Check for updates #607
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check for updates | |
on: | |
schedule: | |
- cron: '0 4 * * *' | |
workflow_dispatch: | |
jobs: | |
check-for-updates: | |
runs-on: ubuntu-latest | |
permissions: | |
# Give the default GITHUB_TOKEN write permission to commit and push the | |
# added or changed files to the repository. | |
contents: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Check if image needs updating | |
id: image-update | |
run: | | |
docker pull alpine:3.19 | |
docker images --format '{{.ID}}' alpine:3.19 > .github/docker-image-built-against | |
git ls-remote https://github.com/samhocevar/rinetd.git main > .github/docker-rinetd-built-against | |
img_needs_updating=`git status --porcelain` | |
set -x | |
echo "needs-updating=`[[ $img_needs_updating ]] && echo true || echo false`" >>$GITHUB_OUTPUT | |
- name: Check if there are any package updates | |
id: pkg-update | |
run: | | |
docker pull ghcr.io/digitallyrefined/docker-wireguard-tunnel | |
pkgs_to_update=`docker run --rm ghcr.io/digitallyrefined/docker-wireguard-tunnel sh -c ' \ | |
apk upgrade --simulate --no-cache | { grep Upgrading || true; }'` | |
set -x | |
echo "needs-updating=`[[ $pkgs_to_update ]] && echo true || echo false`" >>$GITHUB_OUTPUT | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
if: steps.image-update.outputs.needs-updating == 'true' || steps.pkg-update.outputs.needs-updating == 'true' | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 | |
with: | |
driver-opts: 'image=moby/buildkit:v0.10.5' | |
if: steps.image-update.outputs.needs-updating == 'true' || steps.pkg-update.outputs.needs-updating == 'true' | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ secrets.GHCR_USERNAME }} | |
password: ${{ secrets.GHCR_TOKEN }} | |
if: steps.image-update.outputs.needs-updating == 'true' || steps.pkg-update.outputs.needs-updating == 'true' | |
- name: Build and push | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
platforms: linux/amd64,linux/arm64,linux/arm/v7 | |
push: true | |
tags: | | |
ghcr.io/digitallyrefined/docker-wireguard-tunnel:latest | |
ghcr.io/digitallyrefined/docker-wireguard-tunnel:v3 | |
if: steps.image-update.outputs.needs-updating == 'true' || steps.pkg-update.outputs.needs-updating == 'true' | |
- name: Commit and push changes | |
uses: stefanzweifel/git-auto-commit-action@v5 | |
with: | |
commit_message: Update image built against version | |
if: steps.image-update.outputs.needs-updating == 'true' || steps.pkg-update.outputs.needs-updating == 'true' | |