diff --git a/.gitea/workflows/ci-cd.yml b/.gitea/workflows/ci-cd.yml
index a1f687e..7565900 100644
--- a/.gitea/workflows/ci-cd.yml
+++ b/.gitea/workflows/ci-cd.yml
@@ -6,45 +6,23 @@ on:
pull_request:
branches: [main]
-# Only one deploy at a time; a newer push cancels an in-progress one
concurrency:
group: meezi-cicd-${{ github.ref }}
cancel-in-progress: true
-# ─────────────────────────────────────────────────────────────────────────────
-# HOW THIS WORKS
-# ─────────────────────────────────────────────────────────────────────────────
-# Runner labels (in gitea docker-compose):
-# ubuntu-latest:docker://node:20-alpine ← CI jobs run in real Docker containers
-# self-hosted:host ← deploy runs directly on the server
-#
-# WHY we don't use actions/checkout@v4 in container jobs:
-# actions/checkout is a JS action — needs `node` in the container.
-# mcr.microsoft.com/dotnet/sdk → no Node.js → exit 127
-# node:20-alpine → no git → checkout fails
-# Fix: plain shell git clone via http.extraheader (token never in process list).
-#
-# Local mirrors — Nexus Repository Manager (docker-compose.mirror.yml):
-# "mirror" hostname → host-gateway (docker bridge IP 172.17.0.1)
-# NuGet → http://mirror:8081/repository/nuget-proxy/ (nuget.mirror.config)
-# npm → http://mirror:8081/repository/npm-proxy/ (--registry flag)
-# Docker → http://mirror:8083 (daemon.json registry-mirrors)
-# ─────────────────────────────────────────────────────────────────────────────
-
jobs:
- # ── Main API ────────────────────────────────────────────────────────────────
api-build:
name: "CI · API (dotnet build + test)"
runs-on: ubuntu-latest
container:
- image: mcr.microsoft.com/dotnet/sdk:10.0
+ image: 171.22.25.73:5002/dotnet/sdk:10.0
options: >-
--add-host=gitea:host-gateway
--add-host=mirror:host-gateway
services:
postgres:
- image: postgres:16-alpine
+ image: 171.22.25.73:5000/library/postgres:16-alpine
env:
POSTGRES_DB: meezi_test
POSTGRES_USER: meezi
@@ -55,7 +33,7 @@ jobs:
--health-timeout 5s
--health-retries 10
redis:
- image: redis:7-alpine
+ image: 171.22.25.73:5000/library/redis:7-alpine
options: >-
--health-cmd "redis-cli ping"
--health-interval 5s
@@ -73,19 +51,15 @@ jobs:
git fetch --depth=1 origin "${REF}"
git checkout FETCH_HEAD
+ - name: Write NuGet config
+ run: >-
+ python3 -c
+ "open('/tmp/nuget.ci.config','w').write('')"
+
- name: Restore
- run: |
- cat > /tmp/nuget.ci.config << 'EOF'
-
-
-
-
-
-
-
- EOF
- dotnet restore src/Meezi.API/Meezi.API.csproj --configfile /tmp/nuget.ci.config
+ run: dotnet restore src/Meezi.API/Meezi.API.csproj --configfile /tmp/nuget.ci.config
+ env:
+ DOTNET_CLI_TELEMETRY_OPTOUT: 1
- name: Build
run: dotnet build src/Meezi.API/Meezi.API.csproj --no-restore -c Release
@@ -96,12 +70,11 @@ jobs:
ConnectionStrings__DefaultConnection: "Host=postgres;Port=5432;Database=meezi_test;Username=meezi;Password=meezi_test_pass"
ConnectionStrings__Redis: "redis:6379"
- # ── Admin API ───────────────────────────────────────────────────────────────
admin-api-build:
name: "CI · Admin API (dotnet build)"
runs-on: ubuntu-latest
container:
- image: mcr.microsoft.com/dotnet/sdk:10.0
+ image: 171.22.25.73:5002/dotnet/sdk:10.0
options: >-
--add-host=gitea:host-gateway
--add-host=mirror:host-gateway
@@ -117,29 +90,24 @@ jobs:
git fetch --depth=1 origin "${REF}"
git checkout FETCH_HEAD
+ - name: Write NuGet config
+ run: >-
+ python3 -c
+ "open('/tmp/nuget.ci.config','w').write('')"
+
- name: Restore
- run: |
- cat > /tmp/nuget.ci.config << 'EOF'
-
-
-
-
-
-
-
- EOF
- dotnet restore src/Meezi.Admin.API/Meezi.Admin.API.csproj --configfile /tmp/nuget.ci.config
+ run: dotnet restore src/Meezi.Admin.API/Meezi.Admin.API.csproj --configfile /tmp/nuget.ci.config
+ env:
+ DOTNET_CLI_TELEMETRY_OPTOUT: 1
- name: Build
run: dotnet build src/Meezi.Admin.API/Meezi.Admin.API.csproj --no-restore -c Release
- # ── Dashboard ───────────────────────────────────────────────────────────────
dashboard-check:
name: "CI · Dashboard (tsc)"
runs-on: ubuntu-latest
container:
- image: node:20-alpine
+ image: 171.22.25.73:5000/library/node:20-alpine
options: >-
--add-host=gitea:host-gateway
--add-host=mirror:host-gateway
@@ -149,8 +117,6 @@ jobs:
TOKEN: ${{ github.token }}
SHA: ${{ github.sha }}
run: |
- # No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine.
- # Downloads the repo tarball directly from Gitea (same machine = instant).
wget -q \
--header "Authorization: Bearer ${TOKEN}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \
@@ -168,12 +134,11 @@ jobs:
env:
NEXT_PUBLIC_API_URL: http://localhost:5080
- # ── Admin Web ───────────────────────────────────────────────────────────────
admin-web-check:
name: "CI · Admin Web (tsc)"
runs-on: ubuntu-latest
container:
- image: node:20-alpine
+ image: 171.22.25.73:5000/library/node:20-alpine
options: >-
--add-host=gitea:host-gateway
--add-host=mirror:host-gateway
@@ -183,8 +148,6 @@ jobs:
TOKEN: ${{ github.token }}
SHA: ${{ github.sha }}
run: |
- # No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine.
- # Downloads the repo tarball directly from Gitea (same machine = instant).
wget -q \
--header "Authorization: Bearer ${TOKEN}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \
@@ -202,12 +165,11 @@ jobs:
env:
NEXT_PUBLIC_ADMIN_API_URL: http://localhost:5081
- # ── Website ─────────────────────────────────────────────────────────────────
website-check:
name: "CI · Website (tsc)"
runs-on: ubuntu-latest
container:
- image: node:20-alpine
+ image: 171.22.25.73:5000/library/node:20-alpine
options: >-
--add-host=gitea:host-gateway
--add-host=mirror:host-gateway
@@ -217,8 +179,6 @@ jobs:
TOKEN: ${{ github.token }}
SHA: ${{ github.sha }}
run: |
- # No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine.
- # Downloads the repo tarball directly from Gitea (same machine = instant).
wget -q \
--header "Authorization: Bearer ${TOKEN}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \
@@ -236,12 +196,11 @@ jobs:
env:
MEEZI_API_URL: http://localhost:5080
- # ── Finder ──────────────────────────────────────────────────────────────────
finder-check:
name: "CI · Finder (tsc)"
runs-on: ubuntu-latest
container:
- image: node:20-alpine
+ image: 171.22.25.73:5000/library/node:20-alpine
options: >-
--add-host=gitea:host-gateway
--add-host=mirror:host-gateway
@@ -251,8 +210,6 @@ jobs:
TOKEN: ${{ github.token }}
SHA: ${{ github.sha }}
run: |
- # No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine.
- # Downloads the repo tarball directly from Gitea (same machine = instant).
wget -q \
--header "Authorization: Bearer ${TOKEN}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \
@@ -270,11 +227,6 @@ jobs:
env:
NEXT_PUBLIC_API_URL: http://localhost:5080
-# ─────────────────────────────────────────────────────────────────────────────
-# DEPLOY — only on push to main, only if ALL CI jobs pass.
-# self-hosted:host — runs directly on your server where Docker is installed.
-# The runner itself (gitea/act_runner) has node+git, so actions/checkout works.
-# ─────────────────────────────────────────────────────────────────────────────
deploy:
name: "Deploy · all services"
runs-on: self-hosted