diff --git a/.gitea/workflows/harbor-build-deploy.yml b/.gitea/workflows/build-deploy.yml similarity index 75% rename from .gitea/workflows/harbor-build-deploy.yml rename to .gitea/workflows/build-deploy.yml index c86018c..fa1b70e 100644 --- a/.gitea/workflows/harbor-build-deploy.yml +++ b/.gitea/workflows/build-deploy.yml @@ -1,14 +1,18 @@ -name: Harbor Build Once → Deploy Many (Compose) +name: Docker Build Once → Deploy Many (Compose) on: workflow_call: inputs: - harbor_registry: + docker_registry: + description: Registry host (docker.io, ghcr.io, registry.example.com) type: string - default: harbor.hcmc.online - harbor_project: + default: docker.io + + docker_namespace: + description: Docker namespace / org / username type: string - default: ci + required: true + image_repo: type: string required: true @@ -23,9 +27,8 @@ on: type: string default: linux/amd64,linux/arm64 - # IMPORTANT CHANGE deploy_runners_json: - description: 'JSON array of runner labels' + description: JSON array of runner labels type: string required: true @@ -37,10 +40,8 @@ on: default: up -d --pull always --remove-orphans secrets: - HARBOR_PUSH_USERNAME: { required: true } - HARBOR_PUSH_PASSWORD: { required: true } - HARBOR_PULL_USERNAME: { required: true } - HARBOR_PULL_PASSWORD: { required: true } + DOCKER_HUB_USERNAME: { required: true } + DOCKER_HUB_ACCESS_TOKEN: { required: true } jobs: @@ -48,7 +49,7 @@ jobs: # BUILD ONCE (single powerful runner) # ========================================================== build_and_push: - name: Build & Push Image + name: Build & Push Image runs-on: devsg-atlantic outputs: @@ -65,7 +66,7 @@ jobs: shell: bash run: | set -euo pipefail - IMAGE="${{ inputs.harbor_registry }}/${{ inputs.harbor_project }}/${{ inputs.image_repo }}" + IMAGE="${{ inputs.docker_registry }}/${{ inputs.docker_namespace }}/${{ inputs.image_repo }}" SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-12) BRANCH="${{ github.ref_name }}" @@ -73,14 +74,13 @@ jobs: echo "sha_tag=sha-$SHORT_SHA" >> $GITHUB_OUTPUT echo "branch_tag=$BRANCH" >> $GITHUB_OUTPUT - - name: Login Harbor (push) + - name: Login Registry (push) uses: docker/login-action@v3 with: - registry: ${{ inputs.harbor_registry }} - username: ${{ secrets.HARBOR_PUSH_USERNAME }} - password: ${{ secrets.HARBOR_PUSH_PASSWORD }} + registry: ${{ inputs.docker_registry }} + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - # Cached multi-platform build - name: Build & Push Image id: build uses: docker/build-push-action@v6 @@ -103,7 +103,7 @@ jobs: # DEPLOY MANY (fan-out runners) # ========================================================== deploy: - name: Deploy to Fleet + name: Deploy to Fleet needs: build_and_push strategy: @@ -116,17 +116,16 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Login Harbor (pull) + - name: Login Registry (pull) uses: docker/login-action@v3 with: - registry: ${{ inputs.harbor_registry }} - username: ${{ secrets.HARBOR_PULL_USERNAME }} - password: ${{ secrets.HARBOR_PULL_PASSWORD }} + registry: ${{ inputs.docker_registry }} + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Show image run: echo "Deploying ${{ needs.build_and_push.outputs.image_ref }}" - # Linux/macOS - name: Compose Up (Unix) if: runner.os != 'Windows' shell: bash @@ -137,7 +136,6 @@ jobs: set -euo pipefail docker compose ${{ inputs.compose_args }} - # Windows runners support - name: Compose Up (Windows) if: runner.os == 'Windows' shell: pwsh @@ -145,4 +143,4 @@ jobs: env: DOCKER_IMAGE: ${{ needs.build_and_push.outputs.image_ref }} run: | - docker compose ${{ inputs.compose_args }} \ No newline at end of file + docker compose ${{ inputs.compose_args }}