From 9de3fc8667e456f3d6eae83f719481a64ef51750 Mon Sep 17 00:00:00 2001
From: pysen <pysen@noreply.gitea.com>
Date: Fri, 27 Dec 2024 02:00:57 +0000
Subject: [PATCH] Gitea Actions support (#682)

This reworks the container to be usable with the Gitea act-runner and connect using TLS.

The directory structure is prepared so that a config.yml can be echoed into the container for authentication.

Co-authored-by: Pysen X <pysen@svartavillan.se>
Co-authored-by: Lunny Xiao <lunny@noreply.gitea.com>
Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/tea/pulls/682
Reviewed-by: Lunny Xiao <lunny@noreply.gitea.com>
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: pysen <pysen@noreply.gitea.com>
Co-committed-by: pysen <pysen@noreply.gitea.com>
---
 Dockerfile                | 12 +++++++-----
 docs/example-workflows.md | 35 +++++++++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+), 5 deletions(-)
 create mode 100644 docs/example-workflows.md

diff --git a/Dockerfile b/Dockerfile
index b93a5f5..f84f180 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,10 +1,12 @@
-FROM cgr.dev/chainguard/go:latest AS build
+FROM docker.io/chainguard/go:latest AS build
 COPY . /build/
 WORKDIR /build
-RUN	make build
+RUN make build && mkdir -p /app/.config/tea
 
-FROM cgr.dev/chainguard/static:latest
-COPY --from=build /build/tea /tea
+FROM docker.io/chainguard/busybox:latest-glibc
+COPY --from=build /build/tea /bin/tea
+COPY --from=build --chown=65532:65532 /app /app
 VOLUME [ "/app" ]
 ENV HOME="/app"
-ENTRYPOINT ["/tea"]
+ENTRYPOINT ["/bin/sh", "-c"]
+CMD [ "tea" ]
diff --git a/docs/example-workflows.md b/docs/example-workflows.md
new file mode 100644
index 0000000..018b692
--- /dev/null
+++ b/docs/example-workflows.md
@@ -0,0 +1,35 @@
+# Gitea actions workflows
+
+## Merge Pull request on approval
+
+``` Yaml
+---
+name: Pull request
+on:
+  pull_request_review:
+    types: [submitted, dismissed]
+jobs:
+  approved:
+    name: Approved
+    if: gitea.event.review.type == 'pull_request_review_approved'
+    container:
+      image: docker.io/pysen/tea:latest
+    runs-on: ubuntu-latest
+    steps:
+    - name: Configure Tea
+      env:
+        # This is a tea config.yml with (service) account token
+        TEA_CREDENTIALS: ${{ secrets.TEA_CREDENTIALS }}
+      run: |
+        echo "$TEA_CREDENTIALS" > $HOME/.config/tea/config.yml
+    - name: Rebase then fast-forward merge Git
+      run: |
+        tea pr merge --repo ${{ gitea.event.repository.full_name }} --style rebase ${{ gitea.event.pull_request.number }}
+  dismissed:
+    name: Dismissed
+    if: gitea.event.review.type == 'pull_request_review_rejected'
+    runs-on: ubuntu-latest
+    steps:
+    - run: |
+        tea pr reject --repo ${{ gitea.event.repository.full_name }} ${{ gitea.event.pull_request.number }} "Dismissed"
+```