Merge pull request #11 from dev

ci: clone production workflow over ssh

.gitea/workflows/build-production-docker.yml

@@ -12,16 +12,11 @@ jobs:
     env:
       IMAGE_NAME: eryao-backend
       IMAGE_SIZE_LIMIT_BYTES: 500000000
-      RUNNER_REPO_CACHE: /home/zl/Code/eryao
     steps:
       - name: Check out repository
         run: |
           set -euo pipefail
-          git -C "${RUNNER_REPO_CACHE}" fetch --no-tags origin "${GITHUB_SHA}"
-          git init .
-          git remote add origin "${RUNNER_REPO_CACHE}/.git"
-          git fetch --no-tags --depth=1 origin "${GITHUB_SHA}"
-          git checkout --detach FETCH_HEAD
+          git clone --depth 1 --branch "${GITHUB_REF_NAME:-main}" "ssh://git@www.qzselfz.cloud:2222/${GITHUB_REPOSITORY}.git" .
 
       - name: Validate ECR configuration
         run: |
@@ -73,8 +68,6 @@ jobs:
           ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
         run: |
           set -euo pipefail
-          export HTTP_PROXY= HTTPS_PROXY= ALL_PROXY= http_proxy= https_proxy= all_proxy=
-
           caller_account_id="$(aws sts get-caller-identity --query Account --output text)"
           if [ "${caller_account_id}" != "${AWS_ACCOUNT_ID}" ]; then
             echo "AWS_ACCOUNT_ID does not match caller identity" >&2
@@ -93,41 +86,26 @@ jobs:
               --image-scanning-configuration scanOnPush=true \
               --encryption-configuration encryptionType=AES256 >/dev/null
 
-          retry() {
-            for attempt in 1 2 3; do
-              if "$@"; then
-                return 0
-              fi
-              if [ "${attempt}" -eq 3 ]; then
-                return 1
-              fi
-              sleep "$((attempt * 5))"
-            done
-          }
+          aws ecr get-login-password --region "${AWS_REGION}" \
+            | docker login --username AWS --password-stdin "${ecr_registry}"
 
-          ecr_login() {
-            aws ecr get-login-password --region "${AWS_REGION}" \
-              | docker login --username AWS --password-stdin "${ecr_registry}"
-          }
-
-          retry ecr_login
           docker tag "${IMAGE_NAME}:prod-${GITHUB_SHA}" "${ecr_image}:latest"
-          retry docker push "${ecr_image}:latest"
 
-          untagged_image_ids="$(aws ecr list-images \
+          image_ids="$(aws ecr list-images \
             --region "${AWS_REGION}" \
             --repository-name "${ECR_REPOSITORY}" \
-            --filter tagStatus=UNTAGGED \
             --query 'imageIds[*]' \
             --output json)"
-          if [ "${untagged_image_ids}" != "[]" ]; then
+          if [ "${image_ids}" != "[]" ]; then
             aws ecr batch-delete-image \
               --region "${AWS_REGION}" \
               --repository-name "${ECR_REPOSITORY}" \
-              --image-ids "${untagged_image_ids}" >/dev/null \
+              --image-ids "${image_ids}" >/dev/null \
               || echo "Warning: ECR image cleanup failed; ensure the CI AWS user has ecr:BatchDeleteImage" >&2
           fi
 
+          docker push "${ecr_image}:latest"
+
   deploy-production:
     needs: build-backend-image
     runs-on: wsl2-docker-host

README.md

@@ -0,0 +1,3 @@
+# eryao
+
+eryao test repo