mirror of
https://github.com/ryankazokas/turbovault-app.git
synced 2026-04-16 22:12:53 +00:00
11 KiB
11 KiB
GitHub Actions Setup Complete! 🎉
Your repository is now configured with GitHub Actions for automated building and deployment.
What's Been Added
GitHub Actions Workflows
1. .github/workflows/build-and-push.yml
Purpose: Build Docker image and push to your Gitea registry
Triggers:
- ✅ When you push a version tag (e.g.,
v1.0.0,v2.1.0) - ✅ Manual trigger from GitHub Actions tab
What it does:
- Checks out your code
- Builds Docker image
- Logs into your Gitea registry
- Pushes image with version tag +
latesttag - Shows deploy command in output
2. .github/workflows/ci.yml
Purpose: Run tests and quality checks
Triggers:
- ✅ On push to
mainordevelopbranches - ✅ On pull requests
What it does:
- Lint: Runs RuboCop (code style)
- Security: Runs Brakeman (security scan)
- Test: Runs your test suite with PostgreSQL
- Build Test: Verifies Dockerfile builds successfully
Documentation
- ✅
.github/SECRETS_SETUP.md- How to configure GitHub Secrets - ✅
.github/WHAT_TO_COMMIT.md- What's safe to commit publicly - ✅
GITHUB_ACTIONS_SETUP.md- This file!
Updated Files
- ✅
README.md- Added CI/CD section - ✅
k8s/deployment.yaml- Placeholder image paths - ✅
k8s/migrate-job.yaml- Placeholder image paths - ✅
.gitignore- Already excludes secrets ✅
Your Next Steps
Step 1: Add GitHub Secrets
Go to your GitHub repository → Settings → Secrets and variables → Actions
Add these 4 secrets:
| Secret Name | Value | Example |
|---|---|---|
GITEA_REGISTRY |
Your Gitea URL (no https://) | gitea.example.com |
GITEA_USERNAME |
Your Gitea username | johndoe |
GITEA_TOKEN |
Gitea access token | gtea_abc123... |
GITEA_REPO |
Repo path | johndoe/turbovault |
Detailed instructions: .github/SECRETS_SETUP.md
Step 2: Get Gitea Access Token
- Login to your Gitea instance
- Settings → Applications → Manage Access Tokens
- Click Generate New Token
- Name:
github-actions - Permissions:
- ✅
package:read - ✅
package:write
- ✅
- Click Generate Token
- Copy the token (starts with
gtea_) - Add to GitHub as
GITEA_TOKENsecret
Step 3: Push to GitHub
# Make sure you're in the project directory
cd turbovault-web
# Run the setup script
./scripts/setup-github.sh
# Or manually:
git add .
git commit -m "Add GitHub Actions for CI/CD"
git push origin main
Step 4: Test the Workflow
Option A: Manually trigger a build
- Go to your GitHub repository
- Click Actions tab
- Click Build and Push to Gitea
- Click Run workflow button
- Enter tag:
testorv0.1.0 - Click Run workflow
- Watch it build!
Option B: Create a version tag
# Create and push a tag
git tag v1.0.0
git push origin v1.0.0
# This will automatically trigger the build workflow
Step 5: Verify Image in Gitea
- Login to your Gitea instance
- Go to your repository
- Click Packages tab
- You should see
turbovaultpackage with your tag
Step 6: Deploy to Kubernetes
# Update deployment with new image
kubectl set image deployment/turbovault \
turbovault=gitea.example.com/username/turbovault:v1.0.0 \
-n turbovault
# Or use the deployment script
./scripts/deploy-k8s.sh
Workflow Explained
Build Flow
┌─────────────────────────────────────────────────────┐
│ Developer pushes tag: git push origin v1.0.0 │
└─────────────────────┬───────────────────────────────┘
↓
┌─────────────────────────────────────────────────────┐
│ GitHub Actions detects tag │
│ Workflow: build-and-push.yml │
└─────────────────────┬───────────────────────────────┘
↓
┌─────────────────────────────────────────────────────┐
│ 1. Checkout code from GitHub │
│ 2. Build Docker image │
│ 3. Login to Gitea registry (using secrets) │
│ 4. Tag image: v1.0.0 + latest │
│ 5. Push to Gitea │
└─────────────────────┬───────────────────────────────┘
↓
┌─────────────────────────────────────────────────────┐
│ Image available in Gitea package registry │
│ gitea.example.com/username/turbovault:v1.0.0 │
└─────────────────────┬───────────────────────────────┘
↓
┌─────────────────────────────────────────────────────┐
│ Deploy to Kubernetes (manual or automated) │
│ kubectl set image deployment/turbovault ... │
└─────────────────────────────────────────────────────┘
CI Flow
┌─────────────────────────────────────────────────────┐
│ Developer pushes code or opens PR │
└─────────────────────┬───────────────────────────────┘
↓
┌─────────────────────────────────────────────────────┐
│ GitHub Actions runs ci.yml workflow │
└─────────────────────┬───────────────────────────────┘
↓
┌─────────────────────────────────────────────────────┐
│ Parallel jobs: │
│ ├─ Lint (RuboCop) │
│ ├─ Security (Brakeman) │
│ ├─ Test (RSpec/Minitest with PostgreSQL) │
│ └─ Build Test (Docker build verification) │
└─────────────────────┬───────────────────────────────┘
↓
┌─────────────────────────────────────────────────────┐
│ ✅ All checks pass → Merge safe │
│ ❌ Checks fail → Fix issues before merge │
└─────────────────────────────────────────────────────┘
Common Tasks
Release a New Version
# 1. Make changes and commit
git add .
git commit -m "Add new feature"
git push origin main
# 2. Wait for CI to pass (check Actions tab)
# 3. Create release tag
git tag v1.1.0
git push origin v1.1.0
# 4. GitHub Actions builds and pushes to Gitea automatically
# 5. Deploy to k8s
kubectl set image deployment/turbovault \
turbovault=gitea.example.com/username/turbovault:v1.1.0 \
-n turbovault
Rollback to Previous Version
# Deploy previous tag
kubectl set image deployment/turbovault \
turbovault=gitea.example.com/username/turbovault:v1.0.0 \
-n turbovault
# Watch rollout
kubectl rollout status deployment/turbovault -n turbovault
View Build Logs
- Go to GitHub repository
- Click Actions tab
- Click on a workflow run
- Click on job name to see logs
Rebuild Latest
# Delete and recreate tag (forces rebuild)
git tag -d latest
git push origin :refs/tags/latest
git tag latest
git push origin latest
Troubleshooting
Build fails with "unauthorized"
Problem: Can't login to Gitea registry
Solution:
- Verify
GITEA_TOKENin GitHub secrets is correct - Check token has
package:writepermission - Test locally:
docker login gitea.example.com
Image pushes but k8s can't pull
Problem: ImagePullBackOff in Kubernetes
Solution:
- Verify k8s secret exists:
kubectl get secret gitea-registry -n turbovault - Check
imagePullSecretsin deployment.yaml - See k8s/GITEA_SETUP.md
CI tests fail
Problem: Tests don't pass in GitHub Actions
Solution:
- Run tests locally:
rails test - Check PostgreSQL connection
- Review test logs in Actions tab
- Tests are set to
continue-on-error: truefor now (won't block builds)
Workflow doesn't trigger
Problem: Pushing tag doesn't start build
Solution:
- Check tag format: must be
v*.*.*(e.g.,v1.0.0) - Verify workflow file exists:
.github/workflows/build-and-push.yml - Check Actions tab for errors
Benefits
✅ What You Get
- Automated Builds - No manual Docker commands
- Version Control - Each tag creates a versioned image
- CI/CD Pipeline - Auto-test every change
- Quality Checks - Linting and security scans
- Rollback Safety - Keep all versions in Gitea
- Collaboration - Contributors get CI feedback on PRs
🎯 Workflow Benefits
- For You: Push tag → image automatically builds → deploy
- For Contributors: Submit PR → auto-tested → you review
- For Production: Tagged releases → immutable versions → safe rollbacks
Next Steps
- ✅ Add GitHub Secrets (.github/SECRETS_SETUP.md)
- ✅ Push code to GitHub
- ✅ Test workflow (manual trigger or push tag)
- ✅ Verify image in Gitea
- ✅ Deploy to Kubernetes
- ✅ Celebrate! 🎉
Questions?
- "Do I need to push to Gitea too?" → No! GitHub Actions does it for you
- "What about the source code?" → Push to GitHub, images go to Gitea automatically
- "Can I still build locally?" → Yes! Docker build commands still work
- "Do contributors need Gitea access?" → No! Only you need it (for GitHub Secrets)
- "How do I disable a workflow?" → GitHub → Actions → Select workflow → Disable
You're all set! Add your GitHub Secrets and push a tag to see it in action! 🚀
For detailed instructions, see:
- .github/SECRETS_SETUP.md - Configure secrets
- k8s/GITEA_SETUP.md - Gitea registry setup
- DEPLOYMENT.md - Full deployment guide