bao/nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add CI/CD pipeline with Gitea Actions
CI - Build & Test / Backend (.NET) (push) Failing after 14s
Details
CI - Build & Test / Frontend (Vue/TS) (push) Failing after 37s
Details
CI - Build & Test / Security Check (push) Failing after 1s
Details

Browse Source 
- ci.yaml: Backend build+test, Frontend type-check+build, Security scan
- deploy.yaml: Manual deploy with health check + smoke test
- Deploy supports per-service deploy and --no-cache option
This commit is contained in:
Bao
2026-06-09 16:43:43 +02:00
parent 82cf226b83
commit ca86c4c310
3 changed files with 150 additions and 1442 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/ci.yaml
+73
View File
@@ -0,0 +1,73 @@
name: CI - Build & Test
run-name: 🔍 CI ${{ gitea.ref_name }} by @${{ gitea.actor }}
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
# ─── Backend ───────────────────────────────────
backend:
name: Backend (.NET)
runs-on: linux
container:
image: mcr.microsoft.com/dotnet/sdk:10.0
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Restore
run: dotnet restore backend/Nexus.Api.csproj
- name: Build
run: dotnet build backend/Nexus.Api.csproj --no-restore --configuration Release
- name: Test
run: dotnet test backend-tests/Nexus.Api.Tests.csproj --no-build --configuration Release --verbosity normal
continue-on-error: true
# ─── Frontend ──────────────────────────────────
frontend:
name: Frontend (Vue/TS)
runs-on: linux
container:
image: node:24-alpine
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup pnpm
run: |
corepack enable
corepack prepare pnpm@latest --activate
- name: Install dependencies
run: pnpm install --frozen-lockfile
working-directory: frontend
- name: Type check
run: pnpm exec vue-tsc --noEmit
working-directory: frontend
- name: Build
run: pnpm build
working-directory: frontend
# ─── Security ──────────────────────────────────
security:
name: Security Check
runs-on: linux
if: github.ref == 'refs/heads/main'
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Check for .env leaks
run: |
if grep -r "API_KEY\|SECRET\|PASSWORD\|TOKEN" --include="*.cs" --include="*.ts" --include="*.vue" backend/ frontend/src/ 2>/dev/null; then
echo "⚠️ Warning: Potential secrets in source code (review manually)"
else
echo "✅ No obvious secrets found"
fi