ci-templates

gitea_admin/ci-templates

Fork 0

Commit Graph

Author	SHA1	Message	Date
Platform Engineer	6df68e0495	harden: pin container image digest, document ARM64 QEMU trade-offs - Pin catthehacker/ubuntu:act-22.04 to digest sha256:52581951... to prevent supply-chain drift from mutable tags - Add ARM64 builds section to README documenting QEMU emulation trade-offs and when to switch to native ARM64 runners (Rust builds) - Update Notes section to reference new ARM64 docs and digest pinning Ref: CON-578	2026-03-31 20:03:29 +03:00
Platform Engineer	290b9a9eb9	harden: P1/P2 improvements from CON-571 review P1 — deploy-k8s.yaml: - Add set -euo pipefail to all run blocks - Replace sed-based image tag patching with yq for YAML-safe updates - Add source commit SHA and CI run link to deploy commit messages - Install yq v4.44.1 as prerequisite step P1 — build-push.yaml: - Add runner input parameter for future ARM64 self-hosted runners (default: ubuntu-latest with QEMU emulation) P2 — test-python.yaml: - Add pyproject.toml support (pip install -e) before requirements.txt fallback P2 — build-push.yaml: - Pin catthehacker/ubuntu container image to act-22.04 (was act-latest) Ref: CON-578	2026-03-31 19:59:09 +03:00
Platform Engineer	a620868998	feat: add reusable CI/CD pipeline templates Reusable Gitea Actions workflows for lint, test, build, and deploy: - lint-python, lint-node, lint-rust - test-python, test-node, test-rust - build-push (Docker build + push to Gitea registry) - deploy-k8s (GitOps image tag update in cluster repo) Plus example caller workflows for python-fullstack, rust-service, and node-frontend stacks. Branch refs aligned to staging per CON-570 standards.	2026-03-31 19:55:17 +03:00

Author

SHA1

Message

Date

Platform Engineer

6df68e0495

harden: pin container image digest, document ARM64 QEMU trade-offs

- Pin catthehacker/ubuntu:act-22.04 to digest sha256:52581951... to
  prevent supply-chain drift from mutable tags
- Add ARM64 builds section to README documenting QEMU emulation
  trade-offs and when to switch to native ARM64 runners (Rust builds)
- Update Notes section to reference new ARM64 docs and digest pinning

Ref: CON-578

2026-03-31 20:03:29 +03:00

Platform Engineer

290b9a9eb9

harden: P1/P2 improvements from CON-571 review

P1 — deploy-k8s.yaml:
- Add set -euo pipefail to all run blocks
- Replace sed-based image tag patching with yq for YAML-safe updates
- Add source commit SHA and CI run link to deploy commit messages
- Install yq v4.44.1 as prerequisite step

P1 — build-push.yaml:
- Add runner input parameter for future ARM64 self-hosted runners
  (default: ubuntu-latest with QEMU emulation)

P2 — test-python.yaml:
- Add pyproject.toml support (pip install -e) before requirements.txt fallback

P2 — build-push.yaml:
- Pin catthehacker/ubuntu container image to act-22.04 (was act-latest)

Ref: CON-578

2026-03-31 19:59:09 +03:00

Platform Engineer

a620868998

feat: add reusable CI/CD pipeline templates

Reusable Gitea Actions workflows for lint, test, build, and deploy:
- lint-python, lint-node, lint-rust
- test-python, test-node, test-rust
- build-push (Docker build + push to Gitea registry)
- deploy-k8s (GitOps image tag update in cluster repo)

Plus example caller workflows for python-fullstack, rust-service,
and node-frontend stacks. Branch refs aligned to staging per CON-570 standards.

2026-03-31 19:55:17 +03:00

3 Commits