From 45d4e5f24c6c69230f300cf9a3dddf6a6ac65bed Mon Sep 17 00:00:00 2001
From: Simon Vieille <simon@deblan.fr>
Date: Wed, 21 Feb 2024 11:16:56 +0100
Subject: [PATCH] refactorint ci steps

use gitnet.fr/deblan/woodpecker-cache to generate cache
---
 .woodpecker.yml           | 103 --------------------------------------
 .woodpecker/.build.yml    |  28 +++++++++++
 .woodpecker/.publish.yml  |  55 ++++++++++++++++++++
 .woodpecker/.security.yml |  17 +++++++
 4 files changed, 100 insertions(+), 103 deletions(-)
 delete mode 100644 .woodpecker.yml
 create mode 100644 .woodpecker/.build.yml
 create mode 100644 .woodpecker/.publish.yml
 create mode 100644 .woodpecker/.security.yml

diff --git a/.woodpecker.yml b/.woodpecker.yml
deleted file mode 100644
index 61563c0..0000000
--- a/.woodpecker.yml
+++ /dev/null
@@ -1,103 +0,0 @@
-steps:
-  "Verify tag and app version":
-    image: alpine
-    commands:
-      - TAG=${CI_COMMIT_TAG/v//}
-      - grep "<version>$TAG</version>" appinfo/info.xml
-    when:
-      event: [tag]
-
-  "Install dependencies":
-    image: node:16
-    pull: true
-    commands:
-      - npm i
-    when:
-      event: [tag, push, pull_request, manual]
-      branch: [master, develop, feature/*, fix/*, bugfix/*, translations]
-
-  "Check dependencies":
-    image: gitnet.fr/deblan/osv-detector:v0.10
-    commands:
-      - osv-detector package-lock.json
-    failure: ignore
-
-  "Build JS":
-    image: node:16
-    commands:
-      - npm run build
-    when:
-      event: [tag, push, pull_request, manual]
-      branch: [master, develop, feature/*, fix/*, bugfix/*, translations]
-
-  "Build translations":
-    image: deblan/php:8.0
-    commands:
-      - php bin/generate_l10n.php
-    when:
-      event: [tag, push, pull_request, manual]
-      branch: [master, develop, feature/*, fix/*, bugfix/*, translations]
-
-  "Create signature":
-    image: nextcloud:25
-    secrets: [app_certificate, app_public_certificate]
-    environment:
-      SQLITE_DATABASE: /var/www/data/data.db
-      NEXTCLOUD_ADMIN_USER: admin
-      NEXTCLOUD_ADMIN_PASSWORD: admin
-    commands:
-      - echo "$APP_CERTIFICATE" > "/tmp/side_menu.key"
-      - echo "$APP_PUBLIC_CERTIFICATE" > "/tmp/side_menu.crt"
-      - mkdir /tmp/app
-      - cp -r README.md CHANGELOG.md appinfo css lib img l10n js src templates screenshots vendor /tmp/app
-      - /usr/src/nextcloud/occ integrity:sign-app
-        --privateKey=/tmp/side_menu.key
-        --certificate=/tmp/side_menu.crt
-        --path=/tmp/app
-      - mv /tmp/app/appinfo/signature.json appinfo/
-    when:
-      event: [tag]
-
-  # check-code-quality:
-  #   image: sonarsource/sonar-scanner-cli
-  #   secrets: [sonar_token, sonar_host, sonar_project]
-  #   commands:
-  #     - sonar-scanner
-  #       -Dsonar.projectKey=$SONAR_PROJECT
-  #       -Dsonar.sources=.
-  #       -Dsonar.host.url=$SONAR_HOST
-  #       -Dsonar.pullrequest.key=$CI_COMMIT_PULL_REQUEST
-  #       -Dsonar.pullrequest.branch=$CI_COMMIT_SOURCE_BRANCH
-  #       -Dsonar.pullrequest.base=$CI_COMMIT_TARGET_BRANCH
-  #   failure: ignore
-  #   when:
-  #     event: [pull_request]
-
-  "Create package":
-    image: deblan/php:8.0
-    volumes:
-      - /var/www/html/artifacts:/var/www/html/artifacts
-    secrets: [app_certificate]
-    commands:
-      - apt-get update
-      - apt-get install -y zip make
-      - mkdir -p "$HOME/.nextcloud/certificates"
-      - echo "$APP_CERTIFICATE" > "$HOME/.nextcloud/certificates/side_menu.key"
-      - export VERSION=$(grep "<version>" appinfo/info.xml | grep -o "[0-9]*\.[0-9]*\.[0-9]*" --color=never)
-      - export RELEASE_DIRECTORY="/var/www/html/artifacts/deblan/side_menu"
-      - make release
-    when:
-      event: [tag]
-
-  "Push release":
-    image: plugins/gitea-release
-    volumes:
-      - /var/www/html/artifacts:/var/www/html/artifacts
-    settings:
-      api_key:
-        from_secret: gitnet_api_key
-      base_url: https://gitnet.fr
-      note: ${CI_COMMIT_MESSAGE}
-      files: /var/www/html/artifacts/deblan/side_menu/${CI_COMMIT_TAG/v//}/*
-    when:
-      event: [tag]
diff --git a/.woodpecker/.build.yml b/.woodpecker/.build.yml
new file mode 100644
index 0000000..93b0530
--- /dev/null
+++ b/.woodpecker/.build.yml
@@ -0,0 +1,28 @@
+variables:
+  volumes: &volumes
+    - /data/${CI_REPO}:/builds
+
+when:
+  event: [tag, push, pull_request, manual]
+  branch: [master, develop, feature/*, fix/*, bugfix/*, translations]
+
+steps:
+  "Install dependencies":
+    image: node:16
+    pull: true
+    commands:
+      - npm i
+
+  "Build JS":
+    image: node:16
+    commands:
+      - npm run build
+
+  "Build translations":
+    image: deblan/php:8.0
+    commands:
+      - php bin/generate_l10n.php
+
+  "Build cache":
+    image: gitnet.fr/deblan/woodpecker-cache
+    volumes: *volumes
diff --git a/.woodpecker/.publish.yml b/.woodpecker/.publish.yml
new file mode 100644
index 0000000..4d0f639
--- /dev/null
+++ b/.woodpecker/.publish.yml
@@ -0,0 +1,55 @@
+variables:
+  volumes: &volumes
+    - /data/${CI_REPO}:/builds
+    - /var/www/html/artifacts:/var/www/html/artifacts
+
+depends_on:
+  - build
+
+when:
+  event: [tag]
+
+steps:
+  "Create signature":
+    image: nextcloud:25
+    secrets: [app_certificate, app_public_certificate]
+    volumes: &volumes
+    environment:
+      SQLITE_DATABASE: /var/www/data/data.db
+      NEXTCLOUD_ADMIN_USER: admin
+      NEXTCLOUD_ADMIN_PASSWORD: admin
+    commands:
+      - cd "/builds/$CI_COMMIT_SHA"
+      - echo "$APP_CERTIFICATE" > "/tmp/side_menu.key"
+      - echo "$APP_PUBLIC_CERTIFICATE" > "/tmp/side_menu.crt"
+      - mkdir /tmp/app
+      - cp -r README.md CHANGELOG.md appinfo css lib img l10n js src templates screenshots vendor /tmp/app
+      - /usr/src/nextcloud/occ integrity:sign-app
+        --privateKey=/tmp/side_menu.key
+        --certificate=/tmp/side_menu.crt
+        --path=/tmp/app
+      - mv /tmp/app/appinfo/signature.json appinfo/
+
+  "Create package":
+    image: deblan/php:8.0
+    volumes: *volumes
+    secrets: [app_certificate]
+    commands:
+      - cd "/builds/$CI_COMMIT_SHA"
+      - apt-get update
+      - apt-get install -y zip make
+      - mkdir -p "$HOME/.nextcloud/certificates"
+      - echo "$APP_CERTIFICATE" > "$HOME/.nextcloud/certificates/side_menu.key"
+      - export VERSION=$(grep "<version>" appinfo/info.xml | grep -o "[0-9]*\.[0-9]*\.[0-9]*" --color=never)
+      - export RELEASE_DIRECTORY="/var/www/html/artifacts/deblan/side_menu"
+      - make release
+
+  "Push release":
+    image: plugins/gitea-release
+    volumes: *volumes
+    settings:
+      api_key:
+        from_secret: gitnet_api_key
+      base_url: https://gitnet.fr
+      note: ${CI_COMMIT_MESSAGE}
+      files: /var/www/html/artifacts/deblan/side_menu/${CI_COMMIT_TAG/v//}/*
diff --git a/.woodpecker/.security.yml b/.woodpecker/.security.yml
new file mode 100644
index 0000000..50612c6
--- /dev/null
+++ b/.woodpecker/.security.yml
@@ -0,0 +1,17 @@
+variables:
+  volumes: &volumes
+    - /data/${CI_REPO}:/builds
+
+depends_on:
+  - build
+
+skip_clone: true
+
+steps:
+  "Check dependencies":
+    image: gitnet.fr/deblan/osv-detector:v0.10
+    volumes: *volumes
+    commands:
+      - cd "/builds/$CI_COMMIT_SHA"
+      - osv-detector package-lock.json
+    failure: ignore