Merge pull request #210 from martinling/reorganise #276
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
pull_request: | |
workflow_dispatch: | |
name: CI-DOCKER | |
env: | |
GTK_VERSION: 4.14.4 | |
IMAGE_NAME: ${{ github.repository }}-gtk-4.14.4 | |
IMAGE_TAG: ${{ github.ref_name }} | |
jobs: | |
create-docker-image: | |
permissions: | |
contents: read | |
packages: write | |
attestations: write | |
id-token: write | |
name: Create Docker image | |
runs-on: ubuntu-latest | |
outputs: | |
NAME: ${{ env.IMAGE_NAME }} | |
TAG: ${{ env.IMAGE_TAG }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Escape image tag | |
run: | | |
echo "IMAGE_TAG=$(echo ${{ env.IMAGE_TAG }} | sed -e 's/\//-/g')" >> $GITHUB_ENV | |
echo "IMAGE_NAME: ${{ env.IMAGE_NAME }}" | |
echo "IMAGE_TAG: ${{ env.IMAGE_TAG }}" | |
- name: Use 'main' Docker image tag if this is a PR from a fork | |
id: origin | |
shell: bash | |
if: github.event.pull_request.head.repo.fork | |
run: | | |
echo 'IMAGE_TAG=main' >> $GITHUB_ENV | |
- name: Check if Dockerfile has changed | |
uses: dorny/paths-filter@v3 | |
id: changed | |
with: | |
base: ${{ github.ref_name }} | |
filters: | | |
dockerfile: | |
- "appimage/docker/**" | |
- name: Check if Docker image exists | |
id: exists | |
shell: bash | |
run: | | |
declare -a HEADERS=( | |
'-H' "Accept: application/vnd.oci.image.manifest.v1+json" | |
'-H' "Accept: application/vnd.oci.image.index.v1+json" | |
'-H' "Authorization: Bearer $(echo ${{ secrets.GITHUB_TOKEN }} | base64)" | |
) | |
RESULT=$(curl "${HEADERS[@]}" https://ghcr.io/v2/${IMAGE_NAME}/manifests/${IMAGE_TAG}) | |
echo 'dockerimage<<EOF' >> $GITHUB_OUTPUT | |
echo ${RESULT} | jq 'has("manifests")' >> $GITHUB_OUTPUT | |
echo 'EOF' >> $GITHUB_OUTPUT | |
- name: Check if we need to build the Docker image | |
id: dockerimage | |
if: | | |
! github.event.pull_request.head.repo.fork && | |
(steps.changed.outputs.dockerfile == 'true' || steps.exists.outputs.dockerimage == 'false') | |
run: | | |
echo 'build=true' >> $GITHUB_OUTPUT | |
- name: Log in to the Container registry | |
if: steps.dockerimage.outputs.build | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Docker Buildx | |
if: steps.dockerimage.outputs.build | |
uses: docker/setup-buildx-action@v3 | |
- name: Build and push Docker image | |
if: steps.dockerimage.outputs.build | |
id: push | |
uses: docker/build-push-action@v6 | |
with: | |
context: appimage/docker/ | |
push: true | |
tags: ghcr.io/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} | |
cache-from: type=gha, scope=${{ env.IMAGE_TAG }} | |
cache-to: type=gha, scope=${{ env.IMAGE_TAG }}, mode=max | |
- name: Generate artifact attestation | |
if: steps.dockerimage.outputs.build | |
uses: actions/attest-build-provenance@v1 | |
with: | |
subject-name: ghcr.io/${{ env.IMAGE_NAME }} | |
subject-digest: ${{ steps.push.outputs.digest }} | |
push-to-registry: true | |
build-linux-appimage: | |
permissions: | |
contents: read | |
packages: read | |
needs: create-docker-image | |
name: Build Linux AppImage | |
runs-on: ubuntu-latest | |
container: | |
image: ghcr.io/${{ needs.create-docker-image.outputs.NAME }}:${{ needs.create-docker-image.outputs.TAG }} | |
credentials: | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
steps: | |
- name: Check image name & tag | |
run: | | |
echo "NAME: ${{ needs.create-docker-image.outputs.NAME }}" | |
echo "TAG: ${{ needs.create-docker-image.outputs.TAG }}" | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Workaround issues when GitHub does not respect the HOME env var | |
run: | | |
# GitHub Actions only supports containers running as root | |
# see: https://github.com/actions/checkout/issues/1014 | |
mv /home/runner/.cargo $HOME | |
mv /home/runner/.nvm $HOME | |
mv /home/runner/.rustup $HOME | |
- name: Install toolchain | |
run: | | |
rustup toolchain install stable | |
rustup default stable | |
- uses: Swatinem/rust-cache@v2 | |
- name: Build packetry binary | |
run: | | |
cargo build --release | |
- name: Test under XVFB (Linux) | |
run: | | |
xvfb-run cargo test | |
if: runner.os == 'Linux' | |
- name: Install cargo-license (Linux) | |
uses: taiki-e/cache-cargo-install-action@v2 | |
with: | |
tool: cargo-license | |
- name: Gather licenses (Linux) | |
# If the default shell is used, one command failing does not fail the action. | |
shell: bash | |
run: | | |
pip install license-expression | |
python wix/rust_licenses.py > appimage/packetry.AppDir/usr/share/doc/LICENSE-static-libraries.txt | |
mv wix/full-licenses appimage/packetry.AppDir/usr/share/doc | |
cp LICENSE appimage/packetry.AppDir/usr/share/doc/LICENSE-packetry.txt | |
- name: Run build appimage action (Linux) | |
# NB: The full path to the action is: ./appimage/action.yml | |
uses: ./appimage/ | |
with: | |
executable: target/release/packetry | |
icon-file: appimage/dist/icon.png | |
desktop-file: appimage/dist/packetry.desktop | |
appdir: appimage/packetry.AppDir | |
- name: Upload AppImage binary (Linux) | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Linux AppImage binary | |
path: packetry-x86_64.AppImage | |
if-no-files-found: error |