Initial commit

.gitea/workflows/ci.yaml

@@ -0,0 +1,69 @@
+name: CI
+on:
+  pull_request:
+  push:
+env:
+  DATABASE_URL: ${{ vars.DATABASE_URL }}
+
+concurrency:
+  group: ${{ gitea.workflow }}-${{ gitea.ref }}
+  cancel-in-progress: ${{ gitea.ref != 'ref/heads/master' }}
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    container:
+      image: catthehacker/ubuntu:js-latest
+      options: --security-opt seccomp=unconfined
+    permissions:
+      pull-requests: write
+    services:
+      postgres:
+        image: postgres:16-alpine
+        env:
+          POSTGRES_PASSWORD: ${{ vars.DB_PASSWORD }}
+          POSTGRES_USER: ${{ vars.DB_USER }}
+          POSTGRES_DB: ${{ vars.DB_NAME }}
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 10s
+          --health-retries 5
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install Nix
+        uses: cachix/install-nix-action@v27
+        with:
+          nix_path: nixpkgs=channel:nixos-unstable
+      - name: Migrate database
+        run: nix develop --command -- just migrate
+      - name: Formatting check
+        run: nix develop --command -- just format-check
+      - name: Lint
+        run: nix develop --command -- just lint
+      - name: Audit
+        run: nix develop --command -- just audit
+      - name: Minimum supported Rust version check
+        run: nix develop --command -- just msrv
+      - name: Tests
+        run: nix develop --command -- just test
+      - name: Coverage
+        run: nix develop --command -- just coverage-ci
+      - name: Code Coverage Report
+        uses: irongut/CodeCoverageSummary@v1.3.0
+        with:
+          filename: coverage/cobertura.xml
+          badge: true
+          fail_below_min: true
+          format: markdown
+          hide_branch_rate: false
+          hide_complexity: false
+          indicators: true
+          output: both
+          thresholds: '60 80'
+      - name: Add Coverage PR Comment
+        uses: mshick/add-pr-comment@v2
+        if: gitea.event_name == 'pull_request'
+        with:
+          recreate: true
+          message-path: code-coverage-results.md

.gitea/workflows/publish.yaml

@@ -0,0 +1,33 @@
+name: Publish Docker image
+on:
+  push:
+    branches:
+      - 'main'
+      - 'develop'
+    tags:
+      - 'v*'
+  pull_request:
+    branches:
+      - 'main'
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Log in to Docker registry
+        uses: docker/login-action@v3.3.0
+        with:
+          username: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
+          password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
+      - uses: cachix/install-nix-action@v27
+        with:
+          nix_path: nixpkgs=channel:nixos-unstable
+      - name: Build Docker image
+        run: nix develop --command -- just docker-build
+      - name: Load Docker image
+        run: docker load < result
+      - name: Docker Metadata action
+        uses: docker/metadata-action@v5.5.1
+        with:
+          image: tal-backend:latest