Merge pull request #3951 from teicee/last-active #208
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
push: | |
paths: | |
- ".github/workflows/release.yml" | |
- "src/**" | |
- "migrations/**" | |
- "hooks/**" | |
- "docker/**" | |
- "Cargo.*" | |
- "build.rs" | |
- "diesel.toml" | |
- "rust-toolchain.toml" | |
branches: # Only on paths above | |
- main | |
tags: # Always, regardless of paths above | |
- '*' | |
jobs: | |
# https://github.com/marketplace/actions/skip-duplicate-actions | |
# Some checks to determine if we need to continue with building a new docker. | |
# We will skip this check if we are creating a tag, because that has the same hash as a previous run already. | |
skip_check: | |
runs-on: ubuntu-22.04 | |
if: ${{ github.repository == 'dani-garcia/vaultwarden' }} | |
outputs: | |
should_skip: ${{ steps.skip_check.outputs.should_skip }} | |
steps: | |
- name: Skip Duplicates Actions | |
id: skip_check | |
uses: fkirc/skip-duplicate-actions@12aca0a884f6137d619d6a8a09fcc3406ced5281 # v5.3.0 | |
with: | |
cancel_others: 'true' | |
# Only run this when not creating a tag | |
if: ${{ startsWith(github.ref, 'refs/heads/') }} | |
docker-build: | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 120 | |
needs: skip_check | |
# Start a local docker registry to be used to generate multi-arch images. | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
env: | |
# Use BuildKit (https://docs.docker.com/build/buildkit/) for better | |
# build performance and the ability to copy extended file attributes | |
# (e.g., for executable capabilities) across build phases. | |
DOCKER_BUILDKIT: 1 | |
SOURCE_COMMIT: ${{ github.sha }} | |
SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}" | |
# The *_REPO variables need to be configured as repository variables | |
# Append `/settings/variables/actions` to your repo url | |
# DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>' | |
# Check for Docker hub credentials in secrets | |
HAVE_DOCKERHUB_LOGIN: ${{ vars.DOCKERHUB_REPO != '' && secrets.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != '' }} | |
# GHCR_REPO needs to be 'ghcr.io/<user>/<repo>' | |
# Check for Github credentials in secrets | |
HAVE_GHCR_LOGIN: ${{ vars.GHCR_REPO != '' && github.repository_owner != '' && secrets.GITHUB_TOKEN != '' }} | |
# QUAY_REPO needs to be 'quay.io/<user>/<repo>' | |
# Check for Quay.io credentials in secrets | |
HAVE_QUAY_LOGIN: ${{ vars.QUAY_REPO != '' && secrets.QUAY_USERNAME != '' && secrets.QUAY_TOKEN != '' }} | |
if: ${{ needs.skip_check.outputs.should_skip != 'true' && github.repository == 'dani-garcia/vaultwarden' }} | |
strategy: | |
matrix: | |
base_image: ["debian","alpine"] | |
steps: | |
# Checkout the repo | |
- name: Checkout | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
with: | |
fetch-depth: 0 | |
# Determine Docker Tag | |
- name: Init Variables | |
id: vars | |
shell: bash | |
run: | | |
# Check which main tag we are going to build determined by github.ref | |
if [[ "${{ github.ref }}" == refs/tags/* ]]; then | |
echo "DOCKER_TAG=${GITHUB_REF#refs/*/}" | tee -a "${GITHUB_OUTPUT}" | |
elif [[ "${{ github.ref }}" == refs/heads/* ]]; then | |
echo "DOCKER_TAG=testing" | tee -a "${GITHUB_OUTPUT}" | |
fi | |
# End Determine Docker Tag | |
# Login to Docker Hub | |
- name: Login to Docker Hub | |
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }} | |
# Login to GitHub Container Registry | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
if: ${{ env.HAVE_GHCR_LOGIN == 'true' }} | |
# Login to Quay.io | |
- name: Login to Quay.io | |
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | |
with: | |
registry: quay.io | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_TOKEN }} | |
if: ${{ env.HAVE_QUAY_LOGIN == 'true' }} | |
# Debian | |
# Docker Hub | |
- name: Build Debian based images (docker.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" | |
run: | | |
./hooks/build | |
if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} | |
- name: Push Debian based images (docker.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" | |
run: | | |
./hooks/push | |
if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} | |
# GitHub Container Registry | |
- name: Build Debian based images (ghcr.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.GHCR_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" | |
run: | | |
./hooks/build | |
if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }} | |
- name: Push Debian based images (ghcr.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.GHCR_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" | |
run: | | |
./hooks/push | |
if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }} | |
# Quay.io | |
- name: Build Debian based images (quay.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.QUAY_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" | |
run: | | |
./hooks/build | |
if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }} | |
- name: Push Debian based images (quay.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.QUAY_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" | |
run: | | |
./hooks/push | |
if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }} | |
# Alpine | |
# Docker Hub | |
- name: Build Alpine based images (docker.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" | |
run: | | |
./hooks/build | |
if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} | |
- name: Push Alpine based images (docker.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" | |
run: | | |
./hooks/push | |
if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} | |
# GitHub Container Registry | |
- name: Build Alpine based images (ghcr.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.GHCR_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" | |
run: | | |
./hooks/build | |
if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }} | |
- name: Push Alpine based images (ghcr.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.GHCR_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" | |
run: | | |
./hooks/push | |
if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }} | |
# Quay.io | |
- name: Build Alpine based images (quay.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.QUAY_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" | |
run: | | |
./hooks/build | |
if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }} | |
- name: Push Alpine based images (quay.io) | |
shell: bash | |
env: | |
DOCKER_REPO: "${{ vars.QUAY_REPO }}" | |
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" | |
run: | | |
./hooks/push | |
if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }} |