From 1e3f62d3c488d8b2aee907db451d27f9faf06ad3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zachary=20Gu=C3=A9not?= <zachary@zac.ovh>
Date: Fri, 30 May 2025 09:38:11 +0200
Subject: [PATCH] Add workflow & helm

---
 .gitea/workflows/build-and-push.yml | 76 +++++++++++++++++++++++++++++
 deploy/Chart.yaml                   | 12 +++++
 deploy/templates/deployment.yaml    | 34 +++++++++++++
 deploy/values.yaml                  | 18 +++++++
 4 files changed, 140 insertions(+)
 create mode 100644 .gitea/workflows/build-and-push.yml
 create mode 100644 deploy/Chart.yaml
 create mode 100644 deploy/templates/deployment.yaml
 create mode 100644 deploy/values.yaml

diff --git a/.gitea/workflows/build-and-push.yml b/.gitea/workflows/build-and-push.yml
new file mode 100644
index 0000000..0d1ccba
--- /dev/null
+++ b/.gitea/workflows/build-and-push.yml
@@ -0,0 +1,76 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    branches:
+      - master
+    tags:
+      - 'build_*'
+  pull_request:
+    branches:
+      - master
+
+env:
+  REGISTRY: rgy.angels-dev.fr
+  PATH: prod
+  IMAGE_NAME: bot_tamiseur
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Log in to Container Registry
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ secrets.REGISTRY_USERNAME }}
+        password: ${{ secrets.REGISTRY_PASSWORD }}
+
+    - name: Extract metadata
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ env.REGISTRY }}/${{ env.PATH }}/${{ env.IMAGE_NAME }}
+        tags: |
+          # Tag avec le nom de la branche
+          type=ref,event=branch
+          # Tag avec le nom du tag Git
+          type=ref,event=tag
+          # Tag avec le SHA du commit
+          type=sha,prefix={{branch}}-
+          # Tag latest pour la branche master
+          type=raw,value=latest,enable={{is_default_branch}}
+        labels: |
+          org.opencontainers.image.title=${{ env.IMAGE_NAME }}
+          org.opencontainers.image.description=Bot Discord
+          org.opencontainers.image.url=https://gitea.zac.ovh/zachary/bot_Tamiseur
+          org.opencontainers.image.source=https://gitea.zac.ovh/zachary/bot_Tamiseur
+          org.opencontainers.image.revision=${{ github.sha }}
+
+    - name: Build and push Docker image
+      uses: docker/build-push-action@v5
+      with:
+        context: .
+        platforms: linux/amd64,linux/arm64  # Multi-architecture si nécessaire
+        push: true
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
+
+    - name: Generate artifact attestation
+      uses: actions/attest-build-provenance@v1
+      with:
+        subject-name: ${{ env.REGISTRY }}/${{ env.PATH }}/${{ env.IMAGE_NAME }}
+        subject-digest: ${{ steps.build.outputs.digest }}
+        push-to-registry: true
\ No newline at end of file
diff --git a/deploy/Chart.yaml b/deploy/Chart.yaml
new file mode 100644
index 0000000..df6856f
--- /dev/null
+++ b/deploy/Chart.yaml
@@ -0,0 +1,12 @@
+# Version schéma helm (v2 = helm3)
+apiVersion: v2
+
+# Nom de l'application déployée
+name: bot_tamiseur
+
+# Version du chart : doit changer si l'application change ou si la configuration du chart change
+#version: 1
+version: "1"
+
+# icon (optionnel) mais génère un warning avec "helm lint"
+icon: https://helm.sh/img/helm-logo.svg
\ No newline at end of file
diff --git a/deploy/templates/deployment.yaml b/deploy/templates/deployment.yaml
new file mode 100644
index 0000000..017bfc8
--- /dev/null
+++ b/deploy/templates/deployment.yaml
@@ -0,0 +1,34 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}
+spec:
+  replicas: 1
+  revisionHistoryLimit: 0
+  strategy:
+    type: {{ .Values.deployment.strategy }}
+  selector:
+    matchLabels:
+      pod: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        pod: {{ .Release.Name }}
+    spec:
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 1000
+        fsGroup: 1000
+      containers:
+        - name: {{ .Release.Name }}
+          image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
+          imagePullPolicy: {{ .Values.deployment.image.pullPolicy }}
+          env:
+          {{ range $envName, $envValue := .Values.deployment.env }}
+            - name: {{ $envName | quote}}
+              value: {{ $envValue | quote}}
+          {{ end }}
+          {{- if .Values.deployment.resources.enable }}
+          resources:
+            {{- toYaml .Values.deployment.resources | nindent 12 }}
+          {{- end }}
\ No newline at end of file
diff --git a/deploy/values.yaml b/deploy/values.yaml
new file mode 100644
index 0000000..89f1bcd
--- /dev/null
+++ b/deploy/values.yaml
@@ -0,0 +1,18 @@
+deployment:
+  replica: 1
+  strategy: RollingUpdate
+  image:
+    repository: "rgy.angels-dev.fr/prod/bot_tamiseur"
+    tag: "3.0.4"
+    pullPolicy: IfNotPresent
+  env:
+    NODE_ENV: "production"
+
+  ## Pas de limite CPU pour éviter latence
+  resources:
+    limits:
+      # cpu: ""
+      # Memory: "500Mi"
+    requests:
+      Cpu: "0.1"
+      Memory: "50Mi"
\ No newline at end of file