DarkHelm.org/plex-playlist
Public Access
2
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
Files
a54fe5c1b9b5474cad26882a5ff84b1d604cda1f
plex-playlist/.gitea/workflows/cicd.yml
Cliff Hill a54fe5c1b9
Some checks failed
Tests / Trailing Whitespace Check (push) Has been skipped
Details
Tests / Darglint Docstring Check (push) Has been skipped
Details
Tests / TypeScript Type Check (push) Has been skipped
Details
Tests / Frontend Tests (push) Has been skipped
Details
Tests / End of File Check (push) Has been skipped
Details
Tests / No Docstring Types Check (push) Has been skipped
Details
Tests / YAML Syntax Check (push) Has been skipped
Details
Tests / TOML Formatting Check (push) Has been skipped
Details
Tests / Pyright Type Check (push) Has been skipped
Details
Tests / ESLint Check (push) Has been skipped
Details
Tests / TSDoc Lint Check (push) Has been skipped
Details
Tests / Backend Doctests (push) Has been skipped
Details
Tests / TOML Syntax Check (push) Has been skipped
Details
Tests / Ruff Linting (push) Has been skipped
Details
Tests / Integration Tests (push) Has been skipped
Details
Tests / Prettier Format Check (push) Has been skipped
Details
Tests / Backend Tests (push) Has been skipped
Details
Tests / Build and Push CICD Image (push) Failing after 23m55s
Details
Tests / Mixed Line Ending Check (push) Has been skipped
Details
Tests / Ruff Format Check (push) Has been skipped
Details
Tests / End-to-End Tests (push) Has been skipped
Details
Adding a Access Token for the package system. 
Signed-off-by: Cliff Hill <xlorep@darkhelm.org>
2025-10-27 22:42:40 -04:00

474 lines
20 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: Tests
on:
push:
branches: [ main, develop, feature/* ]
pull_request:
branches: [ main, develop ]
jobs:
setup:
name: Build and Push CICD Image
runs-on: ubuntu-act
steps:
- name: Minimal checkout for Dockerfile
env:
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
run: |
echo "=== Minimal Repository Checkout for Dockerfile ==="
# Set up SSH key securely (temporary file approach)
if [ -n "${SSH_PRIVATE_KEY}" ]; then
mkdir -p ~/.ssh
echo "${SSH_PRIVATE_KEY}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan -p 2222 dogar.darkhelm.org >> ~/.ssh/known_hosts 2>/dev/null
fi
# Clone just enough to get the Dockerfile
GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=no" \
git clone --depth 1 --no-checkout \
ssh://git@dogar.darkhelm.org:2222/DarkHelm.org/plex-playlist.git .
# Checkout only the Dockerfile and dockerignore
git checkout HEAD -- Dockerfile.cicd .dockerignore
# Clean up SSH key for security
rm -f ~/.ssh/id_rsa
echo "✓ Dockerfile.cicd ready for secure build"
- name: Build and push CICD image
env:
PACKAGE_ACCESS_TOKEN: ${{ secrets.PACKAGE_ACCESS_TOKEN }}
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
GITHUB_SHA: ${{ github.sha }}
REGISTRY_USER: ${{ secrets.REGISTRY_USER || github.actor }}
run: |
echo "=== Building CICD Image with Secure Secrets ==="
# Create temporary SSH key file for BuildKit secrets
echo "${SSH_PRIVATE_KEY}" > /tmp/ssh_key
chmod 600 /tmp/ssh_key
# Enable Docker BuildKit for secrets support
export DOCKER_BUILDKIT=1
# Build CICD image using secure BuildKit secrets
# SSH key is mounted securely and never stored in image layers
docker build -f Dockerfile.cicd \
--secret id=ssh_private_key,src=/tmp/ssh_key \
--build-arg GITHUB_SHA="$GITHUB_SHA" \
-t cicd:latest .
# Clean up temporary SSH key file
rm -f /tmp/ssh_key
# Tag for Gitea container registry
docker tag cicd:latest dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:latest
docker tag cicd:latest dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
# Login to Gitea container registry with enhanced debugging
echo "Attempting Docker login for user: ${REGISTRY_USER}"
if echo "${PACKAGE_ACCESS_TOKEN}" | docker login dogar.darkhelm.org -u "${REGISTRY_USER}" --password-stdin; then
echo "✓ Successfully logged into registry"
else
echo "❌ Failed to login to registry"
echo "Registry URL: dogar.darkhelm.org"
echo "Username: ${REGISTRY_USER}"
echo "Token length: ${#PACKAGE_ACCESS_TOKEN}"
exit 1
fi
# Push to registry
echo "Pushing images to registry..."
docker push dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:latest
docker push dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
echo "✓ CICD image built and pushed to registry"
# Pre-commit style checks - General file formatting
trailing-whitespace:
name: Trailing Whitespace Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Check trailing whitespace
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace &&
if grep -r '[[:space:]]$' --exclude-dir=.git --exclude-dir=node_modules --exclude-dir=.venv --exclude-dir=__pycache__ .; then
echo 'ERROR: Trailing whitespace found'
exit 1
else
echo '✓ No trailing whitespace found'
fi
"
end-of-file-fixer:
name: End of File Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Check end of file
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace &&
find . -type f -name '*.py' -o -name '*.ts' -o -name '*.js' -o -name '*.vue' -o -name '*.yml' -o -name '*.yaml' -o -name '*.toml' -o -name '*.json' -o -name '*.md' | grep -v '.git/' | grep -v 'node_modules/' | grep -v '.venv/' | grep -v '__pycache__/' | while read file; do
if [ -s \"\$file\" ] && [ \"\$(tail -c1 \"\$file\" | wc -l)\" -eq 0 ]; then
echo \"ERROR: \$file does not end with newline\"
exit 1
fi
done &&
echo '✓ All files end with newline'
"
check-yaml:
name: YAML Syntax Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Check YAML files
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
cd /workspace &&
find . -name '*.yml' -o -name '*.yaml' | grep -v '.git/' | grep -v 'node_modules/' | grep -v '.venv/' | while read file; do
echo \"Linting \$file...\"
if ! uv run yamllint \"\$file\"; then
echo \"ERROR: YAML lint failed for \$file\"
exit 1
fi
done &&
echo '✓ All YAML files passed yamllint'
"
check-toml:
name: TOML Syntax Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Check TOML files
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
cd /workspace &&
find . -name '*.toml' | grep -v '.git/' | grep -v 'node_modules/' | grep -v '.venv/' | while read file; do
echo \"Checking \$file syntax...\"
if ! python3 -c 'import tomllib, sys; tomllib.load(open(sys.argv[1], \"rb\"))' \"\$file\" 2>/dev/null; then
echo \"ERROR: Invalid TOML syntax in \$file\"
exit 1
fi
done &&
echo '✓ All TOML files have valid syntax'
"
mixed-line-ending:
name: Mixed Line Ending Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Check line endings
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace &&
if find . -name '*.py' -o -name '*.ts' -o -name '*.js' -o -name '*.vue' -o -name '*.yml' -o -name '*.yaml' -o -name '*.toml' -o -name '*.json' -o -name '*.md' | grep -v '.git/' | grep -v 'node_modules/' | grep -v '.venv/' | xargs file | grep -i 'crlf'; then
echo 'ERROR: Mixed line endings found (CRLF detected)'
exit 1
else
echo '✓ Consistent line endings (LF)'
fi
"
toml-lint:
name: TOML Formatting Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Check TOML formatting
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
cd /workspace &&
echo 'Checking TOML formatting (fails if changes needed)...' &&
for file in \$(find . -name '*.toml' | grep -v '.git/' | grep -v 'node_modules/' | grep -v '.venv/'); do
echo \"Checking TOML format: \$file\"
# Use pretty-format-toml in check mode (same tool as pre-commit)
if ! uv run pretty-format-toml --diff \$file | grep -q 'no change'; then
echo \"ERROR: \$file needs formatting\"
uv run pretty-format-toml --diff \$file
exit 1
fi
done &&
echo '✓ All TOML files are properly formatted'
"
# Backend Python checks
ruff-lint:
name: Ruff Linting
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run ruff linting
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
echo 'Running ruff check (no auto-fix)...' &&
uv run ruff check . --config=pyproject.toml
"
ruff-format:
name: Ruff Format Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Check ruff formatting
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
echo 'Checking ruff formatting (fails if changes needed)...' &&
uv run ruff format --check . --config=pyproject.toml
"
pyright:
name: Pyright Type Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run pyright type checking
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
uv run pyright
"
darglint:
name: Darglint Docstring Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run darglint docstring linting
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
uv run darglint src/
"
no-docstring-types:
name: No Docstring Types Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Check for types in docstrings
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace &&
echo 'Checking backend Python files for types in docstrings...' &&
find backend/src -name '*.py' -type f | xargs python3 scripts/check_no_docstring_types.py &&
echo '✓ No prohibited types found in docstrings'
"
# Frontend checks
eslint:
name: ESLint Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run ESLint
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/frontend &&
echo 'Running ESLint check (no auto-fix)...' &&
yarn eslint . --max-warnings=0
"
prettier:
name: Prettier Format Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Check Prettier formatting
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/frontend &&
echo 'Checking Prettier formatting (fails if changes needed)...' &&
yarn format:check
"
typescript-check:
name: TypeScript Type Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run TypeScript type checking
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/frontend &&
yarn type-check
"
tsdoc-lint:
name: TSDoc Lint Check
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run TSDoc linting
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/frontend &&
echo 'Running TSDoc linting check...' &&
# Use eslint directly without --fix to check TSDoc
yarn eslint . --ext .ts,.vue --max-warnings=0 --no-fix
"
# Unit tests with coverage
backend-tests:
name: Backend Tests
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run backend tests with coverage
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
uv run pytest -v --tb=short --cov=src --cov-report=term-missing --cov-fail-under=95
"
frontend-tests:
name: Frontend Tests
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run frontend tests with coverage
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/frontend &&
yarn test:coverage --run --reporter=verbose --coverage.reporter=text --coverage.reporter=text-summary --coverage.thresholds.lines=85 --coverage.thresholds.functions=85 --coverage.thresholds.branches=85 --coverage.thresholds.statements=85
"
# Doctest for backend
xdoctest:
name: Backend Doctests
runs-on: ubuntu-act
needs: setup
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run backend doctests
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
echo 'Running doctests...' &&
if uv run xdoctest src/ --quiet; then
echo '✓ All doctests passed'
else
echo ' No doctests found or some doctests failed'
# Don't fail the build for missing doctests, only for failed ones
if uv run xdoctest src/ --quiet --verbose 2>&1 | grep -q 'FAILED'; then
exit 1
fi
fi
"
# Integration and E2E tests (run after unit tests complete)
integration-tests:
name: Integration Tests
runs-on: ubuntu-act
needs: [backend-tests, frontend-tests]
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run integration tests
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/backend &&
source .venv/bin/activate &&
if [ -d 'tests/integration' ]; then
uv run pytest tests/integration/ -v --tb=short
else
echo ' No integration tests found'
fi
"
e2e-tests:
name: End-to-End Tests
runs-on: ubuntu-act
needs: [backend-tests, frontend-tests]
steps:
- name: Login to Gitea Container Registry
run: echo "${{ secrets.PACKAGE_ACCESS_TOKEN }}" | docker login dogar.darkhelm.org -u ${{ github.actor }} --password-stdin
- name: Run E2E tests
run: |
docker pull dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest}
docker run --rm dogar.darkhelm.org/darkhelm.org/plex-playlist/cicd:${GITHUB_SHA:-latest} bash -c "
cd /workspace/frontend &&
if [ -d 'tests/e2e' ] || grep -q 'playwright' package.json; then
yarn test:e2e || echo 'E2E tests failed or not configured yet'
else
echo ' No E2E tests found'
fi
"
Reference in New Issue View Git Blame Copy Permalink