Update alpine Docker tag to v3.21.2 #45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # The following secrets are required to push the images. | |
| # DOCKERHUB_USERNAME | |
| # DOCKERHUB_TOKEN | |
| # CR_PAT | |
| # QUAY_USERNAME | |
| # QUAY_TOKEN | |
| # The quay repository needs to be created first using the web interface and the | |
| # robot needs to be given write access to it before pushing to it. | |
| name: ci | |
| # Controls when the action will run. Workflow runs when manually triggered using the UI | |
| # or API. | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| paths: | |
| - 'Dockerfile' | |
| - 'LS' | |
| - 'VERSION' | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'Dockerfile' | |
| - 'LS' | |
| - 'VERSION' | |
| env: | |
| # How long to sleep before running the tests (gives the application time to start) | |
| GOSS_SLEEP: 30 | |
| jobs: | |
| prep: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.prep.outputs.version }} | |
| checksum: ${{ steps.prep.outputs.checksum }} | |
| ls: ${{ steps.prep.outputs.ls }} | |
| goss: ${{ steps.prep.outputs.goss }} | |
| push: ${{ steps.prep.outputs.push }} | |
| tag: ${{ steps.prep.outputs.version }}-ls${{ steps.prep.outputs.ls }} | |
| repo_name: ${{ steps.prep.outputs.repo_name }} | |
| date: ${{ steps.prep.outputs.date }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2.3.4 | |
| # Define if tests and push should be run against which versions/platforms | |
| - name: Prepare | |
| id: prep | |
| run: | | |
| VERSION=$(cat ./VERSION) | |
| echo ::set-output name=version::${VERSION} | |
| LS=$(cat ./LS) | |
| echo ::set-output name=ls::${LS} | |
| REPO_NAME=$(echo "${{ github.event.repository.name }}" | sed 's/[^-]*-//') | |
| echo ::set-output name=repo_name::${REPO_NAME} | |
| DATE=$(date -u +%Y-%m-%dT%H%M%SZ) | |
| echo ::set-output name=date::${DATE} | |
| if test -f "./CHECKSUM"; then | |
| CHECKSUM=$(cat ./CHECKSUM) | |
| echo ::set-output name=checksum::${CHECKSUM} | |
| else | |
| echo ::set-output name=checksum::"" | |
| fi | |
| if test -f "./goss.yaml"; then | |
| echo ::set-output name=goss::true | |
| else | |
| echo ::set-output name=goss::false | |
| fi | |
| if [ "${{github.event_name}}" == "pull_request" ]; then | |
| echo ::set-output name=push::false | |
| else | |
| echo ::set-output name=push::true | |
| fi | |
| tag-does-not-exist: | |
| runs-on: ubuntu-latest | |
| needs: prep | |
| outputs: | |
| exists: ${{ steps.checkTag.outputs.exists }} | |
| steps: | |
| - name: Check if tag already exists | |
| uses: mukunku/tag-exists-action@v1.0.0 | |
| id: checkTag | |
| with: | |
| tag: ${{ needs.prep.outputs.tag }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Fail if tag already exists | |
| id: set | |
| run: | | |
| if ${{ steps.checkTag.outputs.exists }} == true; then | |
| echo "${{needs.prep.outputs.tag}} already exists" | |
| exit 1 | |
| fi | |
| build: | |
| runs-on: ubuntu-latest | |
| if: always() # Run regardless if tag-does-not-exist fails | |
| needs: | |
| - prep | |
| - tag-does-not-exist | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2.3.4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v1.2.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1.5.1 | |
| with: | |
| driver-opts: image=moby/buildkit:master | |
| - name: Cache Docker layers | |
| uses: actions/cache@v2.1.6 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| # Install the GOSS testing framework | |
| - name: Set up goss/dgoss | |
| uses: e1himself/goss-installation-action@v1.0.3 | |
| if: needs.prep.outputs.goss == 'true' | |
| with: | |
| version: 'v0.3.16' | |
| # Creates a local build to run tests on | |
| - name: Build and Load local test-container | |
| uses: docker/build-push-action@v2 | |
| if: needs.prep.outputs.goss == 'true' | |
| with: | |
| build-args: | | |
| VERSION=${{ needs.prep.outputs.version }} | |
| CHECKSUM=${{ needs.prep.outputs.checksum }} | |
| context: . | |
| file: ./Dockerfile | |
| load: true | |
| tags: | | |
| ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:test | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new | |
| # Run GOSS tests if included with the container | |
| - name: Run GOSS tests | |
| if: needs.prep.outputs.goss == 'true' | |
| env: | |
| GOSS_FILE: ./goss.yaml | |
| run: | | |
| dgoss run ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:test | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v1.10.0 | |
| if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false' | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v1.10.0 | |
| if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false' | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: Login to Quay Registry | |
| uses: docker/login-action@v1.10.0 | |
| if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false' | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_TOKEN }} | |
| - name: Build and push | |
| uses: docker/build-push-action@v2.7.0 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| platforms: linux/amd64,linux/arm/v7,linux/arm64 | |
| push: ${{ needs.prep.outputs.push }} | |
| build-args: | | |
| BUILD_DATE=${{ needs.prep.outputs.date }} | |
| VERSION=${{ needs.prep.outputs.version }} | |
| CHECKSUM=${{ needs.prep.outputs.checksum }} | |
| tags: | | |
| ${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:latest | |
| ${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:${{needs.prep.outputs.tag}} | |
| ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:latest | |
| ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:${{needs.prep.outputs.tag}} | |
| quay.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:latest | |
| quay.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:${{needs.prep.outputs.tag}} | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new | |
| # This ugly bit is necessary if you don't want your cache to grow forever | |
| # till it hits GitHub's limit of 5GB. | |
| # Temp fix | |
| # https://github.com/docker/build-push-action/issues/252 | |
| # https://github.com/moby/buildkit/issues/1896 | |
| - name: Move cache | |
| if: needs.prep.outputs.push == 'true' | |
| run: | | |
| rm -rf /tmp/.buildx-cache | |
| mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
| - name: Create Release | |
| id: create_release | |
| uses: actions/create-release@v1.1.4 | |
| if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | |
| with: | |
| tag_name: ${{needs.prep.outputs.tag}} | |
| release_name: ${{needs.prep.outputs.tag}} | |
| draft: false | |
| prerelease: false |