diff --git a/.gitea/workflows/ci-cd.yml b/.gitea/workflows/ci-cd.yml index 2574f71..98a1ac7 100644 --- a/.gitea/workflows/ci-cd.yml +++ b/.gitea/workflows/ci-cd.yml @@ -13,6 +13,7 @@ concurrency: # ───────────────────────────────────────────────────────────────────────────── # CI — runs on every push AND every PR +# Uses pre-built container images so nothing is downloaded from blocked CDNs. # ───────────────────────────────────────────────────────────────────────────── jobs: @@ -20,14 +21,31 @@ jobs: api-build: name: "CI · API (dotnet build + test)" runs-on: ubuntu-latest + # Use official .NET SDK image — no setup-dotnet download needed + container: + image: mcr.microsoft.com/dotnet/sdk:10.0 + services: + postgres: + image: postgres:16-alpine + env: + POSTGRES_DB: meezi_test + POSTGRES_USER: meezi + POSTGRES_PASSWORD: meezi_test_pass + options: >- + --health-cmd pg_isready + --health-interval 5s + --health-timeout 5s + --health-retries 10 + redis: + image: redis:7-alpine + options: >- + --health-cmd "redis-cli ping" + --health-interval 5s + --health-timeout 3s + --health-retries 10 steps: - uses: actions/checkout@v4 - - name: Setup .NET 10 - uses: actions/setup-dotnet@v4 - with: - dotnet-version: "10.0.x" - - name: Restore run: dotnet restore src/Meezi.API/Meezi.API.csproj @@ -36,19 +54,19 @@ jobs: - name: Test run: dotnet test --no-build -c Release --logger "console;verbosity=minimal" + env: + ConnectionStrings__DefaultConnection: "Host=postgres;Port=5432;Database=meezi_test;Username=meezi;Password=meezi_test_pass" + ConnectionStrings__Redis: "redis:6379" # ── Admin API ─────────────────────────────────────────────────────────────── admin-api-build: name: "CI · Admin API (dotnet build)" runs-on: ubuntu-latest + container: + image: mcr.microsoft.com/dotnet/sdk:10.0 steps: - uses: actions/checkout@v4 - - name: Setup .NET 10 - uses: actions/setup-dotnet@v4 - with: - dotnet-version: "10.0.x" - - name: Restore run: dotnet restore src/Meezi.Admin.API/Meezi.Admin.API.csproj @@ -59,14 +77,13 @@ jobs: dashboard-check: name: "CI · Dashboard (tsc)" runs-on: ubuntu-latest + container: + image: node:20-alpine defaults: run: working-directory: web/dashboard steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version: "20" - run: npm install --legacy-peer-deps --ignore-scripts - run: npx tsc --noEmit env: @@ -76,14 +93,13 @@ jobs: admin-web-check: name: "CI · Admin Web (tsc)" runs-on: ubuntu-latest + container: + image: node:20-alpine defaults: run: working-directory: web/admin steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version: "20" - run: npm install --legacy-peer-deps --ignore-scripts - run: npx tsc --noEmit env: @@ -93,14 +109,13 @@ jobs: website-check: name: "CI · Website (tsc)" runs-on: ubuntu-latest + container: + image: node:20-alpine defaults: run: working-directory: web/website steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version: "20" - run: npm install --legacy-peer-deps --ignore-scripts - run: npx tsc --noEmit env: @@ -110,25 +125,26 @@ jobs: finder-check: name: "CI · Finder (tsc)" runs-on: ubuntu-latest + container: + image: node:20-alpine defaults: run: working-directory: web/finder steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version: "20" - run: npm install --legacy-peer-deps --ignore-scripts - run: npx tsc --noEmit env: NEXT_PUBLIC_API_URL: http://localhost:5080 # ───────────────────────────────────────────────────────────────────────────── -# DEPLOY — only on push to main, only if ALL CI jobs pass +# DEPLOY — only on push to main, only if ALL CI jobs pass. +# MUST run on self-hosted: needs Docker CLI on the actual production server. +# ubuntu-latest containers do not have Docker inside them. # ───────────────────────────────────────────────────────────────────────────── deploy: name: "Deploy · all services" - runs-on: ubuntu-latest + runs-on: self-hosted needs: - api-build - admin-api-build