diff --git a/.gitea/workflows/node-pull-request-check-template.yml b/.gitea/workflows/node-pull-request-check-template.yml new file mode 100644 index 0000000..bf47774 --- /dev/null +++ b/.gitea/workflows/node-pull-request-check-template.yml @@ -0,0 +1,109 @@ +name: Pull request check +on: + workflow_call: + inputs: + notification_enabled: + description: "Включение оповещений о разворачивании, требуется иметь url для оповещений в vault" + default: false + required: false + type: boolean + custom_notification_hook_enabled: + description: "Использовать ли кастомный url хук для оповещений (должен лежать в vault секрете проекта)" + default: false + required: false + type: boolean + notification_channel: + description: "Канал для оповещений о результатах деплоя" + default: internal_projects_notifications + required: false + type: string + vault_secrets_base_path: + description: 'Базовый путь для секретов проекта в vault' + required: false + type: string + gradle_check_command: + description: 'Команда для исполнения в gradle' + default: 'test' + required: false + type: string + sonar_enabled: + default: false + required: false + type: boolean + secrets: + VAULT_ROLE_ID: + required: true + VAULT_SECRET_ID: + required: true + +env: + vault_main_base_path: dev/wilix/main/data/ci + +jobs: + check: + name: check and test + runs-on: ubuntu-latest + steps: + - uses: https://github.com/actions/checkout@v3 + - uses: https://github.com/actions/checkout@v3 + - name: Use Node.js 20 + uses: https://github.com/actions/setup-node@v3 + with: + node-version: 20 + - run: yarn install + - run: yarn test + + - name: dockerfile lint check + uses: https://github.com/hadolint/hadolint-action@v3.1.0 + with: + dockerfile: Dockerfile + + - name: Get general notification url + if: ${{ inputs.notification_enabled && ! inputs.custom_notification_hook_enabled && (job.status == 'success' || job.status == 'failure') }} + uses: https://github.com/hashicorp/vault-action@v2 + with: + url: https://vault.wilix.dev + method: approle + roleId: ${{ secrets.VAULT_ROLE_ID }} + secretId: ${{ secrets.VAULT_SECRET_ID }} + secrets: | + ${{ env.vault_main_base_path }} notification_url | MATTERMOST_WEBHOOK_URL ; + + - name: Get custom notification url + if: ${{ inputs.notification_enabled && inputs.custom_notification_hook_enabled && (job.status == 'success' || job.status == 'failure') }} + uses: https://github.com/hashicorp/vault-action@v2 + with: + url: https://vault.wilix.dev + method: approle + roleId: ${{ secrets.VAULT_ROLE_ID }} + secretId: ${{ secrets.VAULT_SECRET_ID }} + secrets: | + ${{ inputs.vault_secrets_base_path }} notification_url | MATTERMOST_WEBHOOK_URL ; + + - name: prepare failed notification body + if: ${{ inputs.notification_enabled && job.status == 'failure' }} + uses: https://github.com/finnp/create-file-action@master + env: + FILE_NAME: "mattermost.json" + FILE_DATA: | + { + "channel": "${{ inputs.notification_channel }}", + "attachments": [ + { + "fallback": "Проверка упала ${{ gitea.repository }}", + "text": "@${{ gitea.actor }} упала тестовая сборка", + "color": "#FF0000", + "fields": [ + { + "short": true, + "title": "Сборка", + "value": "https://git.wilix.dev/${{ gitea.repository }}/actions/runs/${{ gitea.run_id }}" + } + ] + } + ] + } + + - name: loop fail notification + if: ${{ inputs.notification_enabled && job.status == 'failure' }} + uses: https://github.com/mattermost/action-mattermost-notify@master