chore: better action workflow

2025-11-27 17:03:17 +01:00
7 changed files with 86 additions and 22 deletions
--- a/.github/workflows/publish-docker.yml
+++ b/.github/workflows/publish-docker.yml
@@ -13,13 +13,13 @@ on:
 env:
  CACHIX_NAME: devenv
  DOCKER_REGISTRY: labs.phundrak.com  # Override in repository settings if needed
-  IMAGE_NAME: phundrak/bakit
+  IMAGE_NAME: phundrak/phundrak-dot-com-backend
 jobs:
  coverage-and-sonar:
    runs-on: ubuntu-latest
    permissions:
-      contents: read
+      content: read
      pull-requests: read
    steps:
@@ -112,12 +112,84 @@ jobs:
          registry-username: ${{ secrets.DOCKER_USERNAME }}
          registry-password: ${{ secrets.DOCKER_PASSWORD }}
          image-name: ${{ env.IMAGE_NAME }}
-          local-image: phundrak/bakit:latest
+          local-image-name: phundrak/phundrak-dot-com-backend:latest
          event-name: ${{ github.event_name }}
          ref: ${{ github.ref }}
          ref-type: ${{ github.ref_type }}
          ref-name: ${{ github.ref_name }}
          pr-number: ${{ github.event.pull_request.number }}
      # - name: Log in to Docker Registry
      #   run: |
      #     echo "${{ secrets.DOCKER_PASSWORD }}" | docker login ${{ env.DOCKER_REGISTRY }} -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
      # - name: Determine tags and push images
      #   run: |
      #     set -euo pipefail
      #     REGISTRY="${{ env.DOCKER_REGISTRY }}"
      #     IMAGE_NAME="${{ env.IMAGE_NAME }}"
      #     # The locally built image from Nix (name comes from Cargo.toml package.name)
      #     LOCAL_IMAGE="phundrak/phundrak-dot-com-backend:latest"
      #     echo "Event: ${{ github.event_name }}"
      #     echo "Ref: ${{ github.ref }}"
      #     echo "Ref type: ${{ github.ref_type }}"
      #     # Determine which tags to push based on the event
      #     if [[ "${{ github.event_name }}" == "push" && "${{ github.ref_type }}" == "tag" ]]; then
      #       # Tag push on main branch → publish 'latest' and versioned tag
      #       echo "Tag push detected"
      #       TAG_VERSION="${{ github.ref_name }}"
      #       # Remove 'v' prefix if present (v1.0.0 → 1.0.0)
      #       TAG_VERSION="${TAG_VERSION#v}"
      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
      #       docker push "${REGISTRY}/${IMAGE_NAME}:latest"
      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
      #       docker push "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
      #     elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/develop" ]]; then
      #       # Push on develop branch → publish 'develop' tag
      #       echo "Push to develop branch detected"
      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:develop"
      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:develop"
      #       docker push "${REGISTRY}/${IMAGE_NAME}:develop"
      #     elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
      #       # Pull request → publish 'pr<number>' tag
      #       echo "Pull request detected"
      #       PR_NUMBER="${{ github.event.pull_request.number }}"
      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
      #       docker push "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
      #     elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/main" ]]; then
      #       # Push to main branch (not a tag) → publish 'latest'
      #       echo "Push to main branch detected"
      #       echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
      #       docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
      #       docker push "${REGISTRY}/${IMAGE_NAME}:latest"
      #     else
      #       echo "Unknown event or ref, skipping push"
      #       exit 1
      #     fi
      # - name: Log out from Docker Registry
      #   if: always()
      #   run: docker logout ${{ env.DOCKER_REGISTRY }}
      - name: Delete Docker image artifact
        uses: geekyeggo/delete-artifact@v2
        with:
          name: docker-image
      - name: Image published successfully
        run: |
--- a/README.md
+++ b/README.md
@@ -13,10 +13,10 @@ gitea: none
 <div align="center">
  <a href="https://sonar.phundrak.com/dashboard?id=bakit" target="_blank">
-    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=bakit&metric=coverage&token=sqb_614da1a838e933f937488ee4bb82d7711e4f0c5c" alt="Sonar Coverage" />
+    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=bakit&metric=coverage&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Coverage" />
  </a>
  <a href="https://sonar.phundrak.com/dashboard?id=bakit" target="_blank">
-    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=bakit&metric=alert_status&token=sqb_614da1a838e933f937488ee4bb82d7711e4f0c5c" alt="Sonar Quality Gate Status" />
+    <img src="https://sonar.phundrak.com/api/project_badges/measure?project=bakit&metric=alert_status&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Quality Gate Status" />
  </a>
  <a href="#license">
    <img src="https://img.shields.io/badge/License-AGPL--3.0--only-blue" alt="License" />
--- a/flake.nix
+++ b/flake.nix
@@ -32,6 +32,7 @@
  };
  outputs = {
    self,
    nixpkgs,
    flake-utils,
    rust-overlay,
@@ -51,7 +52,7 @@
        formatter = alejandra.defaultPackage.${system};
        packages = import ./nix/package.nix {inherit pkgs rustPlatform;};
        devShell = import ./nix/shell.nix {
-          inherit inputs pkgs rustVersion;
+          inherit inputs pkgs self rustVersion;
        };
      }
    );
--- a/nix/package.nix
+++ b/nix/package.nix
@@ -3,7 +3,7 @@
  rustPlatform,
  ...
 }: let
-  cargoToml = fromTOML (builtins.readFile ../Cargo.toml);
+  cargoToml = builtins.fromTOML (builtins.readFile ../Cargo.toml);
  name = cargoToml.package.name;
  version = cargoToml.package.version;
  rustBuild = rustPlatform.buildRustPackage {
--- a/nix/shell.nix
+++ b/nix/shell.nix
@@ -1,6 +1,7 @@
 {
  inputs,
  pkgs,
  self,
  rustVersion,
  ...
 }:
--- a/src/route/contact/errors.rs
+++ b/src/route/contact/errors.rs
@@ -93,14 +93,10 @@ impl From<ValidationErrors> for ContactError {
            return Self::ValidationNameError("backend.contact.errors.validation.name".to_owned());
        }
        if validator::ValidationErrors::has_error(&Err(value.clone()), "email") {
-            return Self::ValidationEmailError(
+            return Self::ValidationEmailError("backend.contact.errors.validation.email".to_owned());
                "backend.contact.errors.validation.email".to_owned(),
            );
        }
        if validator::ValidationErrors::has_error(&Err(value), "message") {
-            return Self::ValidationMessageError(
+            return Self::ValidationMessageError("backend.contact.errors.validation.message".to_owned());
                "backend.contact.errors.validation.message".to_owned(),
            );
        }
        Self::ValidationError("backend.contact.errors.validation.other".to_owned())
    }
@@ -117,13 +113,9 @@ impl From<ContactError> for ContactResponse {
            success: false,
            message: match value {
                ContactError::CouldNotParseRequestEmailAddress(_)
-                | ContactError::ValidationEmailError(_) => {
+                | ContactError::ValidationEmailError(_) => "backend.contact.errors.validation.email",
                    "backend.contact.errors.validation.email"
                }
                ContactError::ValidationNameError(_) => "backend.contact.errors.validation.name",
-                ContactError::ValidationMessageError(_) => {
+                ContactError::ValidationMessageError(_) => "backend.contact.errors.validation.message",
                    "backend.contact.errors.validation.message"
                }
                ContactError::CouldNotParseSettingsEmail(_)
                | ContactError::FailedToBuildMessage(_)
                | ContactError::CouldNotSendEmail(_)
--- a/src/route/contact/mod.rs
+++ b/src/route/contact/mod.rs
@@ -161,9 +161,7 @@ impl ContactApi {
        remote_addr: Option<poem::web::Data<&poem::web::RemoteAddr>>,
    ) -> ContactApiResponse {
        let body = body.0;
-        if let Some(ref honeypot) = body.honeypot
+        if body.honeypot.is_some() {
            && !honeypot.trim().is_empty()
        {
            tracing::event!(
                target: "backend::contact",
                tracing::Level::INFO,