# FleetDM Stack - Gitea Actions # CI: lint on every push # Semantic Release: auto-bump version on push to main/master # - merge from feature/* branch → major bump # - any other commit (fix, chore, etc.) → patch bump # Release: package Helm chart and publish to Gitea Releases name: Helm Chart CI & Release on: push: branches: - main - master pull_request: branches: - main - master jobs: lint: name: Lint Helm Chart runs-on: ubuntu-latest steps: - name: Checkout run: | git clone --depth=1 https://${{ gitea.actor }}:${{ gitea.token }}@git.produktor.io/${{ gitea.repository }}.git . git checkout ${{ gitea.sha }} - name: Install Helm run: | curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash helm version - name: Lint chart run: | helm dependency update fleetdm-stack/ helm lint fleetdm-stack/ helm template fleetdm-stack fleetdm-stack/ --namespace fleetdm > /dev/null semantic-release: name: Semantic Release runs-on: ubuntu-latest needs: lint if: gitea.event_name == 'push' permissions: contents: write steps: - name: Checkout (full history for tags) run: | git clone https://${{ gitea.actor }}:${{ gitea.token }}@git.produktor.io/${{ gitea.repository }}.git . git fetch --tags - name: Check if release-worthy changes id: changes run: | CHANGED=$(git diff --name-only HEAD~1 HEAD 2>/dev/null || git diff --name-only HEAD) echo "Changed files:" echo "$CHANGED" # Skip release if only docs, markdown, or non-chart files changed RELEASE_FILES=$(echo "$CHANGED" | grep -vE '^(docs/|README\.md|STATUS\.md|AGENTS\.md|TASKS\.md|\.gitignore|djinni-)' || true) if [ -z "$RELEASE_FILES" ]; then echo "Only docs/meta files changed — skipping release." echo "skip=true" >> "$GITHUB_OUTPUT" else echo "Chart/workflow files changed — proceeding with release." echo "skip=false" >> "$GITHUB_OUTPUT" fi - name: Determine version bump if: steps.changes.outputs.skip != 'true' id: version run: | LATEST_TAG=$(git tag -l 'v*' --sort=-v:refname | head -1) if [ -z "$LATEST_TAG" ]; then LATEST_TAG="v0.0.0" fi echo "Latest tag: $LATEST_TAG" # Strip 'v' prefix and split VER="${LATEST_TAG#v}" MAJOR=$(echo "$VER" | cut -d. -f1) MINOR=$(echo "$VER" | cut -d. -f2) PATCH=$(echo "$VER" | cut -d. -f3) # Check if this commit is a merge from a feature/* branch COMMIT_MSG=$(git log -1 --format='%s' ${{ gitea.sha }}) echo "Commit message: $COMMIT_MSG" IS_FEATURE="false" if echo "$COMMIT_MSG" | grep -qiE "^Merge.*feature/"; then IS_FEATURE="true" fi # Also check parent branches for merge commits if git log -1 --format='%P' ${{ gitea.sha }} | grep -q ' '; then MERGE_BRANCH=$(git log -1 --format='%s' ${{ gitea.sha }} | grep -oE "feature/[^ '\"]*" || true) if [ -n "$MERGE_BRANCH" ]; then IS_FEATURE="true" fi fi if [ "$IS_FEATURE" = "true" ]; then MAJOR=$((MAJOR + 1)) MINOR=0 PATCH=0 BUMP="major" else PATCH=$((PATCH + 1)) BUMP="patch" fi NEW_VER="${MAJOR}.${MINOR}.${PATCH}" echo "Bump: $BUMP → v${NEW_VER}" echo "new_version=${NEW_VER}" >> "$GITHUB_OUTPUT" echo "new_tag=v${NEW_VER}" >> "$GITHUB_OUTPUT" echo "bump_type=${BUMP}" >> "$GITHUB_OUTPUT" - name: Install Helm if: steps.changes.outputs.skip != 'true' run: | curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - name: Update Chart.yaml version if: steps.changes.outputs.skip != 'true' run: | sed -i "s/^version: .*/version: ${{ steps.version.outputs.new_version }}/" fleetdm-stack/Chart.yaml echo "Chart.yaml version set to ${{ steps.version.outputs.new_version }}" grep '^version:' fleetdm-stack/Chart.yaml - name: Package chart if: steps.changes.outputs.skip != 'true' run: | helm dependency update fleetdm-stack/ helm package fleetdm-stack/ mkdir -p .tmp mv fleetdm-stack-*.tgz .tmp/ ls -la .tmp/ - name: Create tag if: steps.changes.outputs.skip != 'true' run: | git config user.name "Gitea Actions" git config user.email "actions@git.produktor.io" git tag -a "${{ steps.version.outputs.new_tag }}" -m "Release ${{ steps.version.outputs.new_tag }} (${{ steps.version.outputs.bump_type }})" git push https://${{ gitea.actor }}:${{ gitea.token }}@git.produktor.io/${{ gitea.repository }}.git "${{ steps.version.outputs.new_tag }}" - name: Create Gitea Release if: steps.changes.outputs.skip != 'true' run: | TAG="${{ steps.version.outputs.new_tag }}" BUMP="${{ steps.version.outputs.bump_type }}" API="https://git.produktor.io/api/v1/repos/${{ gitea.repository }}/releases" TOKEN="${{ gitea.token }}" # Create release RELEASE=$(curl -sf -X POST "$API" \ -H "Authorization: token $TOKEN" \ -H "Content-Type: application/json" \ -d "{\"tag_name\":\"$TAG\",\"name\":\"FleetDM Stack $TAG\",\"body\":\"**${BUMP}** release — \`${TAG}\`\n\nHelm chart for FleetDM Server with MySQL and Redis.\"}") RELEASE_ID=$(echo "$RELEASE" | grep -o '"id":[0-9]*' | head -1 | cut -d: -f2) echo "Created release ID: $RELEASE_ID" # Upload chart package for f in .tmp/*.tgz; do FNAME=$(basename "$f") curl -sf -X POST "$API/$RELEASE_ID/assets?name=$FNAME" \ -H "Authorization: token $TOKEN" \ -H "Content-Type: application/octet-stream" \ --data-binary "@$f" echo "Uploaded: $FNAME" done