From 13ddc438d9012ab391d02b4f88dd4083616073c7 Mon Sep 17 00:00:00 2001
From: Scott Hatlen <scotty.a.h@gmail.com>
Date: Mon, 9 Mar 2026 20:19:07 -0700
Subject: [PATCH 1/4] Add Gitea Actions CI/CD workflow

---
 .gitea/workflows/deploy.yaml | 42 ++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 .gitea/workflows/deploy.yaml

diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml
new file mode 100644
index 0000000..9aac53e
--- /dev/null
+++ b/.gitea/workflows/deploy.yaml
@@ -0,0 +1,42 @@
+name: Build and Deploy
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest
+    container:
+      image: harbor.scottyah.com/quay-cache/buildah/stable
+    steps:
+      - name: Checkout
+        run: |
+          git clone --depth 1 --branch "${{ github.ref_name }}" "${{ github.server_url }}/${{ github.repository }}.git" .
+          git checkout "${{ github.sha }}"
+
+      - name: Build image
+        run: |
+          IMAGE=harbor.scottyah.com/secure/awards
+          buildah --isolation chroot bud -t $IMAGE:${{ github.sha }} -t $IMAGE:latest .
+
+      - name: Push image
+        run: |
+          IMAGE=harbor.scottyah.com/secure/awards
+          buildah login --tls-verify=false -u "$HARBOR_USERNAME" -p "$HARBOR_PASSWORD" harbor.scottyah.com
+          buildah push --tls-verify=false $IMAGE:${{ github.sha }}
+          buildah push --tls-verify=false $IMAGE:latest
+        env:
+          HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }}
+          HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }}
+
+      - name: Deploy
+        run: |
+          curl -sLO "https://dl.k8s.io/release/$(curl -Ls https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+          chmod +x kubectl
+          mkdir -p ~/.kube
+          echo "${{ secrets.KUBECONFIG_DATA }}" | base64 -d > ~/.kube/config
+          sed -i "s|harbor.scottyah.com/secure/awards:latest|harbor.scottyah.com/secure/awards:${{ github.sha }}|" k8s.yaml
+          ./kubectl apply -f k8s.yaml
+          ./kubectl rollout status deployment/awards-dep -n awards --timeout=120s

From e9a867f8fc385183303995542bd613caf262d74b Mon Sep 17 00:00:00 2001
From: Scott Hatlen <scotty.a.h@gmail.com>
Date: Mon, 9 Mar 2026 20:30:18 -0700
Subject: [PATCH 2/4] Add CI/CD workflow and use Harbor cache for base images

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index de2e7a4..cf8fb41 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 # Multi-stage build for React Awards Map
-FROM node:20-alpine AS frontend-builder
+FROM harbor.scottyah.com/dockerhub-cache/library/node:20-alpine AS frontend-builder
 
 WORKDIR /app/frontend
 
@@ -16,7 +16,7 @@ COPY frontend/ ./
 RUN npm run build
 
 # Production stage
-FROM node:20-alpine
+FROM harbor.scottyah.com/dockerhub-cache/library/node:20-alpine
 
 WORKDIR /app
 

From 2fad299f3d8237807f2fa492eb7c9be4a2ea19a4 Mon Sep 17 00:00:00 2001
From: Scott Hatlen <scotty.a.h@gmail.com>
Date: Mon, 9 Mar 2026 20:39:37 -0700
Subject: [PATCH 3/4] Fix checkout to use external Gitea URL, auth token for
 private repos

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .gitea/workflows/deploy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml
index 9aac53e..5fadc2d 100644
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -13,7 +13,7 @@ jobs:
     steps:
       - name: Checkout
         run: |
-          git clone --depth 1 --branch "${{ github.ref_name }}" "${{ github.server_url }}/${{ github.repository }}.git" .
+          git clone --depth 1 --branch "${{ github.ref_name }}" "https://git.scottyah.com/${{ github.repository }}.git" .
           git checkout "${{ github.sha }}"
 
       - name: Build image

From 0ae66139f5e7afa09964b77a2b16f5339c2b535b Mon Sep 17 00:00:00 2001
From: Scott Hatlen <scotty.a.h@gmail.com>
Date: Mon, 9 Mar 2026 20:43:26 -0700
Subject: [PATCH 4/4] Use auth token for git clone in CI

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .gitea/workflows/deploy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml
index 5fadc2d..6ff1fe5 100644
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -13,7 +13,7 @@ jobs:
     steps:
       - name: Checkout
         run: |
-          git clone --depth 1 --branch "${{ github.ref_name }}" "https://git.scottyah.com/${{ github.repository }}.git" .
+          git clone --depth 1 --branch "${{ github.ref_name }}" "https://x-access-token:${{ github.token }}@git.scottyah.com/${{ github.repository }}.git" .
           git checkout "${{ github.sha }}"
 
       - name: Build image