Skip to content

Commit

Permalink
Refactor build workflow and add check for update
Browse files Browse the repository at this point in the history
  • Loading branch information
atmoz committed Jul 13, 2024
1 parent c3c949d commit 883e655
Show file tree
Hide file tree
Showing 2 changed files with 115 additions and 61 deletions.
89 changes: 89 additions & 0 deletions .github/actions/build-image/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
name: Push image
description: Push image to image repos
inputs:
image:
description: image to push
required: true
tag:
description: tag to push
required: true
update-check:
description: command to run on old image and check for updates
required: true
github-token:
description: token for pushing image to GitHub
required: true
dockerhub-username:
description: username for pushing image to Docker Hub
required: true
dockerhub-password:
description: password for pushing image to Docker Hub
required: true
runs:
using: "composite"
steps:
- name: Check for changes or updates
id: changes
shell: bash
run: |
latest_tag="docker.pkg.github.com/${{ inputs.image }}/${{ inputs.tag }}"
echo "${{ inputs.github-token }}" | docker login docker.pkg.github.com \
-u ${{ github.actor }} --password-stdin
docker pull "$latest_tag"
docker logout docker.pkg.github.com
packages="$(docker run --rm "$latest_tag" sh -c "${{ inputs.update-check }}")"
echo "$packages"
revision="$(docker image inspect --format \
'{{index .Config.Labels "org.opencontainers.image.revision"}}' \
"$latest_tag")"
echo "$revision"
if [ "$revision" != "$GITHUB_SHA" ] || [ "${#packages}" -gt 0 ]; then
echo "Changes detected"
echo "detected=true" >> "$GITHUB_OUTPUT"
else
echo "No change detected"
echo "detected=false" >> "$GITHUB_OUTPUT"
fi
- name: Build image
if: steps.changes.outputs.detected == 'true'
shell: bash
run: |
docker build . \
--pull=true \
--file=Dockerfile-alpine \
--tag="${{ inputs.image }}:${{ inputs.tag }}" \
--label="org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
--label="org.opencontainers.image.revision=$GITHUB_SHA" \
--label="org.opencontainers.image.created=$(date --rfc-3339=seconds)"
- name: Test image
if: steps.changes.outputs.detected == 'true'
shell: bash
run: tests/run "${{ inputs.image }}:${{ inputs.tag }}"

- name: Push image to GitHub registry
if: >
steps.changes.outputs.detected == 'true' &&
github.ref == 'refs/heads/master'
shell: bash
run: |
echo "${{ inputs.github-token }}" | docker login docker.pkg.github.com \
-u ${{ github.actor }} --password-stdin
github_tag=docker.pkg.github.com/${{ inputs.image }}/${{ inputs.tag }}
docker tag "${{ inputs.image }}:${{ inputs.tag }}" $github_tag
docker push "$github_tag"
docker logout docker.pkg.github.com
- name: Push images to Docker Hub registry
if: steps.changes.outputs.detected == 'true'
shell: bash
run: |
echo "${{ inputs.dockerhub-password }}" | docker login \
-u ${{ inputs.dockerhub-username }} --password-stdin
docker push "${{ inputs.image }}:${{ inputs.tag }}"
docker logout
87 changes: 26 additions & 61 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,77 +10,42 @@ on:
- "*.png"
pull_request:

env:
IMAGE_NAME: atmoz/sftp

jobs:
build:
build-images:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # for proper signature verification
submodules: true # for shunit2

- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
with:
ignore_paths: tests/shunit2

- name: Build debian image
run: |
docker build . \
--pull=true \
--file=Dockerfile \
--tag="$IMAGE_NAME:latest" \
--tag="$IMAGE_NAME:debian" \
--label="org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
--label="org.opencontainers.image.revision=$GITHUB_SHA" \
--label="org.opencontainers.image.created=$(date --rfc-3339=seconds)"
- name: Test debian image
run: tests/run $IMAGE_NAME:debian

- name: Build alpine image
run: |
docker build . \
--pull=true \
--file=Dockerfile-alpine \
--tag="$IMAGE_NAME:alpine" \
--label="org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
--label="org.opencontainers.image.revision=$GITHUB_SHA" \
--label="org.opencontainers.image.created=$(date --rfc-3339=seconds)"
- name: Test alpine image
run: tests/run $IMAGE_NAME:alpine
fetch-depth: 0 # for proper signature verification

- name: Verify signature
if: github.ref == 'refs/heads/master'
if: github.repository == 'atmoz/sftp'
uses: atmoz/git-verify-ref@master
with:
import-github-users: atmoz

- name: Push images to Docker Hub registry
if: github.ref == 'refs/heads/master'
run: |
echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login \
-u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
docker push --all-tags $IMAGE_NAME
docker logout
- name: Push images to GitHub registry
if: github.ref == 'refs/heads/master'
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com \
-u ${{ github.actor }} --password-stdin
TAG_DEBIAN=docker.pkg.github.com/$GITHUB_REPOSITORY/debian
TAG_ALPINE=docker.pkg.github.com/$GITHUB_REPOSITORY/alpine
docker tag $IMAGE_NAME:debian $TAG_DEBIAN
docker tag $IMAGE_NAME:alpine $TAG_ALPINE
docker push $TAG_DEBIAN
docker push $TAG_ALPINE
docker logout docker.pkg.github.com
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
with:
ignore_paths: tests/shunit2

- name: alpine
uses: ./.github/actions/build-image
with:
image: $GITHUB_REPOSITORY
tag: alpine
update-check: "apk update &>/dev/null && apk version -q -l '>'"
github-token: ${{ secrets.GITHUB_TOKEN }}
dockerhub-username: ${{ secrets.DOCKER_HUB_USERNAME }}
dockerhub-password: ${{ secrets.DOCKER_HUB_PASSWORD }}

- name: debian
uses: ./.github/actions/build-image
with:
image: $GITHUB_REPOSITORY
tag: debian
update-check: "apt-get update &>/dev/null && apt-get upgrade -s | grep ^Inst"
github-token: ${{ secrets.GITHUB_TOKEN }}
dockerhub-username: ${{ secrets.DOCKER_HUB_USERNAME }}
dockerhub-password: ${{ secrets.DOCKER_HUB_PASSWORD }}

0 comments on commit 883e655

Please sign in to comment.