initial commit

.actrc

@@ -0,0 +1,24 @@
+# Default configuration for act (GitHub Actions local runner)
+
+# Use medium size image by default (has more tools)
+--platform ubuntu-latest=catthehacker/ubuntu:act-latest
+--platform ubuntu-22.04=catthehacker/ubuntu:act-22.04
+--platform ubuntu-20.04=catthehacker/ubuntu:act-20.04
+
+# Use docker to run containers
+--container-daemon-socket unix:///var/run/docker.sock
+
+# Pull docker images if not present
+--pull=true
+
+# Reuse containers to speed up runs
+--reuse=true
+
+# Default secret values for testing
+--secret GITHUB_TOKEN=fake-token-for-testing
+
+# Disable automatic checkout (we handle it manually)
+--no-recurse
+
+# Set default event
+--eventpath .github/workflows/event.json

.dockerignore

@@ -0,0 +1,43 @@
+# Git
+.git/
+.gitignore
+.gitattributes
+
+# GitHub
+.github/
+
+# IDE and editors
+.idea/
+.vscode/
+.claude/
+.DS_Store
+
+# Environment and credentials
+.env
+.env.sample
+docker/gitlab/scripts/credentials.env
+docker/gitlab/scripts/.initialized
+
+# SSH keys
+docker/gitlab/local-gitlab
+docker/gitlab/local-gitlab.pub
+
+# Generated certificates
+traefik-data/certs/localhost.crt
+traefik-data/certs/localhost.key
+
+# Documentation
+*.md
+LICENSE
+CODEOWNERS
+
+# Runtime and generated files
+docker/gitlab-runner/.runner_system_id
+docker/gitlab-runner/config.toml
+*.bak
+
+# Testing and examples
+.actrc
+examples/
+scripts/setup/
+scripts/testing/

.env.sample

@@ -0,0 +1,9 @@
+# GitLab CE Local Stack - Env vars
+# Copy this file to .env and adjust values as needed
+
+# GitLab root password (required)
+GITLAB_ROOT_PASSWORD=your-secure-password-here
+
+# Demo user credentials
+DEMO_USERNAME=johndoe
+DEMO_USER_PASSWORD=demo-password-here

.gitattributes

@@ -0,0 +1,21 @@
+# Auto-detect text files
+* text=auto
+
+# Ensure consistent line endings (LF)
+*.sh text eol=lf
+*.yml text eol=lf
+*.yaml text eol=lf
+*.md text eol=lf
+*.txt text eol=lf
+*.json text eol=lf
+*.toml text eol=lf
+
+# Binary files
+*.png binary
+*.jpg binary
+*.jpeg binary
+*.gif binary
+*.ico binary
+*.pdf binary
+*.crt binary
+*.key binary

.github/workflows/ci.yml

@@ -0,0 +1,75 @@
+name: CI (Local Testing)
+
+# Simplified CI workflow optimized for local testing with act
+on:
+  push:
+    branches: [ main, master, develop, test ]
+  pull_request:
+    branches: [ main, master, develop ]
+  workflow_dispatch:
+
+jobs:
+  shell-check:
+    name: Shell Script Validation
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: false
+
+      - name: Install ShellCheck
+        run: |
+          sudo apt-get update && sudo apt-get install -y shellcheck
+
+      - name: Run ShellCheck
+        run: |
+          echo "Checking shell scripts..."
+          find . -name "*.sh" -type f -not -path "./test-ssh-clone/*" | while read -r script; do
+            echo "Checking: $script"
+            shellcheck -S warning -e SC1090,SC1091,SC2155 "$script" || exit 1
+          done
+          echo "All shell scripts passed validation"
+
+  docker-check:
+    name: Docker Validation
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: false
+
+      - name: Validate docker-compose.yml
+        run: |
+          sudo apt-get update && sudo apt-get install -y python3-yaml
+          python3 -c "import yaml; yaml.safe_load(open('docker-compose.yml'))"
+          echo "docker-compose.yml is valid YAML"
+
+      - name: Check for hardcoded secrets
+        run: |
+          echo "Checking for potential secrets..."
+          if grep -E "(password|token|secret|key)[:=]\s*['\"]?[A-Za-z0-9]{8,}" docker-compose.yml | grep -v "GITLAB_ROOT_PASSWORD"; then
+            echo "Warning: Found potential hardcoded secrets (review above)"
+          else
+            echo "No obvious hardcoded secrets found"
+          fi
+
+  yaml-check:
+    name: YAML Validation
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: false
+
+      - name: Install yamllint
+        run: |
+          sudo apt-get update && sudo apt-get install -y yamllint
+
+      - name: Run yamllint
+        run: |
+          echo "Checking YAML files..."
+          find . -name "*.yml" -o -name "*.yaml" | grep -v test-ssh-clone | while read -r file; do
+            echo "Checking: $file"
+            yamllint -d relaxed "$file" || true
+          done
+          echo "YAML validation complete"

.github/workflows/event.json

@@ -0,0 +1,9 @@
+{
+  "push": {
+    "ref": "refs/heads/test",
+    "repository": {
+      "name": "local-gitlab-ce-stack",
+      "full_name": "bulletinmybeard/local-gitlab-ce-stack"
+    }
+  }
+}

.github/workflows/release.yml

@@ -0,0 +1,205 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+  workflow_dispatch:
+    inputs:
+      tag_name:
+        description: 'Git tag for release (e.g., v1.0.0, v1.1.0)'
+        required: true
+        type: string
+      create_github_release:
+        description: 'Create GitHub Release'
+        required: true
+        type: boolean
+        default: true
+
+jobs:
+  create-github-release:
+    name: Create GitHub Release
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && inputs.create_github_release == true)
+    permissions:
+      contents: write
+
+    steps:
+      - name: Set tag name
+        id: tag
+        run: |
+          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
+            echo "name=${{ inputs.tag_name }}" >> $GITHUB_OUTPUT
+          else
+            echo "name=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Extract version from tag
+        id: version
+        run: |
+          VERSION="${{ steps.tag.outputs.name }}"
+          VERSION="${VERSION#v}"
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+      - name: Extract Docker image versions
+        id: docker
+        run: |
+          GITLAB_VERSION=$(grep -oP 'gitlab/gitlab-ce:\K[^"]+' docker-compose.yml || echo "unknown")
+          RUNNER_VERSION=$(grep -oP 'gitlab/gitlab-runner:\K[^"]+' docker-compose.yml || echo "unknown")
+          TRAEFIK_VERSION=$(grep -oP 'traefik:\K[^"]+' docker-compose.yml || echo "unknown")
+          echo "gitlab=$GITLAB_VERSION" >> $GITHUB_OUTPUT
+          echo "runner=$RUNNER_VERSION" >> $GITHUB_OUTPUT
+          echo "traefik=$TRAEFIK_VERSION" >> $GITHUB_OUTPUT
+
+      - name: Generate comprehensive release notes
+        id: changelog
+        run: |
+          VERSION="${{ steps.version.outputs.version }}"
+          TAG="${{ steps.tag.outputs.name }}"
+          REPO="${{ github.repository }}"
+          BACKTICKS='```'
+
+          # Extract changelog section for this version
+          CHANGELOG_SECTION=$(awk "/^## \[${VERSION}\]/{found=1; next} /^## \[/{found=0} found" CHANGELOG.md || echo "")
+
+          echo "DEBUG: Extracted changelog section length: ${#CHANGELOG_SECTION}"
+
+          # Check if we have changelog content
+          if [ -n "$CHANGELOG_SECTION" ] && [ "${#CHANGELOG_SECTION}" -gt 10 ]; then
+            HAS_BREAKING_CHANGES=$(echo "$CHANGELOG_SECTION" | grep -qi "breaking change" && echo "true" || echo "false")
+
+            cat > release_notes.md <<EOF
+          ## Installation
+
+          ${BACKTICKS}bash
+          git clone https://github.com/${REPO}.git
+          cd local-gitlab-ce-stack
+          cp .env.sample .env
+          # Edit .env with your settings
+          ./scripts/gitlab/start-gitlab.sh
+          ${BACKTICKS}
+
+          ## Docker Images
+
+          | Service | Image |
+          |---------|-------|
+          | **GitLab CE** | \`gitlab/gitlab-ce:${{ steps.docker.outputs.gitlab }}\` |
+          | **GitLab Runner** | \`gitlab/gitlab-runner:${{ steps.docker.outputs.runner }}\` |
+          | **Traefik** | \`traefik:${{ steps.docker.outputs.traefik }}\` |
+
+          ## What's Changed
+
+          ${CHANGELOG_SECTION}
+
+          EOF
+
+            if [ "$HAS_BREAKING_CHANGES" = "true" ]; then
+              cat >> release_notes.md <<EOF
+
+          ## Upgrade Notes
+
+          This release contains breaking changes. Please review the changelog above before upgrading.
+
+          EOF
+            fi
+
+          else
+            # Fallback if no changelog section found - generate from commits
+            PREV_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "")
+
+            cat > release_notes.md <<EOF
+          ## Installation
+
+          ${BACKTICKS}bash
+          git clone https://github.com/${REPO}.git
+          cd local-gitlab-ce-stack
+
+          cp .env.sample .env
+          # Edit .env with your passwords
+
+          # Generate SSH keys
+          ./scripts/gitlab/generate-ssh-keys.sh
+
+          # Start without Traefik
+          ./scripts/gitlab/start-gitlab.sh
+
+          # Start with additional Traefik container for HTTPS
+          ./scripts/gitlab/start-gitlab.sh --traefik
+          ${BACKTICKS}
+
+          ## Docker Images
+
+          | Service | Image |
+          |---------|-------|
+          | **GitLab CE** | \`gitlab/gitlab-ce:${{ steps.docker.outputs.gitlab }}\` |
+          | **GitLab Runner** | \`gitlab/gitlab-runner:${{ steps.docker.outputs.runner }}\` |
+          | **Traefik** | \`traefik:${{ steps.docker.outputs.traefik }}\` |
+
+          ## What's Changed
+
+          EOF
+
+            if [ -n "$PREV_TAG" ]; then
+              echo "### Commits since ${PREV_TAG}:" >> release_notes.md
+              git log --pretty=format:"- %s (%h)" "$PREV_TAG"..HEAD >> release_notes.md
+            else
+              echo "Release version ${VERSION}" >> release_notes.md
+            fi
+
+            cat >> release_notes.md <<EOF
+
+          See full changelog at: https://github.com/${REPO}/blob/master/CHANGELOG.md
+
+          EOF
+          fi
+
+          # Add footer
+          cat >> release_notes.md <<EOF
+
+          ---
+
+          **Full Changelog**: https://github.com/${REPO}/blob/master/CHANGELOG.md
+
+          **First time using this project?** Check out the [Quick Start Guide](https://github.com/${REPO}#quick-start)
+          EOF
+
+          # Remove leading whitespace from heredoc content
+          sed -i 's/^          //' release_notes.md
+
+          echo "DEBUG: Final release notes:"
+          cat release_notes.md
+
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: ${{ steps.tag.outputs.name }}
+          name: Release v${{ steps.version.outputs.version }}
+          body_path: release_notes.md
+          draft: false
+          prerelease: ${{ contains(steps.tag.outputs.name, 'alpha') || contains(steps.tag.outputs.name, 'beta') || contains(steps.tag.outputs.name, 'rc') }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Post Release Summary
+        run: |
+          echo "## Release Summary" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Version**: ${{ steps.version.outputs.version }}" >> $GITHUB_STEP_SUMMARY
+          echo "**Tag**: ${{ steps.tag.outputs.name }}" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### Docker Images" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "| Service | Image |" >> $GITHUB_STEP_SUMMARY
+          echo "|---------|-------|" >> $GITHUB_STEP_SUMMARY
+          echo "| GitLab CE | \`gitlab/gitlab-ce:${{ steps.docker.outputs.gitlab }}\` |" >> $GITHUB_STEP_SUMMARY
+          echo "| GitLab Runner | \`gitlab/gitlab-runner:${{ steps.docker.outputs.runner }}\` |" >> $GITHUB_STEP_SUMMARY
+          echo "| Traefik | \`traefik:${{ steps.docker.outputs.traefik }}\` |" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### Links" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "- **GitHub Release**: ${{ github.server_url }}/${{ github.repository }}/releases/tag/${{ steps.tag.outputs.name }}" >> $GITHUB_STEP_SUMMARY