-
Notifications
You must be signed in to change notification settings - Fork 0
141 lines (123 loc) · 4.52 KB
/
publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: Publish Docker image
on:
workflow_dispatch:
push:
branches:
- master
paths:
- apps/**
pull_request:
paths:
- apps/**
env:
REPOSITORY: ixsystems
jobs:
lint:
name: Run Linters
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Run Hadolint
uses: reviewdog/action-hadolint@48e0d147329dca2fa1663f4a9b6b715b57dcfe28 # v1.50.0
continue-on-error: true
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
reporter: github-pr-review
fail_level: error
filter_mode: diff_context
- name: Run ShellCheck
uses: reviewdog/action-shellcheck@6e0e63d1750d02d761b3df0f2c5ba9f9ac4a9ed7 # v1.29.0
continue-on-error: true
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
reporter: github-pr-review
fail_level: error
filter_mode: diff_context
build:
permissions:
packages: write
contents: read
name: Build
runs-on: ubuntu-24.04
strategy:
matrix:
containers:
- app: tftpd-hpa
- app: rsyncd
- app: postgres-upgrade
- app: nextcloud-fpm
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v45
with:
files: |
apps/${{ matrix.containers.app }}/**
# TODO: We should later look into getting the changed files before the matrix
# and generate a matrix based on the changed files.
- name: Detect changes
id: detect_changes
shell: bash
run: |
if [ -n "${{ steps.changed-files.outputs.all_changed_files }}" ]; then
echo "Changes detected, proceeding with build."
echo "skip=false" >> $GITHUB_OUTPUT
exit 0
fi
echo "No changes detected, skipping build."
echo "skip=true" >> $GITHUB_OUTPUT
# Login first so we can pull the manifest
# even if the repository is private
- name: Login to DockerHub
if: steps.detect_changes.outputs.skip == 'false'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Prepare
if: steps.detect_changes.outputs.skip == 'false'
id: prepare
shell: bash
run: |
# Grab the version from the VERSION file
if [ -f ./apps/${{ matrix.containers.app }}/get_version.sh ]; then
if [ ! -x ./apps/${{ matrix.containers.app }}/get_version.sh ]; then
echo "get_version.sh is not executable, please check the permissions."
exit 1
fi
VERSION=$(./apps/${{ matrix.containers.app }}/get_version.sh ./apps/${{ matrix.containers.app }})
else
VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION)
fi
echo "Version: $VERSION"
result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION" || echo 1)
# Result contains 1 if the tag does not exist or a JSON object if it does.
# If the result is not 1, means the "production" tag exists.
# We should fail the build and ask for a version bump.
if [[ "$result" != 1 ]]; then
echo "Version $VERSION already exists, please bump the version in the VERSION file."
exit 1
fi
echo "Version $VERSION does not exist, proceeding with build."
# Initialize the output
OUTPUT_VERSION="$VERSION"
# If this is a pull request, append the PR number
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
OUTPUT_VERSION="unstable"
fi
echo "Final version: $OUTPUT_VERSION"
# Set the output
echo "APP_VERSION=$OUTPUT_VERSION" >> $GITHUB_OUTPUT
- name: Build and push Docker images
if: ${{ steps.detect_changes.outputs.skip == 'false' && steps.prepare.outputs.APP_VERSION != '' }}
uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4
with:
context: apps/${{ matrix.containers.app }}/
push: true
tags: |
${{ env.REPOSITORY }}/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }}