From 7e88e0aa6b193146bdb7b39044d970bb7c8ed8f2 Mon Sep 17 00:00:00 2001
From: Stanislav Melnichuk <s.melnichuk@wilix.org>
Date: Tue, 30 May 2023 10:59:27 +0300
Subject: [PATCH] Added werf cleanup as a template.

---
 .gitea/workflows/werf-cleanup-template.yml | 66 ++++++++++++++++++++++
 .gitea/workflows/werf-deploy-template.yml  |  1 +
 2 files changed, 67 insertions(+)
 create mode 100644 .gitea/workflows/werf-cleanup-template.yml

diff --git a/.gitea/workflows/werf-cleanup-template.yml b/.gitea/workflows/werf-cleanup-template.yml
new file mode 100644
index 0000000..88d6981
--- /dev/null
+++ b/.gitea/workflows/werf-cleanup-template.yml
@@ -0,0 +1,66 @@
+name: Cleanup Docker registry
+on:
+  workflow_call:
+    inputs:
+      docker_repo_path:
+        default: private.docker.wilix.dev
+        required: false
+        type: string
+      docker_images_path:
+        description: 'Относительный путь для образов проекта'
+        required: true
+        type: string
+      werf_debug:
+        default: false
+        required: false
+        type: boolean
+    secrets:
+      VAULT_ROLE_ID:
+        required: true
+      VAULT_SECRET_ID:
+        required: true
+
+env:
+  vault_main_base_path: dev/wilix/main/data/ci
+
+jobs:
+  cleanup:
+    name: Cleanup
+    runs-on: ubuntu-latest
+    steps:
+      - uses: https://github.com/actions/checkout@v3
+      - name: Fetch all history for all tags and branches
+        run: git fetch --prune --unshallow
+
+      # FIXME Эти секреты нужно будет сделать полностью различными для проектов, идеально - краткосрочные генерируемые vault
+      - id: import-secrets
+        uses: https://github.com/hashicorp/vault-action@v2
+        with:
+          url: https://vault.wilix.dev
+          method: approle
+          roleId: ${{ secrets.VAULT_ROLE_ID }}
+          secretId: ${{ secrets.VAULT_SECRET_ID }}
+          secrets: |
+            ${{ env.vault_main_base_path }} local_cluster_kube_config_base64 ;
+            ${{ env.vault_main_base_path }} docker_registry_username ;
+            ${{ env.vault_main_base_path }} docker_registry_password ;
+
+      - name: Login to wilix nexus Container Registry
+        uses: https://github.com/docker/login-action@v2
+        with:
+          registry: ${{ inputs.docker_repo_path }}
+          username: ${{ steps.import-secrets.outputs.docker_registry_username }}
+          password: ${{ steps.import-secrets.outputs.docker_registry_password }}
+
+      - name: Install werf
+        uses: https://github.com/werf/actions/install@v1.2
+
+      - name: Setup debug if need
+        if: ${{ inputs.werf_debug }}
+        run: echo "WERF_LOG_DEBUG=true" >> "$GITHUB_ENV"
+
+      - name: Cleanup
+        run: werf cleanup
+        env:
+          WERF_REPO: ${{ inputs.docker_repo_path }}/${{ inputs.docker_images_path }}
+          WERF_KUBECONFIG_BASE64: ${{ steps.import-secrets.outputs.local_cluster_kube_config_base64 }}
diff --git a/.gitea/workflows/werf-deploy-template.yml b/.gitea/workflows/werf-deploy-template.yml
index f55b045..b5951c6 100644
--- a/.gitea/workflows/werf-deploy-template.yml
+++ b/.gitea/workflows/werf-deploy-template.yml
@@ -1,3 +1,4 @@
+name: "Deploy stand by werf to kubernetes"
 on:
   workflow_call:
     inputs: