Build #625
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com) | |
| # SPDX-FileContributor: Sebastian Thomschke | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/docker-gitea-ext | |
| # | |
| # https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions | |
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - '**' | |
| tags-ignore: | |
| - '**' | |
| paths-ignore: | |
| - '**/*.md' | |
| - '.github/*.yml' | |
| schedule: | |
| # https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows | |
| - cron: '0 17 * * 3' | |
| pull_request: | |
| workflow_dispatch: | |
| # https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/ | |
| env: | |
| DOCKER_IMAGE_REPO: vegardit/gitea-ext | |
| DOCKER_IMAGE_TAG: latest | |
| TRIVY_CACHE_DIR: ~/.trivy/cache | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Git Checkout | |
| uses: actions/checkout@v4 #https://github.com/actions/checkout | |
| - name: Cache trivy cache | |
| uses: actions/cache@v4 | |
| if: env.ACT != 'true' # https://github.com/nektos/act#skipping-steps | |
| with: | |
| path: ${{ env.TRIVY_CACHE_DIR }} | |
| # https://github.com/actions/cache/issues/342#issuecomment-673371329 | |
| key: ${{ runner.os }}-trivy-${{ github.run_id }} | |
| restore-keys: | | |
| ${{ runner.os }}-trivy- | |
| - name: Configure fast APT repository mirror | |
| uses: vegardit/fast-apt-mirror.sh@v1 | |
| - name: Install dos2unix | |
| run: sudo apt-get install --no-install-recommends -y dos2unix | |
| - name: Build ${{ env.DOCKER_IMAGE_REPO }}:${{ env.DOCKER_IMAGE_TAG }} | |
| env: | |
| DOCKER_REGISTRY: docker.io | |
| DOCKER_REGISTRY_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| DOCKER_REGISTRY_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }} | |
| TRIVY_GITHUB_TOKEN: ${{ github.token }} | |
| run: | | |
| if [[ $GITHUB_REF_NAME == "main" && $ACT != "true" ]]; then | |
| export DOCKER_PUSH=1 | |
| echo "$DOCKER_REGISTRY_TOKEN" | docker login -u="$DOCKER_REGISTRY_USERNAME" "$DOCKER_REGISTRY" --password-stdin | |
| fi | |
| bash build-image.sh | |
| - name: Publish Docker image to GH registry | |
| if: ${{ github.ref_name == 'main' && !env.ACT }} # https://github.com/nektos/act#skipping-steps | |
| run: | | |
| set -eux | |
| echo "${{ github.token }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin | |
| docker image tag $DOCKER_IMAGE_REPO ghcr.io/$DOCKER_IMAGE_REPO | |
| docker push ghcr.io/$DOCKER_IMAGE_REPO | |
| gitea_version=$(docker run --rm $DOCKER_IMAGE_REPO /app/gitea/gitea --version | LC_ALL=en_US.utf8 grep -oP 'Gitea version \K\d+\.\d+\.\d+' || true) | |
| echo gitea_version=$gitea_version | |
| docker image tag $DOCKER_IMAGE_REPO ghcr.io/$DOCKER_IMAGE_REPO:${gitea_version%%.*}.x #1.x | |
| docker push ghcr.io/$DOCKER_IMAGE_REPO:${gitea_version%%.*}.x #1.x | |
| - name: Delete untagged images | |
| uses: actions/github-script@v7 | |
| if: ${{ github.ref_name == 'main' && !env.ACT }} # https://github.com/nektos/act#skipping-steps | |
| with: | |
| github-token: ${{ secrets.GHA_DELETE_PACKAGES }} | |
| script: | | |
| const imageName = /[^/]*$/.exec(process.env.DOCKER_IMAGE_REPO)[0] | |
| const basePath = `/orgs/${{ github.repository_owner }}/packages/container/${imageName}/versions` | |
| for (version of (await github.request(`GET ${basePath}`, { per_page: 100 })).data) { | |
| if (version.metadata.container.tags.length == 0) { | |
| console.log(`deleting ${version.name}...`) | |
| const delResponse = await github.request(`DELETE ${basePath}/${version.id}`) | |
| console.log(`status: ${delResponse.status}`) | |
| } | |
| } |