Добавил CI/CD и Docker

.gitea/workflows/Linter.yml

@@ -0,0 +1,30 @@
+name: Lint
+
+on:
+  # Trigger the workflow on push or pull request,
+  # but only for the main branch
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  run-linters:
+    name: Run linters
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out Git repository
+        uses: actions/checkout@v3
+
+      - name: Set up .NET
+        uses: actions/setup-dotnet@v1
+        with:
+          dotnet-version: "8.0.x"
+
+      - name: Run linters
+        uses: wearerequired/lint-action@v2
+        with:
+          dotnet_format: true

.gitea/workflows/gitea-push-docker.yml

@@ -0,0 +1,74 @@
+name: Create and publish a Docker image
+
+on:
+  push:
+    branches: ['main']
+
+env:
+  REGISTRY: git.zetcraft.ru
+  CONTEXT: HackathonPreparing/HackathonPreparing.ApiService
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    name: Publish image
+    container: catthehacker/ubuntu:act-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: https://github.com/docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ gitea.repository }}
+      - name: Build an image from Dockerfile
+        run: |
+          cd ${{ env.CONTEXT }} &&
+          docker build -t ${{ env.DOCKER_METADATA_OUTPUT_TAGS }} .
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@0.20.0
+        with:
+          image-ref: '${{ env.DOCKER_METADATA_OUTPUT_TAGS }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
+      - name: Run dockle
+        uses: goodwithtech/dockle-action@main
+        with:
+          image: '${{ env.DOCKER_METADATA_OUTPUT_TAGS }}'
+          format: 'list'
+          exit-code: '1'
+          exit-level: 'warn'
+          ignore: 'CIS-DI-0001,CIS-DI-0010,DKL-DI-0006'
+      - name: Log in to the Container registry
+        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ gitea.actor }}
+          password: ${{ secrets.TOKEN }}
+      - name: Push
+        run: |
+          docker push '${{ env.DOCKER_METADATA_OUTPUT_TAGS }}'
+  deploy:
+    needs: build-and-push-image
+    runs-on: ubuntu-latest
+    name: Deploy image
+    container: catthehacker/ubuntu:act-latest
+    steps:
+      - name: install ssh keys
+        # check this thread to understand why its needed:
+        # <https://stackoverflow.com/a/70447517>
+        run: |
+          install -m 600 -D /dev/null ~/.ssh/id_rsa
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          ssh-keyscan -H ${{ secrets.SSH_HOST }} > ~/.ssh/known_hosts
+      - name: connect and pull
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ secrets.WORK_DIR }} && docker compose pull && docker compose up -d && docker image prune && exit"
+      - name: cleanup
+        run: rm -rf ~/.ssh