diff --git a/.gitea/workflows/check.yaml b/.gitea/workflows/check.yaml index fb645e4..41d7d26 100644 --- a/.gitea/workflows/check.yaml +++ b/.gitea/workflows/check.yaml @@ -12,8 +12,8 @@ jobs: name: check runs-on: ubuntu-latest if: | - contains(github.event.head_commit.message, 'bump:') == false && - contains(github.event.head_commit.message, 'Merge pull request') == false + contains(gitea.event.head_commit.message, 'bump:') == false && + contains(gitea.event.head_commit.message, 'Merge pull request') == false steps: - name: Checkout uses: actions/checkout@v4 diff --git a/.gitea/workflows/release.yaml b/.gitea/workflows/release.yaml index 121a3f6..ea8131e 100644 --- a/.gitea/workflows/release.yaml +++ b/.gitea/workflows/release.yaml @@ -47,12 +47,12 @@ jobs: - name: Build run: > nix build - .#trevstack-linux-amd64 - .#trevstack-linux-arm64 - .#trevstack-linux-arm - .#trevstack-windows-amd64 - .#trevstack-darwin-amd64 - .#trevstack-darwin-arm64 + #trevstack-linux-amd64 + #trevstack-linux-arm64 + #trevstack-linux-arm + #trevstack-windows-amd64 + #trevstack-darwin-amd64 + #trevstack-darwin-arm64 - name: Release uses: akkuman/gitea-release-action@v1 @@ -71,7 +71,7 @@ jobs: with: # list of Docker images to use as base name for tags images: | - ${{ vars.URL }}/${{ github.repository }} + ${{ gitea.server_url }}/${{ gitea.repository }} # generate Docker tags based on the following events/attributes tags: | type=ref,event=branch @@ -80,8 +80,8 @@ jobs: - name: Login to Gitea Container Registry uses: docker/login-action@v3 with: - registry: ${{ vars.URL }} - username: ${{ github.actor }} + registry: ${{ gitea.server_url }} + username: ${{ gitea.actor }} password: ${{ secrets.PAT }} - name: Set up QEMU diff --git a/.gitea/workflows/update.yaml b/.gitea/workflows/update.yaml index 63d3a14..9c11c53 100644 --- a/.gitea/workflows/update.yaml +++ b/.gitea/workflows/update.yaml @@ -37,9 +37,9 @@ jobs: - name: Create Pull Request env: - URL: ${{ vars.URL }} PAT: ${{ secrets.PAT }} run: | + URL="${{ gitea.server_url }}" REPO_OWNER_SLASH_NAME="${{ gitea.repository }}" if ! git ls-remote --exit-code origin update; then diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 0a32ea9..50611f8 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -51,12 +51,12 @@ jobs: - name: Build run: > nix build - .#trevstack-linux-amd64 - .#trevstack-linux-arm64 - .#trevstack-linux-arm - .#trevstack-windows-amd64 - .#trevstack-darwin-amd64 - .#trevstack-darwin-arm64 + #trevstack-linux-amd64 + #trevstack-linux-arm64 + #trevstack-linux-arm + #trevstack-windows-amd64 + #trevstack-darwin-amd64 + #trevstack-darwin-arm64 - name: Release uses: softprops/action-gh-release@v2 @@ -76,19 +76,12 @@ jobs: with: # list of Docker images to use as base name for tags images: | - ${{ github.repository }} ghcr.io/${{ github.repository }} # generate Docker tags based on the following events/attributes tags: | type=ref,event=branch type=semver,pattern={{version}} - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ vars.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: diff --git a/Dockerfile b/Dockerfile index d6fd42a..fc8a49c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,9 +21,13 @@ RUN cp -R $(nix-store -qR result/) /tmp/nix-store-closure # but they're fully self-contained so we don't need Nix anymore. FROM scratch +# Label for container registry +LABEL org.opencontainers.image.source=https://github.com/spotdemo4/trevstack + WORKDIR /app # Copy /nix/store COPY --from=builder /tmp/nix-store-closure /nix/store COPY --from=builder /tmp/build/result /app + CMD ["/app/bin/trevstack"] \ No newline at end of file diff --git a/README.md b/README.md index 8915fa7..14f99b7 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,7 @@ This is a CRUD app to use as a template for starting projects - **Communicate anywhere**. Define a [protocol buffer](https://protobuf.dev/), and [Connect](https://connectrpc.com/) generates type-safe code to facilitate communication between the server and any client (web, mobile, embedded, etc). The protocol buffers can contain annotations to validate fields on the client and server. For clients that cannot use Connect, an OpenAPI spec is also generated - **Build anywhere**. The dev environment, testing and building is all declared in a single [Nix](https://nixos.org/) flake. Every developer and server can use the same environment - **Deploy anywhere**. CI/CD is already set up using github actions. New versions are automatically released for every major platform, along with a docker image. The binaries created require zero run-time dependencies and are relatively small (this app is 26 MiB) +- Can be entirely self-hosted - Authentication is rolled in, including API key, fingerprint & passkey - Automatic database migration on startup - Light & dark modes with the [catppuccin](https://catppuccin.com/palette/) color palette @@ -27,7 +28,7 @@ URL=http://localhost:5173 DATABASE_URL=sqlite:/home/trev/.config/trevstack/sqlite.db ``` -4. Run `treli` +4. Run `treli` to start the server & client It's that simple. If you're feeling fancy, install [direnv](https://direnv.net/) and the dev environment will load automatically. @@ -37,11 +38,52 @@ It's that simple. If you're feeling fancy, install [direnv](https://direnv.net/) - `nix run #bump [major | minor]`: bumps the current version up one. Defaults to "patch" (0.0.1 -> 0.0.2) -- `buf lint` & `buf generate`: Lints and generates code from protocol buffers +- `nix build [#trevstack-(GOOS)-(GOARCH)]`: builds the application. Defaults to building for your current platform, but can be built to many by specifying the GOOS and GOARCH values -- `sqlc vet` & `sqlc generate`: Verifies and generates code from SQL files +- `nix flake check`: runs all validations -- `dbmate new` & `dbmate up`: Creates a new migration file and runs pending migrations +- `buf lint` & `buf generate`: lints and generates code from protocol buffers + +- `sqlc vet` & `sqlc generate`: verifies and generates code from SQL files + +- `dbmate new` & `dbmate up`: creates a new migration file and runs pending migrations + +### Github Actions + +To use github actions for CI/CD, you'll need to create a fine-grained personal access token for the repository with the permissions: + +- Contents (read and write) +- Pull requests (read and write) + +and change some settings for the repository: + +- General -> Allow auto-merge: true +- Rules -> Rulesets -> New ruleset + - Branch targeting criteria: Default + - Branch rules + - Require status checks to pass -> Add checks -> "check" +- Actions -> General -> Workflow permissions + - Read and write permissions: true + - Allow GitHub Actions to create and approve pull requests: true +- Secrets and variables -> Actions -> Repository secrets + - PAT: (personal access token) + +### Gitea Actions + +To use gitea actions for CI/CD, you'll need to create an [API token](https://docs.gitea.com/development/api-usage) with the scopes: + +- write:repository +- write:package + +and change some settings for the repository: + +- Repository -> Delete pull request branch after merge by default: true +- Branches -> Add New Rule + - Protected Branch Name Pattern: main + - Enable Status Check: true + - Status check patterns: Check / check\* +- Actions -> Secrets + - PAT: (API token) ## Components