-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docker: build and publish images in CI (#11)
- Loading branch information
Showing
3 changed files
with
226 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,179 @@ | ||
name: Docker | ||
on: | ||
push: | ||
branches: | ||
- main | ||
pull_request: | ||
paths: | ||
- 'Dockerfile' | ||
- '.github/workflows/docker.yml' | ||
release: | ||
types: [ published ] | ||
|
||
jobs: | ||
buildx: | ||
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | ||
runs-on: ubuntu-latest | ||
permissions: | ||
actions: write | ||
contents: read | ||
packages: write | ||
steps: | ||
- name: Cancel previous runs | ||
uses: styfle/cancel-workflow-action@0.9.1 | ||
with: | ||
all_but_latest: true | ||
access_token: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Checkout code | ||
uses: actions/checkout@v2 | ||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v1 | ||
- name: Set up Docker Buildx | ||
id: buildx | ||
uses: docker/setup-buildx-action@v1 | ||
with: | ||
config-inline: | | ||
[worker.oci] | ||
max-parallelism = 2 | ||
- name: Inspect builder | ||
run: | | ||
echo "Name: ${{ steps.buildx.outputs.name }}" | ||
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" | ||
echo "Status: ${{ steps.buildx.outputs.status }}" | ||
echo "Flags: ${{ steps.buildx.outputs.flags }}" | ||
echo "Platforms: ${{ steps.buildx.outputs.platforms }}" | ||
- name: Login to Docker Hub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
- name: Login to GitHub Container registry | ||
uses: docker/login-action@v1 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.repository_owner }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Build and push images | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: . | ||
platforms: linux/amd64,linux/arm64,linux/arm/v7 | ||
push: true | ||
tags: | | ||
unknwon/codenotify.run:latest | ||
ghcr.io/codenotify/codenotify.run:latest | ||
- name: Send email on failure | ||
uses: dawidd6/action-send-mail@v3 | ||
if: ${{ failure() }} | ||
with: | ||
server_address: smtp.mailgun.org | ||
server_port: 465 | ||
username: ${{ secrets.SMTP_USERNAME }} | ||
password: ${{ secrets.SMTP_PASSWORD }} | ||
subject: GitHub Actions (${{ github.repository }}) job result | ||
to: github-actions-8ce6454@unknwon.io | ||
from: GitHub Actions (${{ github.repository }}) | ||
reply_to: noreply@unknwon.io | ||
body: | | ||
The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}". | ||
View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | ||
buildx-pull-request: | ||
if: ${{ github.event_name == 'pull_request'}} | ||
runs-on: ubuntu-latest | ||
permissions: | ||
contents: read | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v2 | ||
- name: Set up Docker Buildx | ||
id: buildx | ||
uses: docker/setup-buildx-action@v1 | ||
with: | ||
config-inline: | | ||
[worker.oci] | ||
max-parallelism = 2 | ||
- name: Inspect builder | ||
run: | | ||
echo "Name: ${{ steps.buildx.outputs.name }}" | ||
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" | ||
echo "Status: ${{ steps.buildx.outputs.status }}" | ||
echo "Flags: ${{ steps.buildx.outputs.flags }}" | ||
echo "Platforms: ${{ steps.buildx.outputs.platforms }}" | ||
- name: Compute short commit SHA | ||
uses: benjlevesque/short-sha@v1.2 | ||
- name: Build and push images | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: . | ||
platforms: linux/amd64 | ||
push: true | ||
tags: | | ||
ttl.sh/codenotify/codenotify.run-${{ env.SHA }}:1d | ||
# Updates to the following section needs to be synced to all release branches within their lifecycles. | ||
buildx-release: | ||
if: ${{ github.event_name == 'release' }} | ||
runs-on: ubuntu-latest | ||
permissions: | ||
actions: write | ||
contents: read | ||
packages: write | ||
steps: | ||
- name: Compute image tag name | ||
run: echo "IMAGE_TAG=$(echo $GITHUB_REF_NAME | cut -c 2-)" >> $GITHUB_ENV | ||
- name: Checkout code | ||
uses: actions/checkout@v2 | ||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v1 | ||
- name: Set up Docker Buildx | ||
id: buildx | ||
uses: docker/setup-buildx-action@v1 | ||
with: | ||
config-inline: | | ||
[worker.oci] | ||
max-parallelism = 2 | ||
- name: Inspect builder | ||
run: | | ||
echo "Name: ${{ steps.buildx.outputs.name }}" | ||
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" | ||
echo "Status: ${{ steps.buildx.outputs.status }}" | ||
echo "Flags: ${{ steps.buildx.outputs.flags }}" | ||
echo "Platforms: ${{ steps.buildx.outputs.platforms }}" | ||
- name: Login to Docker Hub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
- name: Login to GitHub Container registry | ||
uses: docker/login-action@v1 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.repository_owner }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Build and push images | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: . | ||
platforms: linux/amd64,linux/arm64,linux/arm/v7 | ||
push: true | ||
tags: | | ||
unknwon/codenotify.run:${{ env.IMAGE_TAG }} | ||
ghcr.io/codenotify/codenotify.run:${{ env.IMAGE_TAG }} | ||
- name: Send email on failure | ||
uses: dawidd6/action-send-mail@v3 | ||
if: ${{ failure() }} | ||
with: | ||
server_address: smtp.mailgun.org | ||
server_port: 465 | ||
username: ${{ secrets.SMTP_USERNAME }} | ||
password: ${{ secrets.SMTP_PASSWORD }} | ||
subject: GitHub Actions (${{ github.repository }}) job result | ||
to: github-actions-8ce6454@unknwon.io | ||
from: GitHub Actions (${{ github.repository }}) | ||
reply_to: noreply@unknwon.io | ||
body: | | ||
The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}". | ||
View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
FROM golang:alpine3.16 AS binarybuilder | ||
RUN apk --no-cache --no-progress add --virtual \ | ||
build-deps \ | ||
build-base \ | ||
git | ||
|
||
# Install Task | ||
RUN wget --quiet https://github.com/go-task/task/releases/download/v3.16.0/task_linux_amd64.tar.gz -O task_linux_amd64.tar.gz \ | ||
&& sh -c 'echo "e928c2b753aee89c03b42a6b38b05043197f2e5ab1c956841357edc924633cc9 task_linux_amd64.tar.gz" | sha256sum -c' \ | ||
&& tar -xzf task_linux_amd64.tar.gz \ | ||
&& mv task /usr/local/bin/task | ||
|
||
WORKDIR /dist | ||
COPY . . | ||
RUN task build | ||
|
||
# Install Codenotify | ||
RUN GOBIN=/dist/.bin go install github.com/sourcegraph/codenotify@v0.6.4 | ||
|
||
FROM alpine:3.16 | ||
RUN echo https://dl-cdn.alpinelinux.org/alpine/edge/community/ >> /etc/apk/repositories \ | ||
&& apk --no-cache --no-progress add \ | ||
ca-certificates \ | ||
git | ||
|
||
# Install gosu | ||
RUN export url="https://github.com/tianon/gosu/releases/download/1.14/gosu-"; \ | ||
if [ `uname -m` == "aarch64" ]; then \ | ||
wget --quiet ${url}arm64 -O /usr/sbin/gosu \ | ||
&& sh -c 'echo "73244a858f5514a927a0f2510d533b4b57169b64d2aa3f9d98d92a7a7df80cea /usr/sbin/gosu" | sha256sum -c'; \ | ||
elif [ `uname -m` == "armv7l" ]; then \ | ||
wget --quiet ${url}armhf -O /usr/sbin/gosu \ | ||
&& sh -c 'echo "abb1489357358b443789571d52b5410258ddaca525ee7ac3ba0dd91d34484589 /usr/sbin/gosu" | sha256sum -c'; \ | ||
else \ | ||
wget --quiet ${url}amd64 -O /usr/sbin/gosu \ | ||
&& sh -c 'echo "bd8be776e97ec2b911190a82d9ab3fa6c013ae6d3121eea3d0bfd5c82a0eaf8c /usr/sbin/gosu" | sha256sum -c'; \ | ||
fi \ | ||
&& chmod +x /usr/sbin/gosu | ||
|
||
WORKDIR /app/codenotify.run/ | ||
COPY --from=binarybuilder /dist/ . | ||
|
||
VOLUME ["/app/codenotify.run/custom"] | ||
EXPOSE 2830 | ||
CMD ["/app/codenotify.run/codenotifyd"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters