Build #1826
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
workflow_dispatch: | |
schedule: | |
- cron: '0 0 * * *' | |
concurrency: | |
group: build | |
cancel-in-progress: false | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
permissions: | |
actions: write | |
packages: write | |
contents: read | |
steps: | |
- | |
name: Run graphql query to get tag | |
uses: octokit/graphql-action@v2.x | |
id: latest_tag | |
with: | |
variables: | | |
repo: ${{ github.event.repository.name }} | |
owner: hoytech | |
query: | | |
query tag($owner: String!, $repo: String!) { | |
repository(owner: $owner, name: $repo) { | |
refs(refPrefix: "refs/tags/", last: 1, orderBy: {field: TAG_COMMIT_DATE, direction: ASC}) { | |
edges { | |
node { | |
name | |
} } } } } | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- | |
name: Parse tag from query output | |
run: | | |
#!/bin/bash | |
latest_tag=$(echo '${{ steps.latest_tag.outputs.data }}' | jq '.repository.refs.edges[][].name' -r) | |
[ -z "$latest_tag" ] && echo "Tag not found!" && exit 1 | |
[[ "$latest_tag" == "null" ]] && echo "Tag not found!" && exit 1 | |
[[ "$latest_tag" = v* ]] && latest_tag="${latest_tag:1}" | |
echo "Found tag: \"${latest_tag}\"" | |
echo "latest_tag=$latest_tag" >> $GITHUB_ENV | |
echo "remote=https://github.com/hoytech/${{ github.event.repository.name }}.git" >> $GITHUB_ENV | |
- | |
name: Check if the tag exists locally | |
uses: action-pack/tag-exists@v1 | |
id: checkTag | |
with: | |
tag: 'v${{ env.latest_tag }}' | |
- | |
name: Finish when found | |
run: | | |
#!/bin/bash | |
beta="false" | |
val="${{ steps.checkTag.outputs.exists }}" | |
[[ "${{ env.latest_tag }}" == *"rc"* ]] && beta="true" | |
[[ "${{ env.latest_tag }}" == *"beta"* ]] && beta="true" | |
[[ "${{ env.latest_tag }}" == *"alpha"* ]] && beta="true" && val="true" | |
echo "beta=${beta}" >> $GITHUB_ENV | |
echo "exists=${val}" >> $GITHUB_ENV | |
- | |
name: Checkout | |
if: env.exists == 'false' | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- | |
name: Check if behind | |
if: env.exists == 'false' | |
run: | | |
#!/bin/bash | |
git remote add upstream ${{ env.remote }} | |
git fetch upstream 2>/dev/null | |
ahead=$(git rev-list --count upstream/master..master) | |
behind=$(git rev-list --count master..upstream/master) | |
git remote remove upstream | |
[[ "$behind" == "0" ]] && exit 0 | |
echo "Behind upstream: $behind commits" | |
exit 33 | |
- | |
name: Lint Dockerfile | |
if: env.exists == 'false' | |
uses: hadolint/hadolint-action@v3.1.0 | |
with: | |
dockerfile: Dockerfile | |
ignore: DL3008,DL3018,DL3059 | |
failure-threshold: warning | |
- | |
name: Docker metadata | |
id: meta | |
if: env.exists == 'false' | |
uses: docker/metadata-action@v5 | |
with: | |
context: git | |
images: | | |
${{ secrets.DOCKERHUB_REPO }} | |
ghcr.io/${{ github.repository }} | |
tags: | | |
type=raw,value=latest,priority=100,enable=${{ env.beta == 'false' }} | |
type=raw,value=${{ env.latest_tag }} | |
labels: | | |
org.opencontainers.image.title=${{ vars.NAME }} | |
env: | |
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index | |
- | |
name: Set up Docker Buildx | |
if: env.exists == 'false' | |
uses: docker/setup-buildx-action@v3 | |
- | |
name: Login into Docker Hub | |
if: env.exists == 'false' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- | |
name: Login to GitHub Container Registry | |
if: env.exists == 'false' | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- | |
name: Clone remote branch | |
if: env.exists == 'false' | |
run: | | |
git config --global url.https://github.com/.insteadOf git://github.com/ | |
git clone --recurse-submodules -j8 ${{ env.remote }} --single-branch --branch ${{ env.latest_tag }} | |
cp Dockerfile ${{ github.event.repository.name }}/ | |
cp .dockerignore ${{ github.event.repository.name }}/ | |
cp strfry.sh ${{ github.event.repository.name }}/ | |
cp strfry.conf ${{ github.event.repository.name }}/ | |
cp write-policy.py ${{ github.event.repository.name }}/ | |
cp strfry-router.conf ${{ github.event.repository.name }}/ | |
- | |
name: Build Docker image | |
if: env.exists == 'false' | |
uses: docker/build-push-action@v6 | |
with: | |
context: ./${{ github.event.repository.name }} | |
push: true | |
provenance: false | |
platforms: linux/amd64,linux/arm64 | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
annotations: ${{ steps.meta.outputs.annotations }} | |
build-args: | | |
VERSION_ARG=${{ steps.meta.outputs.version }} | |
- | |
name: Create a release | |
if: env.exists == 'false' | |
uses: action-pack/github-release@v2 | |
with: | |
tag: "v${{ steps.meta.outputs.version }}" | |
title: "v${{ steps.meta.outputs.version }}" | |
token: ${{ secrets.REPO_ACCESS_TOKEN }} | |
- | |
name: Send mail | |
if: env.exists == 'false' | |
uses: action-pack/send-mail@v1 | |
with: | |
to: ${{secrets.MAILTO}} | |
from: Github Actions <${{secrets.MAILTO}}> | |
connection_url: ${{secrets.MAIL_CONNECTION}} | |
subject: Build of ${{ github.event.repository.name }} v${{ steps.meta.outputs.version }} completed | |
body: | | |
The build job of ${{ github.event.repository.name }} v${{ steps.meta.outputs.version }} was completed successfully! | |
See https://github.com/${{ github.repository }}/actions for more information. |