ldraney/pal-enterprises
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

Add Woodpecker CI pipeline with test gates #22

Merged
ldraney merged 1 commit from 19-woodpecker-ci-pipeline into main 2026-05-10 19:24:36 +00:00
Conversation 0 Commits 1 Files changed 2 +66 -1
ldraney commented 2026-05-10 19:15:29 +00:00
Owner
Copy link

Summary

Adds full CI/CD pipeline: clone → test (bundle-audit, brakeman, rubocop) → build-and-push → update-kustomize-tag. Supersedes #7 / PR #16.

Changes

  • New .woodpecker.yaml with four-step pipeline
  • Test step runs on all PRs and pushes
  • Build + deploy steps run on main pushes only
  • Path exclusion for ArgoCD source files

Test Plan

  • Activate repo in Woodpecker UI
  • Add harbor_username, harbor_password, forgejo_token secrets
  • PR push triggers test step only
  • Main push triggers full pipeline (test → build → deploy)
  • bundle-audit catches known CVEs
  • brakeman runs without errors
  • rubocop enforces style

Review Checklist

  • Follows platform pipeline conventions
  • Uses shared update-kustomize-tag script
  • Uses Arch base image for test step
  • No secrets hardcoded

Related Notes

Supersedes #7 / PR #16. Final ticket (T5) of the infra-overhaul story.

Closes #19

## Summary Adds full CI/CD pipeline: clone → test (bundle-audit, brakeman, rubocop) → build-and-push → update-kustomize-tag. Supersedes #7 / PR #16. ## Changes - New `.woodpecker.yaml` with four-step pipeline - Test step runs on all PRs and pushes - Build + deploy steps run on main pushes only - Path exclusion for ArgoCD source files ## Test Plan - [ ] Activate repo in Woodpecker UI - [ ] Add harbor_username, harbor_password, forgejo_token secrets - [ ] PR push triggers test step only - [ ] Main push triggers full pipeline (test → build → deploy) - [ ] bundle-audit catches known CVEs - [ ] brakeman runs without errors - [ ] rubocop enforces style ## Review Checklist - [x] Follows platform pipeline conventions - [x] Uses shared update-kustomize-tag script - [x] Uses Arch base image for test step - [x] No secrets hardcoded ## Related Notes Supersedes #7 / PR #16. Final ticket (T5) of the infra-overhaul story. Closes #19
Add Woodpecker CI pipeline with test gates
All checks were successful
ci/woodpecker/pull_request_closed/woodpecker Pipeline was successful
Details
8e3e181f4f 
Supersedes #7 / PR #16. Adds bundle-audit, brakeman, and rubocop
as quality gates before build/deploy.

Closes #19

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
ldraney/pal-enterprises!22
No description provided.