diff --git a/.gitea/workflows/ci-cd.yml b/.gitea/workflows/ci-cd.yml index a1f687e..3bf11da 100644 --- a/.gitea/workflows/ci-cd.yml +++ b/.gitea/workflows/ci-cd.yml @@ -6,7 +6,6 @@ on: pull_request: branches: [main] -# Only one deploy at a time; a newer push cancels an in-progress one concurrency: group: meezi-cicd-${{ github.ref }} cancel-in-progress: true @@ -18,17 +17,13 @@ concurrency: # ubuntu-latest:docker://node:20-alpine ← CI jobs run in real Docker containers # self-hosted:host ← deploy runs directly on the server # -# WHY we don't use actions/checkout@v4 in container jobs: -# actions/checkout is a JS action — needs `node` in the container. -# mcr.microsoft.com/dotnet/sdk → no Node.js → exit 127 -# node:20-alpine → no git → checkout fails -# Fix: plain shell git clone via http.extraheader (token never in process list). +# All images are pulled from local Nexus mirrors (fast, no internet): +# Docker Hub → http://171.22.25.73:5000 (docker-hub-proxy repo) +# MCR → http://171.22.25.73:5002 (mcr-proxy repo) # -# Local mirrors — Nexus Repository Manager (docker-compose.mirror.yml): -# "mirror" hostname → host-gateway (docker bridge IP 172.17.0.1) -# NuGet → http://mirror:8081/repository/nuget-proxy/ (nuget.mirror.config) -# npm → http://mirror:8081/repository/npm-proxy/ (--registry flag) -# Docker → http://mirror:8083 (daemon.json registry-mirrors) +# mirror hostname → host-gateway (docker bridge IP 172.17.0.1) — used for: +# NuGet → http://mirror:8081/repository/nuget-group/ +# npm → http://mirror:8081/repository/npm-group/ # ───────────────────────────────────────────────────────────────────────────── jobs: @@ -38,13 +33,13 @@ jobs: name: "CI · API (dotnet build + test)" runs-on: ubuntu-latest container: - image: mcr.microsoft.com/dotnet/sdk:10.0 + image: 171.22.25.73:5002/dotnet/sdk:10.0 options: >- --add-host=gitea:host-gateway --add-host=mirror:host-gateway services: postgres: - image: postgres:16-alpine + image: 171.22.25.73:5000/library/postgres:16-alpine env: POSTGRES_DB: meezi_test POSTGRES_USER: meezi @@ -55,7 +50,7 @@ jobs: --health-timeout 5s --health-retries 10 redis: - image: redis:7-alpine + image: 171.22.25.73:5000/library/redis:7-alpine options: >- --health-cmd "redis-cli ping" --health-interval 5s @@ -73,7 +68,7 @@ jobs: git fetch --depth=1 origin "${REF}" git checkout FETCH_HEAD - - name: Restore + - name: Write NuGet config run: | cat > /tmp/nuget.ci.config << 'EOF' @@ -85,7 +80,11 @@ jobs: EOF - dotnet restore src/Meezi.API/Meezi.API.csproj --configfile /tmp/nuget.ci.config + + - name: Restore + run: dotnet restore src/Meezi.API/Meezi.API.csproj --configfile /tmp/nuget.ci.config + env: + DOTNET_CLI_TELEMETRY_OPTOUT: 1 - name: Build run: dotnet build src/Meezi.API/Meezi.API.csproj --no-restore -c Release @@ -101,7 +100,7 @@ jobs: name: "CI · Admin API (dotnet build)" runs-on: ubuntu-latest container: - image: mcr.microsoft.com/dotnet/sdk:10.0 + image: 171.22.25.73:5002/dotnet/sdk:10.0 options: >- --add-host=gitea:host-gateway --add-host=mirror:host-gateway @@ -117,7 +116,7 @@ jobs: git fetch --depth=1 origin "${REF}" git checkout FETCH_HEAD - - name: Restore + - name: Write NuGet config run: | cat > /tmp/nuget.ci.config << 'EOF' @@ -129,7 +128,11 @@ jobs: EOF - dotnet restore src/Meezi.Admin.API/Meezi.Admin.API.csproj --configfile /tmp/nuget.ci.config + + - name: Restore + run: dotnet restore src/Meezi.Admin.API/Meezi.Admin.API.csproj --configfile /tmp/nuget.ci.config + env: + DOTNET_CLI_TELEMETRY_OPTOUT: 1 - name: Build run: dotnet build src/Meezi.Admin.API/Meezi.Admin.API.csproj --no-restore -c Release @@ -139,7 +142,7 @@ jobs: name: "CI · Dashboard (tsc)" runs-on: ubuntu-latest container: - image: node:20-alpine + image: 171.22.25.73:5000/library/node:20-alpine options: >- --add-host=gitea:host-gateway --add-host=mirror:host-gateway @@ -149,8 +152,6 @@ jobs: TOKEN: ${{ github.token }} SHA: ${{ github.sha }} run: | - # No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine. - # Downloads the repo tarball directly from Gitea (same machine = instant). wget -q \ --header "Authorization: Bearer ${TOKEN}" \ "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \ @@ -173,7 +174,7 @@ jobs: name: "CI · Admin Web (tsc)" runs-on: ubuntu-latest container: - image: node:20-alpine + image: 171.22.25.73:5000/library/node:20-alpine options: >- --add-host=gitea:host-gateway --add-host=mirror:host-gateway @@ -183,8 +184,6 @@ jobs: TOKEN: ${{ github.token }} SHA: ${{ github.sha }} run: | - # No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine. - # Downloads the repo tarball directly from Gitea (same machine = instant). wget -q \ --header "Authorization: Bearer ${TOKEN}" \ "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \ @@ -207,7 +206,7 @@ jobs: name: "CI · Website (tsc)" runs-on: ubuntu-latest container: - image: node:20-alpine + image: 171.22.25.73:5000/library/node:20-alpine options: >- --add-host=gitea:host-gateway --add-host=mirror:host-gateway @@ -217,8 +216,6 @@ jobs: TOKEN: ${{ github.token }} SHA: ${{ github.sha }} run: | - # No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine. - # Downloads the repo tarball directly from Gitea (same machine = instant). wget -q \ --header "Authorization: Bearer ${TOKEN}" \ "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \ @@ -241,7 +238,7 @@ jobs: name: "CI · Finder (tsc)" runs-on: ubuntu-latest container: - image: node:20-alpine + image: 171.22.25.73:5000/library/node:20-alpine options: >- --add-host=gitea:host-gateway --add-host=mirror:host-gateway @@ -251,8 +248,6 @@ jobs: TOKEN: ${{ github.token }} SHA: ${{ github.sha }} run: | - # No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine. - # Downloads the repo tarball directly from Gitea (same machine = instant). wget -q \ --header "Authorization: Bearer ${TOKEN}" \ "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \ @@ -273,7 +268,6 @@ jobs: # ───────────────────────────────────────────────────────────────────────────── # DEPLOY — only on push to main, only if ALL CI jobs pass. # self-hosted:host — runs directly on your server where Docker is installed. -# The runner itself (gitea/act_runner) has node+git, so actions/checkout works. # ───────────────────────────────────────────────────────────────────────────── deploy: name: "Deploy · all services" diff --git a/docker-compose.mirror.yml b/docker-compose.mirror.yml index 8e9204e..c185e4c 100644 --- a/docker-compose.mirror.yml +++ b/docker-compose.mirror.yml @@ -30,7 +30,8 @@ services: - nexus-data:/nexus-data ports: - "8081:8081" # Web UI + NuGet + npm REST API - - "5000:5000" # Docker Hub pull-through proxy (httpPort configured in docker-hub-proxy repo) + - "5000:5000" # Docker Hub proxy (docker-hub-proxy repo httpPort: 5000) + - "5002:5002" # MCR proxy (mcr-proxy repo httpPort: 5002) healthcheck: test: ["CMD", "curl", "-sf", "http://localhost:8081/service/rest/v1/status"] interval: 30s