External Trigger Main #13969
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: External Trigger Main | |
on: | |
workflow_dispatch: | |
jobs: | |
external-trigger-main: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4.1.1 | |
- name: External Trigger | |
if: github.ref == 'refs/heads/main' | |
run: | | |
if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_BASEIMAGE_ALPINE_GLIBC_MAIN }}" ]; then | |
echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_BASEIMAGE_ALPINE_GLIBC_MAIN is set; skipping trigger. ****" | |
echo "Github secret \`PAUSE_EXTERNAL_TRIGGER_BASEIMAGE_ALPINE_GLIBC_MAIN\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY | |
exit 0 | |
fi | |
echo "**** External trigger running off of main branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_BASEIMAGE_ALPINE_GLIBC_MAIN\". ****" | |
echo "External trigger running off of main branch. To disable this trigger, set a Github secret named \`PAUSE_EXTERNAL_TRIGGER_BASEIMAGE_ALPINE_GLIBC_MAIN\`" >> $GITHUB_STEP_SUMMARY | |
echo "**** Retrieving external version ****" | |
EXT_RELEASE=$(curl -sL "https://packages.imagegenius.io/v3.19/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \ | |
&& awk '/^P:'"glibc"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') | |
if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then | |
echo "**** Can't retrieve external version, exiting ****" | |
FAILURE_REASON="Can't retrieve external version of baseimage-alpine-glibc on branch main" | |
GHA_TRIGGER_URL="https://github.com/imagegenius/docker-baseimage-alpine-glibc/actions/runs/${{ github.run_id }}" | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, | |
"description": "**Trigger Failed (${{ github.repository }})** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
exit 1 | |
fi | |
EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') | |
echo "**** External version: ${EXT_RELEASE} ****" | |
echo "External version: ${EXT_RELEASE}" >> $GITHUB_STEP_SUMMARY | |
echo "**** Retrieving last pushed version ****" | |
image="imagegenius/baseimage-alpine-glibc" | |
tag="latest" | |
token=$(curl -sX GET \ | |
-u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" \ | |
"https://ghcr.io/token?scope=repository%3Aimagegenius%2Fbaseimage-alpine-glibc%3Apull" \ | |
| jq -r '.token') | |
multidigest=$(curl -s \ | |
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | |
--header "Authorization: Bearer ${token}" \ | |
"https://ghcr.io/v2/${image}/manifests/${tag}" \ | |
| jq -r 'first(.manifests[].digest)') | |
digest=$(curl -s \ | |
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | |
--header "Authorization: Bearer ${token}" \ | |
"https://ghcr.io/v2/${image}/manifests/${multidigest}" \ | |
| jq -r '.config.digest') | |
image_info=$(curl -sL \ | |
--header "Authorization: Bearer ${token}" \ | |
"https://ghcr.io/v2/${image}/blobs/${digest}") | |
if [[ $(echo $image_info | jq -r '.container_config') == "null" ]]; then | |
image_info=$(echo $image_info | jq -r '.config') | |
else | |
image_info=$(echo $image_info | jq -r '.container_config') | |
fi | |
IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}') | |
IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ig' '{print $1}') | |
if [ -z "${IMAGE_VERSION}" ]; then | |
echo "**** Can't retrieve last pushed version, exiting ****" | |
FAILURE_REASON="Can't retrieve last pushed version of baseimage-alpine-glibc:latest" | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, | |
"description": "**Trigger Failed (${{ github.repository }})** \n**Reason:** '"${FAILURE_REASON}"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
exit 1 | |
fi | |
echo "**** Last pushed version: ${IMAGE_VERSION} ****" | |
echo "Last pushed version: ${IMAGE_VERSION}" >> $GITHUB_STEP_SUMMARY | |
if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then | |
echo "**** Version ${EXT_RELEASE} already pushed, exiting ****" | |
echo "Version ${EXT_RELEASE} already pushed, exiting" >> $GITHUB_STEP_SUMMARY | |
exit 0 | |
elif [[ $(curl -sL "https://packages.imagegenius.io/v3.19/aarch64/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"glibc"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]]; then | |
echo "**** New version ${EXT_RELEASE} found; but not all arch repos updated yet; exiting ****" | |
echo "New version ${EXT_RELEASE} found; but not all arch repos updated yet; exiting" >> $GITHUB_STEP_SUMMARY | |
FAILURE_REASON="New version ${EXT_RELEASE} for baseimage-alpine-glibc tag latest is detected, however not all arch repos are updated yet. Will try again later." | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, | |
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
exit 0 | |
elif [ $(curl -s https://ci.imagegenius.io/job/Docker-Pipeline-Builders/job/docker-baseimage-alpine-glibc/job/main/lastBuild/api/json | jq -r '.building') == "true" ]; then | |
echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****" | |
echo "New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY | |
exit 0 | |
else | |
echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****" | |
echo "New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build" >> $GITHUB_STEP_SUMMARY | |
response=$(curl -iX POST \ | |
https://ci.imagegenius.io/job/Docker-Pipeline-Builders/job/docker-baseimage-alpine-glibc/job/main/buildWithParameters?PACKAGE_CHECK=false \ | |
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") | |
echo "**** Jenkins job queue url: ${response%$'\r'} ****" | |
echo "**** Sleeping 10 seconds until job starts ****" | |
sleep 10 | |
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') | |
buildurl="${buildurl%$'\r'}" | |
echo "**** Jenkins job build url: ${buildurl} ****" | |
echo "Jenkins job build url: ${buildurl}" >> $GITHUB_STEP_SUMMARY | |
echo "**** Attempting to change the Jenkins job description ****" | |
curl -iX POST \ | |
"${buildurl}submitDescription" \ | |
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ | |
--data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ | |
--data-urlencode "Submit=Submit" | |
echo "**** Notifying Discord ****" | |
TRIGGER_REASON="A new version of baseimage-alpine-glibc:latest was detected. (${IMAGE_VERSION} > ${EXT_RELEASE})" | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, | |
"description": "**Build Triggered (${{ github.repository }})** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
fi |