Overview CI/CD dengan Gitea
Pengenalan
CI/CD (Continuous Integration/Continuous Deployment) adalah praktik modern dalam pengembangan software yang memungkinkan otomasi proses build, test, dan deployment aplikasi. Gitea menyediakan fitur Gitea Actions yang kompatibel dengan GitHub Actions, memungkinkan implementasi pipeline CI/CD yang powerful dan fleksibel.
Arsitektur Sistem
Komponen Utama
┌─────────────┐ ┌──────────────┐ ┌─────────────────┐
│ Gitea │─────▶│ Gitea Runner │─────▶│ Kubernetes │
│ (Server) │ │ (Executor) │ │ (Cluster) │
└─────────────┘ └──────────────┘ └─────────────────┘
│ │ │
│ │ │
Repository Execute Jobs Deploy Apps
& Workflows (Build/Test) (Containers)
1. Gitea Server
Gitea adalah platform Git self-hosted yang ringan dan powerful. Dalam konteks CI/CD, Gitea berfungsi sebagai:
- Repository hosting untuk source code
- Trigger untuk workflow automation
- Dashboard untuk monitoring pipeline
- Storage untuk artifacts dan logs
2. Gitea Runner
Gitea Runner adalah execution engine yang menjalankan workflow jobs. Karakteristik:
- Compatible dengan GitHub Actions
- Dapat dijalankan sebagai standalone service atau dalam container
- Support multiple executors (Docker, Kubernetes, Shell)
- Dapat di-scale secara horizontal
3. Kubernetes
Kubernetes sebagai container orchestration platform untuk:
- Deployment aplikasi hasil build
- Auto-scaling aplikasi
- Service discovery dan load balancing
- Rolling updates dan rollbacks
Workflow CI/CD
Struktur Directory Project
project-root/
├── .gitea/
│ └── workflows/
│ ├── build.yml # Build workflow
│ ├── test.yml # Testing workflow
│ └── deploy.yml # Deployment workflow
├── k8s/
│ ├── deployment.yaml # Kubernetes deployment
│ ├── service.yaml # Kubernetes service
│ ├── ingress.yaml # Kubernetes ingress
│ └── configmap.yaml # Configuration
├── src/ # Source code
├── Dockerfile # Container image definition
└── package.json # Dependencies (untuk Node.js)
Alur Kerja Pipeline
1. Developer Push Code
↓
2. Gitea Detects Changes
↓
3. Trigger Workflow (.gitea/workflows/*.yml)
↓
4. Gitea Runner Execute Jobs
├── Checkout Code
├── Install Dependencies
├── Run Tests
├── Build Application
└── Build Docker Image
↓
5. Push Image to Registry
↓
6. Deploy to Kubernetes
├── Apply Manifests (k8s/*.yaml)
├── Rolling Update
└── Health Check
↓
7. Application Running
Gitea Actions vs GitHub Actions
Gitea Actions dirancang untuk kompatibel dengan GitHub Actions:
| Feature | Gitea Actions | GitHub Actions |
|---|---|---|
| Syntax | ✅ Compatible | ✅ Native |
| Marketplace | ⚠️ Limited | ✅ Extensive |
| Self-hosted | ✅ Yes | ⚠️ Paid feature |
| Docker support | ✅ Yes | ✅ Yes |
| Matrix builds | ✅ Yes | ✅ Yes |
Keuntungan Gitea Actions
- Self-hosted & Privacy: Full control atas data dan infrastructure
- Cost-effective: Tidak ada biaya per-minute untuk runner
- Customizable: Fleksibilitas dalam konfigurasi runner
- Lightweight: Resource requirement yang minimal
- Compatible: Dapat menggunakan actions dari GitHub
Event Triggers
Workflow dapat di-trigger oleh berbagai event:
Push Events
on:
push:
branches:
- main
- develop
Pull Request Events
on:
pull_request:
types: [opened, synchronize, reopened]
Tag/Release Events
on:
push:
tags:
- 'v*'
Manual Trigger
on:
workflow_dispatch:
Scheduled Events
on:
schedule:
- cron: '0 0 * * *' # Daily at midnight
Best Practices
1. Separation of Concerns
Pisahkan workflow berdasarkan fungsi:
build.yml- Build dan compiletest.yml- Testingdeploy.yml- Deploymentrelease.yml- Release management
2. Environment Variables
Gunakan secrets untuk data sensitif:
env:
REGISTRY: docker.io
IMAGE_NAME: ${{ gitea.repository }}
jobs:
build:
steps:
- name: Login to Registry
env:
PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
3. Caching Dependencies
Implementasi caching untuk mempercepat build:
- name: Cache dependencies
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
4. Matrix Strategy
Test di multiple environment:
strategy:
matrix:
node-version: [18, 20, 22]
os: [ubuntu-latest, windows-latest]
5. Conditional Execution
Jalankan job berdasarkan kondisi:
if: github.ref == 'refs/heads/main'
Security Considerations
1. Secrets Management
- Gunakan Gitea Secrets untuk credentials
- Jangan hardcode passwords atau API keys
- Rotate secrets secara berkala
2. Image Security
- Scan images untuk vulnerabilities
- Gunakan official base images
- Implement image signing
3. RBAC (Role-Based Access Control)
- Implementasi proper permissions di Gitea
- Limit runner access ke resources
- Audit logs regularly
4. Network Security
- Isolate runner networks
- Use private registries
- Implement network policies di Kubernetes
Monitoring dan Debugging
Workflow Logs
Gitea menyediakan detailed logs untuk setiap workflow run:
- Real-time log streaming
- Job artifacts download
- Step-by-step execution details
Debugging Tips
- Enable debug logging:
- name: Debug
run: echo "::debug::This is a debug message"
- Use conditional steps untuk troubleshooting:
- name: Debug on failure
if: failure()
run: |
echo "Job failed, debugging..."
env
ls -la
- Test locally dengan act (Gitea Act runner):
act push --container-architecture linux/amd64
Kesimpulan
Implementasi CI/CD dengan Gitea, Gitea Runner, dan Kubernetes memberikan:
- ✅ Automation - Otomasi proses development hingga deployment
- ✅ Reliability - Consistent dan reproducible builds
- ✅ Speed - Faster time to market
- ✅ Quality - Automated testing dan validation
- ✅ Scalability - Horizontal scaling dengan Kubernetes
Dokumentasi ini akan dilanjutkan dengan panduan implementasi detail di section berikutnya.