soroushdes/meezi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(ci): replace python3 with cat heredoc; sync local registry IPs

Browse Source 
python3 is not in PATH inside dotnet/sdk:10.0 container — replace the
"Write NuGet config" step with a cat heredoc which works in any container.

Also syncs GitHub with the Gitea-side changes:
  - All images pulled from local Nexus mirrors (no internet round-trip)
      171.22.25.73:5000 → docker-hub-proxy (node, postgres, redis)
      171.22.25.73:5002 → mcr-proxy        (dotnet/sdk)
  - npm steps already on npm-group (Liara + Runflare fallback)
  - docker-compose.mirror.yml: expose port 5002 for mcr-proxy

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
2026-05-28 18:34:06 +03:30
parent 720bab457e
commit 539165b6bb
2 changed files with 28 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/ci-cd.yml
+26 -32
View File
@@ -6,7 +6,6 @@ on:
pull_request: pull_request:
branches: [main] branches: [main]
# Only one deploy at a time; a newer push cancels an in-progress one
concurrency: concurrency:
group: meezi-cicd-${{ github.ref }} group: meezi-cicd-${{ github.ref }}
cancel-in-progress: true cancel-in-progress: true
@@ -18,17 +17,13 @@ concurrency:
# ubuntu-latest:docker://node:20-alpine ← CI jobs run in real Docker containers # ubuntu-latest:docker://node:20-alpine ← CI jobs run in real Docker containers
# self-hosted:host ← deploy runs directly on the server # self-hosted:host ← deploy runs directly on the server
# #
# WHY we don't use actions/checkout@v4 in container jobs: # All images are pulled from local Nexus mirrors (fast, no internet):
# actions/checkout is a JS action — needs `node` in the container. # Docker Hub → http://171.22.25.73:5000 (docker-hub-proxy repo)
# mcr.microsoft.com/dotnet/sdk → no Node.js → exit 127 # MCR → http://171.22.25.73:5002 (mcr-proxy repo)
# node:20-alpine → no git → checkout fails
# Fix: plain shell git clone via http.extraheader (token never in process list).
# #
# Local mirrors — Nexus Repository Manager (docker-compose.mirror.yml): # mirror hostname → host-gateway (docker bridge IP 172.17.0.1) — used for:
# "mirror" hostname → host-gateway (docker bridge IP 172.17.0.1) # NuGet → http://mirror:8081/repository/nuget-group/
# NuGet → http://mirror:8081/repository/nuget-proxy/ (nuget.mirror.config) # npm → http://mirror:8081/repository/npm-group/
# npm → http://mirror:8081/repository/npm-proxy/ (--registry flag)
# Docker → http://mirror:8083 (daemon.json registry-mirrors)
# ───────────────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────────────
jobs: jobs:
@@ -38,13 +33,13 @@ jobs:
name: "CI · API (dotnet build + test)" name: "CI · API (dotnet build + test)"
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: mcr.microsoft.com/dotnet/sdk:10.0 image: 171.22.25.73:5002/dotnet/sdk:10.0
options: >- options: >-
--add-host=gitea:host-gateway --add-host=gitea:host-gateway
--add-host=mirror:host-gateway --add-host=mirror:host-gateway
services: services:
postgres: postgres:
image: postgres:16-alpine image: 171.22.25.73:5000/library/postgres:16-alpine
env: env:
POSTGRES_DB: meezi_test POSTGRES_DB: meezi_test
POSTGRES_USER: meezi POSTGRES_USER: meezi
@@ -55,7 +50,7 @@ jobs:
--health-timeout 5s --health-timeout 5s
--health-retries 10 --health-retries 10
redis: redis:
image: redis:7-alpine image: 171.22.25.73:5000/library/redis:7-alpine
options: >- options: >-
--health-cmd "redis-cli ping" --health-cmd "redis-cli ping"
--health-interval 5s --health-interval 5s
@@ -73,7 +68,7 @@ jobs:
git fetch --depth=1 origin "${REF}" git fetch --depth=1 origin "${REF}"
git checkout FETCH_HEAD git checkout FETCH_HEAD
- name: Restore - name: Write NuGet config
run: | run: |
cat > /tmp/nuget.ci.config << 'EOF' cat > /tmp/nuget.ci.config << 'EOF'
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
@@ -85,7 +80,11 @@ jobs:
</packageSources> </packageSources>
</configuration> </configuration>
EOF EOF
dotnet restore src/Meezi.API/Meezi.API.csproj --configfile /tmp/nuget.ci.config
- name: Restore
run: dotnet restore src/Meezi.API/Meezi.API.csproj --configfile /tmp/nuget.ci.config
env:
DOTNET_CLI_TELEMETRY_OPTOUT: 1
- name: Build - name: Build
run: dotnet build src/Meezi.API/Meezi.API.csproj --no-restore -c Release run: dotnet build src/Meezi.API/Meezi.API.csproj --no-restore -c Release
@@ -101,7 +100,7 @@ jobs:
name: "CI · Admin API (dotnet build)" name: "CI · Admin API (dotnet build)"
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: mcr.microsoft.com/dotnet/sdk:10.0 image: 171.22.25.73:5002/dotnet/sdk:10.0
options: >- options: >-
--add-host=gitea:host-gateway --add-host=gitea:host-gateway
--add-host=mirror:host-gateway --add-host=mirror:host-gateway
@@ -117,7 +116,7 @@ jobs:
git fetch --depth=1 origin "${REF}" git fetch --depth=1 origin "${REF}"
git checkout FETCH_HEAD git checkout FETCH_HEAD
- name: Restore - name: Write NuGet config
run: | run: |
cat > /tmp/nuget.ci.config << 'EOF' cat > /tmp/nuget.ci.config << 'EOF'
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
@@ -129,7 +128,11 @@ jobs:
</packageSources> </packageSources>
</configuration> </configuration>
EOF EOF
dotnet restore src/Meezi.Admin.API/Meezi.Admin.API.csproj --configfile /tmp/nuget.ci.config
- name: Restore
run: dotnet restore src/Meezi.Admin.API/Meezi.Admin.API.csproj --configfile /tmp/nuget.ci.config
env:
DOTNET_CLI_TELEMETRY_OPTOUT: 1
- name: Build - name: Build
run: dotnet build src/Meezi.Admin.API/Meezi.Admin.API.csproj --no-restore -c Release run: dotnet build src/Meezi.Admin.API/Meezi.Admin.API.csproj --no-restore -c Release
@@ -139,7 +142,7 @@ jobs:
name: "CI · Dashboard (tsc)" name: "CI · Dashboard (tsc)"
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: node:20-alpine image: 171.22.25.73:5000/library/node:20-alpine
options: >- options: >-
--add-host=gitea:host-gateway --add-host=gitea:host-gateway
--add-host=mirror:host-gateway --add-host=mirror:host-gateway
@@ -149,8 +152,6 @@ jobs:
TOKEN: ${{ github.token }} TOKEN: ${{ github.token }}
SHA: ${{ github.sha }} SHA: ${{ github.sha }}
run: | run: |
# No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine.
# Downloads the repo tarball directly from Gitea (same machine = instant).
wget -q \ wget -q \
--header "Authorization: Bearer ${TOKEN}" \ --header "Authorization: Bearer ${TOKEN}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \ "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \
@@ -173,7 +174,7 @@ jobs:
name: "CI · Admin Web (tsc)" name: "CI · Admin Web (tsc)"
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: node:20-alpine image: 171.22.25.73:5000/library/node:20-alpine
options: >- options: >-
--add-host=gitea:host-gateway --add-host=gitea:host-gateway
--add-host=mirror:host-gateway --add-host=mirror:host-gateway
@@ -183,8 +184,6 @@ jobs:
TOKEN: ${{ github.token }} TOKEN: ${{ github.token }}
SHA: ${{ github.sha }} SHA: ${{ github.sha }}
run: | run: |
# No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine.
# Downloads the repo tarball directly from Gitea (same machine = instant).
wget -q \ wget -q \
--header "Authorization: Bearer ${TOKEN}" \ --header "Authorization: Bearer ${TOKEN}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \ "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \
@@ -207,7 +206,7 @@ jobs:
name: "CI · Website (tsc)" name: "CI · Website (tsc)"
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: node:20-alpine image: 171.22.25.73:5000/library/node:20-alpine
options: >- options: >-
--add-host=gitea:host-gateway --add-host=gitea:host-gateway
--add-host=mirror:host-gateway --add-host=mirror:host-gateway
@@ -217,8 +216,6 @@ jobs:
TOKEN: ${{ github.token }} TOKEN: ${{ github.token }}
SHA: ${{ github.sha }} SHA: ${{ github.sha }}
run: | run: |
# No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine.
# Downloads the repo tarball directly from Gitea (same machine = instant).
wget -q \ wget -q \
--header "Authorization: Bearer ${TOKEN}" \ --header "Authorization: Bearer ${TOKEN}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \ "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \
@@ -241,7 +238,7 @@ jobs:
name: "CI · Finder (tsc)" name: "CI · Finder (tsc)"
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: node:20-alpine image: 171.22.25.73:5000/library/node:20-alpine
options: >- options: >-
--add-host=gitea:host-gateway --add-host=gitea:host-gateway
--add-host=mirror:host-gateway --add-host=mirror:host-gateway
@@ -251,8 +248,6 @@ jobs:
TOKEN: ${{ github.token }} TOKEN: ${{ github.token }}
SHA: ${{ github.sha }} SHA: ${{ github.sha }}
run: | run: |
# No apk install needed — wget + tar (busybox) are pre-installed in node:20-alpine.
# Downloads the repo tarball directly from Gitea (same machine = instant).
wget -q \ wget -q \
--header "Authorization: Bearer ${TOKEN}" \ --header "Authorization: Bearer ${TOKEN}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \ "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/archive/${SHA}.tar.gz" \
@@ -273,7 +268,6 @@ jobs:
# ───────────────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────────────
# DEPLOY — only on push to main, only if ALL CI jobs pass. # DEPLOY — only on push to main, only if ALL CI jobs pass.
# self-hosted:host — runs directly on your server where Docker is installed. # self-hosted:host — runs directly on your server where Docker is installed.
# The runner itself (gitea/act_runner) has node+git, so actions/checkout works.
# ───────────────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────────────
deploy: deploy:
name: "Deploy · all services" name: "Deploy · all services"
docker-compose.mirror.yml
+2 -1
View File
@@ -30,7 +30,8 @@ services:
- nexus-data:/nexus-data - nexus-data:/nexus-data
ports: ports:
- "8081:8081" # Web UI + NuGet + npm REST API - "8081:8081" # Web UI + NuGet + npm REST API
- "5000:5000" # Docker Hub pull-through proxy (httpPort configured in docker-hub-proxy repo) - "5000:5000" # Docker Hub proxy (docker-hub-proxy repo httpPort: 5000)
- "5002:5002" # MCR proxy (mcr-proxy repo httpPort: 5002)
healthcheck: healthcheck:
test: ["CMD", "curl", "-sf", "http://localhost:8081/service/rest/v1/status"] test: ["CMD", "curl", "-sf", "http://localhost:8081/service/rest/v1/status"]
interval: 30s interval: 30s