifact action
  • image.tar intermediate files
  • Manual docker tag + docker push shell commands

What was added

  • docker/setup-buildx-action — modern builder environment per job
  • docker/metadata-action — automatic tag generation
  • docker/build-push-action — combined build + push
  • docker/login-action — Docker Hub auth (cron.yaml, tag.yaml)
  • hadolint job with continue-on-error: true in cron.yaml, main.yaml, tag.yaml
  • Proper job dependency chain — no parallel gating on lint+build

Job chains per workflow

Workflow Old chain New chain
main.yaml lint→build→test→push (artifact handoff) hadolint→test→build→tag
cron.yaml build→test→push (artifact handoff) hadolint→test→build-push
pr.yaml lint→build→test (artifact handoff) hadolint→build-test
tag.yaml tag (bump only) hadolint→test→build-push

Preserved

  • Original cron schedule: 0 0 * * * (midnight daily)
  • Image name: jcabillot/ip
  • Test script: bash tests/test.sh ci-image:${{ github.sha }}
  • SA_TOKEN_ACTION_PUSH_TAGS secret for tag creation on Gitea

Migration notes

  • Each job now builds its own image — no cross-job artifact transfer
  • tag.yaml now triggers on tag push (tags: ['*']) instead of push to master
  • main.yaml uses anothrNick/github-tag-action with git auth for automatic semver tagging
  • cron.yaml nightly build tags with vX.Y.Z-latest via get-latest-tag step

Testing

  • Verify workflows run correctly on this branch before merging
  • Confirm SA_TOKEN_ACTION_PUSH_TAGS has write/push permissions on web/ip
## Summary Migrates the 4 Gitea Actions workflow files (cron.yaml, main.yaml, pr.yaml, tag.yaml) from the **artifact upload/download pattern** to the standard **htpasswd 4-workflow pattern**. ## Changes ### What was removed - `docker save` / `docker load` artifact tarball handoffs - `ChristopherHX/gitea-upload-artifact` action - `ChristopherHX/gitea-download-artifact` action - `image.tar` intermediate files - Manual `docker tag` + `docker push` shell commands ### What was added - **`docker/setup-buildx-action`** — modern builder environment per job - **`docker/metadata-action`** — automatic tag generation - **`docker/build-push-action`** — combined build + push - **`docker/login-action`** — Docker Hub auth (cron.yaml, tag.yaml) - **`hadolint`** job with `continue-on-error: true` in cron.yaml, main.yaml, tag.yaml - **Proper job dependency chain** — no parallel gating on lint+build ### Job chains per workflow | Workflow | Old chain | New chain | |---|---|---| | **main.yaml** | lint→build→test→push (artifact handoff) | hadolint→test→build→tag | | **cron.yaml** | build→test→push (artifact handoff) | hadolint→test→build-push | | **pr.yaml** | lint→build→test (artifact handoff) | hadolint→build-test | | **tag.yaml** | tag (bump only) | hadolint→test→build-push | ### Preserved - Original cron schedule: `0 0 * * *` (midnight daily) - Image name: `jcabillot/ip` - Test script: `bash tests/test.sh ci-image:${{ github.sha }}` - `SA_TOKEN_ACTION_PUSH_TAGS` secret for tag creation on Gitea ## Migration notes - Each job now builds its own image — no cross-job artifact transfer - `tag.yaml` now triggers on **tag push** (`tags: ['*']`) instead of push to master - `main.yaml` uses `anothrNick/github-tag-action` with git auth for automatic semver tagging - `cron.yaml` nightly build tags with `vX.Y.Z-latest` via `get-latest-tag` step ## Testing - [ ] Verify workflows run correctly on this branch before merging - [ ] Confirm `SA_TOKEN_ACTION_PUSH_TAGS` has write/push permissions on web/ip
cloudix_mcp_server added 4 commits 2026-06-13 17:55:15 -04:00
Convert main.yaml to standard htpasswd 4-workflow pattern (no artifact) 3c2d96a317 
Replace artifact upload/download with direct build per job using
setup-buildx-action. Chain: hadolint→test→build→tag.
Convert cron.yaml to standard htpasswd 4-workflow pattern (no artifact) 361c2c72be 
Preserve original schedule (0 0 * * *). Replace artifact upload/download
with setup-buildx + metadata-action + build-push-action chain.
Convert pr.yaml to standard htpasswd 4-workflow pattern (no artifact) 19b827a0a7 
Replace artifact upload/download with direct build per job.
Chain: hadolint→build-test.
Convert tag.yaml to standard htpasswd 4-workflow pattern (no artifact)
PR Checks / hadolint (pull_request) Successful in 6s
Details
PR Checks / build-test (pull_request) Successful in 14s
Details
a4a70f93da 
Replace artifact upload/download with direct build per job.
Trigger on tag push (v*). Chain: hadolint→test→build-push.
jcabillot merged commit 93df1d3f8d into master 2026-06-13 17:59:49 -04:00
jcabillot deleted branch fix/workflow-standard 2026-06-13 17:59:49 -04:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
cloudix_mcp_server fluxcd jcabillot opencodecabilloteu renovate
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: web/ip#16
Delete Branch "fix/workflow-standard"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?