adminka-root
diff --git a/‎.github/notes_workflows.md‎
Lines changed: 16 additions & 0 deletions b/‎.github/notes_workflows.md‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎.github/workflows/build-branches.yml‎
Lines changed: 82 additions & 0 deletions b/‎.github/workflows/build-branches.yml‎
Lines changed: 82 additions & 0 deletions
diff --git a/‎.github/workflows/build-manual.yml‎
Lines changed: 57 additions & 0 deletions b/‎.github/workflows/build-manual.yml‎
Lines changed: 57 additions & 0 deletions
diff --git a/‎.github/workflows/build-tags.yml‎
Lines changed: 86 additions & 0 deletions b/‎.github/workflows/build-tags.yml‎
Lines changed: 86 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 13 additions & 0 deletions b/‎.gitignore‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 19 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 19 additions & 0 deletions
@@ -0,0 +1,16 @@
+
+# [build-branches.yml](/.github/workflows/build-branches.yml), [build-manual.yml](/.github/workflows/build-manual.yml), [build-tags.yml](/.github/workflows/build-tags.yml)
+
+Самописные решения, корректность работы которых может быть под вопросом. Однако я закладывал следующее:
+
+1. Автосборка **только на master** с возможностью ручного запуска:
+   1. `build-branches.yml` — если на коммит не указывает тег и изменились отслеживаемые "важные" файлы, строим и вешаем два тега: `sha_master` и `master`;
+   2. `build-tags.yml` — всегда для git-тегов вида `v*.*.*` строим и вешаем пять тегов: `latest`, `master`, `major`, `major.minor`, `major.minor.patch`.
+2. `build-manual.yml` - принудительная ручная сборка на любой ветке с тегами `sha_branch` и `branch`.
+
+Следствия:
+1. `git push origin <тег>` не вызовет сборку, если коммит, на который указывает тег, **не принадлежит истории ветки `master`**. Последующий запуск `git push` этого коммита на `master` **необходим**, но не запустит `build-branches.yml`, т.к. тег уже существует. Если так случилось, необходимо вручную **переиграть соответствующую задачу `build-tags.yml`** в github actions. В идеале пушить нужно сразу так: `git push origin master <тег>`.
+2. Ручной перезапуск отыгранной задачи `build-tags.yml` для старых тегов может украсть теги `master` и `latest`, что нежелательно. В целом, можно было бы адаптировать `build-manual.yml`, включив в него возможность билдить по тегу.
+
+Короче, workflows неидеальны и требуют доработки/переосмысления.
+
@@ -0,0 +1,82 @@
+---
+name: Build Docker Image (master branch)
+
+on:
+  push:
+    branches: ['master']
+    paths:
+      - Dockerfile
+      - env/requirements.txt
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.repository }}:branch:${{ github.sha }}
+  cancel-in-progress: true
+
+jobs:
+  guard:
+    runs-on: ubuntu-latest
+    outputs:
+      skip: ${{ steps.check.outputs.skip }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          fetch-tags: true
+      - id: check
+        run: |   
+          if git tag --points-at "${GITHUB_SHA}" | grep -q .; then
+            echo "skip=true" >> $GITHUB_OUTPUT
+          else
+            echo "skip=false" >> $GITHUB_OUTPUT
+          fi
+
+  build:
+    needs: guard
+    if: needs.guard.outputs.skip == 'false'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          fetch-tags: true
+
+      - name: Set additional env
+        run: |
+          SHORT_SHA=$(echo "${GITHUB_SHA}" | cut -c1-7)
+          echo "SHORT_SHA=${SHORT_SHA}" >> $GITHUB_ENV
+          SAFE_BRANCH=$(echo "${GITHUB_REF_NAME}" | tr '/' '_')
+          echo "SAFE_BRANCH=${SAFE_BRANCH}" >> $GITHUB_ENV
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}
+          tags: |
+            type=raw,value=${{ env.SAFE_BRANCH }}
+            type=raw,value=${{ env.SHORT_SHA }}_${{ env.SAFE_BRANCH }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
@@ -0,0 +1,57 @@
+---
+name: Manual Build Docker Image
+
+on:
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.repository }}:manual:${{ github.ref_name }}:${{ github.sha }}
+  cancel-in-progress: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          fetch-tags: true
+
+      - name: Set env
+        run: |
+          SHORT_SHA=$(echo "${GITHUB_SHA}" | cut -c1-7)
+          echo "SHORT_SHA=${SHORT_SHA}" >> $GITHUB_ENV
+          SAFE_BRANCH=$(echo "${GITHUB_REF_NAME}" | tr '/' '_')
+          echo "SAFE_BRANCH=${SAFE_BRANCH}" >> $GITHUB_ENV
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}
+          tags: |
+            type=raw,value=${{ env.SAFE_BRANCH }}
+            type=raw,value=${{ env.SHORT_SHA }}_${{ env.SAFE_BRANCH }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
@@ -0,0 +1,86 @@
+---
+name: Build Docker Image (tags on master)
+
+on:
+  push:
+    tags: ['v*.*.*']
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.repository }}:tag:${{ github.sha }}
+  cancel-in-progress: true
+
+jobs:
+  guard:
+    runs-on: ubuntu-latest
+    outputs:
+      skip: ${{ steps.detect.outputs.on_default_branch == 'true' }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          fetch-tags: true
+
+      - name: Detect default branch
+        id: detect
+        run: |
+          DEFAULT="${{ github.event.repository.default_branch }}"
+          git fetch origin "$DEFAULT" --depth=1
+          if git merge-base --is-ancestor "$GITHUB_SHA" "origin/$DEFAULT"; then
+            echo "on_default_branch=true" >> $GITHUB_OUTPUT
+          else
+            echo "on_default_branch=false" >> $GITHUB_OUTPUT
+          fi
+
+  build:
+    needs: guard
+    if: needs.guard.outputs.skip == 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          fetch-tags: true
+
+      - name: Set env
+        run: |
+          SHORT_SHA=$(echo "${GITHUB_SHA}" | cut -c1-7)
+          echo "SHORT_SHA=${SHORT_SHA}" >> $GITHUB_ENV
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}
+          flavor: |
+            latest=auto
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=raw,value=${{ github.event.repository.default_branch }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
@@ -0,0 +1,13 @@
+/.ignore_files
+.idea
+source/.ipynb_checkpoints
+__pycache__/
+pyinstaller/build
+pyinstaller/dist
+docker-compose.yml
+docker_static/sync_settings.yml
+
+
+
+
+source/sync_settings.yml
@@ -0,0 +1,19 @@
+# docker build -t gitea_2_sourcegraph_sync:latest -f ./Dockerfile .
+
+FROM python:3.11-slim
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && \
+    apt-get install -y --no-install-suggests --no-install-recommends \
+    supervisor curl && \
+    apt autoremove -y && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+RUN curl -L https://sourcegraph.com/.api/src-cli/src_linux_amd64 \
+         -o /usr/local/bin/src && chmod 755 /usr/local/bin/src
+
+COPY ./env/requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+ENV APP_CMD="gitea_2_sourcegraph_sync.py -y" \
+    SETTINGS=/STATIC/sync_settings.yml
+