Add Gitea Actions workflows, CI config, and docs
This commit is contained in:
121
.ci/config.env
Normal file
121
.ci/config.env
Normal file
@@ -0,0 +1,121 @@
|
||||
# =============================================================================
|
||||
# .ci/config.env — Central Configuration (Single Source of Truth)
|
||||
# =============================================================================
|
||||
# Repository: ${REPO_NAME}
|
||||
# Generated from template: ${TEMPLATE_NAME}
|
||||
# Created: ${YEAR}-${MONTH}-${DAY}
|
||||
#
|
||||
# All Gitea Actions workflows source this file at runtime.
|
||||
# Adjust the toggles below to enable/disable features for YOUR project.
|
||||
# See docs/CONFIG.md for detailed explanations of every flag.
|
||||
# =============================================================================
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
# CI — Continuous Integration
|
||||
# -----------------------------------------------------------------------------
|
||||
# Master switch for CI. If false, the CI workflow exits immediately.
|
||||
ENABLE_CI=true
|
||||
|
||||
# If true, lint/test failures cause the workflow to fail (exit 1).
|
||||
# If false, failures are logged as warnings but the workflow succeeds.
|
||||
CI_STRICT=true
|
||||
|
||||
# The primary branch name. Used by Docker and other workflows.
|
||||
DEFAULT_BRANCH=main
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
# Docker — Build & Push
|
||||
# -----------------------------------------------------------------------------
|
||||
# Master switch for Docker build steps. If false, docker.yml skips entirely.
|
||||
ENABLE_DOCKER=true
|
||||
|
||||
# Whether to actually push images to the registry.
|
||||
# SAFE DEFAULT: false — images are built but never pushed until you opt in.
|
||||
DOCKER_PUSH=false
|
||||
|
||||
# Push images when a commit lands on DEFAULT_BRANCH?
|
||||
DOCKER_PUSH_ON_BRANCH=true
|
||||
|
||||
# Push images when a semver tag (v*) is pushed?
|
||||
DOCKER_PUSH_ON_TAG=true
|
||||
|
||||
# Registry hostname. For Gitea's built-in container registry this is usually
|
||||
# the same as your Gitea instance domain.
|
||||
REGISTRY_HOST=git.hiddenden.cafe
|
||||
|
||||
# Image owner (org or user). "auto" = derived at runtime from the repo context.
|
||||
IMAGE_OWNER=auto
|
||||
|
||||
# Image name. "auto" = derived at runtime from the repository name.
|
||||
IMAGE_NAME=auto
|
||||
|
||||
# Tag strategy. Controls which tags are applied to pushed images.
|
||||
# Options:
|
||||
# semver+latest — tag vX.Y.Z → :X.Y.Z and :latest (default)
|
||||
# semver — tag vX.Y.Z → :X.Y.Z only
|
||||
# branch — branch pushes only, tagged as :branchname
|
||||
# Branch pushes always produce :branchname when DOCKER_PUSH_ON_BRANCH=true.
|
||||
DOCKER_TAG_STRATEGY=semver+latest
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
# Security Scanning
|
||||
# -----------------------------------------------------------------------------
|
||||
# Master switch for security workflows. SAFE DEFAULT: false.
|
||||
ENABLE_SECURITY=false
|
||||
|
||||
# If true, any finding fails the workflow. If false, findings are warnings only.
|
||||
STRICT_SECURITY=false
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
# Renovate — Automated Dependency Updates
|
||||
# -----------------------------------------------------------------------------
|
||||
# Master switch for Renovate. SAFE DEFAULT: false.
|
||||
ENABLE_RENOVATE=false
|
||||
|
||||
# How often Renovate runs. Cron-style or preset: daily, weekly, monthly.
|
||||
RENOVATE_SCHEDULE=weekly
|
||||
|
||||
# Maximum number of open PRs Renovate can create at once.
|
||||
RENOVATE_PR_LIMIT=5
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
# Deploy — Automated Deployment to VPS
|
||||
# -----------------------------------------------------------------------------
|
||||
# Master switch for deployment. SAFE DEFAULT: false.
|
||||
# Deploy NEVER runs unless you explicitly set this to true.
|
||||
ENABLE_DEPLOY=false
|
||||
|
||||
# Deployment mode. Determines HOW the deploy job reaches the VPS.
|
||||
# local-runner — The job runs directly on a self-hosted act_runner installed
|
||||
# on the VPS. No SSH needed. The runner is selected by label.
|
||||
# ssh — The job runs on any runner and SSHs into the VPS to execute
|
||||
# deploy commands remotely. Requires SSH secrets.
|
||||
DEPLOY_MODE=local-runner
|
||||
|
||||
# Runner label for local-runner mode. The act_runner on your VPS must be
|
||||
# registered with this label. Gitea selects the runner via runs-on.
|
||||
# Examples: deploy-ovh, vps-prod, deploy-hetzner
|
||||
DEPLOY_RUNNER_LABEL=deploy-ovh
|
||||
|
||||
# Working directory on the VPS where your project lives.
|
||||
# For local-runner mode this is a local path; for ssh mode it's the remote path.
|
||||
DEPLOY_WORKDIR=/opt/${REPO_NAME}
|
||||
|
||||
# Deploy strategy. Determines WHAT happens on the VPS.
|
||||
# compose — cd into DEPLOY_WORKDIR, pull new images, recreate containers
|
||||
# systemd — restart a systemd service
|
||||
# script — run a custom deploy script
|
||||
DEPLOY_STRATEGY=compose
|
||||
|
||||
# (compose) Path to the compose file, relative to DEPLOY_WORKDIR.
|
||||
DEPLOY_COMPOSE_FILE=docker-compose.yml
|
||||
|
||||
# (systemd) Name of the systemd service to restart. Required if strategy=systemd.
|
||||
DEPLOY_SYSTEMD_SERVICE=
|
||||
|
||||
# (script) Path to a custom deploy script, relative to the repo root.
|
||||
# The script receives DEPLOY_WORKDIR as $1.
|
||||
DEPLOY_SCRIPT=scripts/deploy.sh
|
||||
|
||||
# Also deploy when a semver tag (v*) is pushed? Default: false.
|
||||
DEPLOY_ON_TAG=false
|
||||
Reference in New Issue
Block a user