Fix PR creation on forked repositories (#31863) (#32591) #4016
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release-nightly | |
on: | |
push: | |
branches: [main, release/v*] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
disk-clean: | |
uses: ./.github/workflows/disk-clean.yml | |
nightly-binary: | |
runs-on: nscloud | |
steps: | |
- uses: actions/checkout@v4 | |
# fetch all commits instead of only the last as some branches are long lived and could have many between versions | |
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 | |
- run: git fetch --unshallow --quiet --tags --force | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
check-latest: true | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
cache: npm | |
cache-dependency-path: package-lock.json | |
- run: make deps-frontend deps-backend | |
# xgo build | |
- run: make release | |
env: | |
TAGS: bindata sqlite sqlite_unlock_notify | |
- name: import gpg key | |
id: import_gpg | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
gpg_private_key: ${{ secrets.GPGSIGN_KEY }} | |
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }} | |
- name: sign binaries | |
run: | | |
for f in dist/release/*; do | |
echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f" | |
done | |
# clean branch name to get the folder name in S3 | |
- name: Get cleaned branch name | |
id: clean_name | |
run: | | |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') | |
echo "Cleaned name is ${REF_NAME}" | |
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT" | |
- name: configure aws | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ secrets.AWS_REGION }} | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
- name: upload binaries to s3 | |
run: | | |
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress | |
nightly-docker-rootful: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
# fetch all commits instead of only the last as some branches are long lived and could have many between versions | |
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 | |
- run: git fetch --unshallow --quiet --tags --force | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
check-latest: true | |
- uses: docker/setup-qemu-action@v3 | |
- uses: docker/setup-buildx-action@v3 | |
- name: Get cleaned branch name | |
id: clean_name | |
run: | | |
# if main then say nightly otherwise cleanup name | |
if [ "${{ github.ref }}" = "refs/heads/main" ]; then | |
echo "branch=nightly" >> "$GITHUB_OUTPUT" | |
exit 0 | |
fi | |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') | |
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT" | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: fetch go modules | |
run: make vendor | |
- name: build rootful docker image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
tags: gitea/gitea:${{ steps.clean_name.outputs.branch }} | |
nightly-docker-rootless: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
# fetch all commits instead of only the last as some branches are long lived and could have many between versions | |
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 | |
- run: git fetch --unshallow --quiet --tags --force | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
check-latest: true | |
- uses: docker/setup-qemu-action@v3 | |
- uses: docker/setup-buildx-action@v3 | |
- name: Get cleaned branch name | |
id: clean_name | |
run: | | |
# if main then say nightly otherwise cleanup name | |
if [ "${{ github.ref }}" = "refs/heads/main" ]; then | |
echo "branch=nightly" >> "$GITHUB_OUTPUT" | |
exit 0 | |
fi | |
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') | |
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT" | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: fetch go modules | |
run: make vendor | |
- name: build rootless docker image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
platforms: linux/amd64,linux/arm64 | |
push: true | |
file: Dockerfile.rootless | |
tags: gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless |