# SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com) # SPDX-FileContributor: Sebastian Thomschke # SPDX-License-Identifier: Apache-2.0 # SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/docker-gitea-act-runner # # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions name: Build on: push: branches: # build all branches - '**' tags-ignore: # but don't build tags - '**' paths-ignore: - '**/*.md' - '.github/*.yml' schedule: # https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows - cron: '0 17 * * 3' pull_request: workflow_dispatch: inputs: VERSION: type: string default: latest description: Version of the Gitea Act Runner, see https://dl.gitea.com/act_runner/ # https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/ defaults: run: shell: bash env: DOCKER_IMAGE_REPO: vegardit/gitea-act-runner TRIVY_CACHE_DIR: ~/.trivy/cache jobs: build: runs-on: ubuntu-latest strategy: matrix: include: - DOCKER_IMAGE_FLAVOR: dood DOCKER_IMAGE_TAG_PREFIX: "" - DOCKER_IMAGE_FLAVOR: dind DOCKER_IMAGE_TAG_PREFIX: dind- - DOCKER_IMAGE_FLAVOR: dind-rootless DOCKER_IMAGE_TAG_PREFIX: dind-rootless- fail-fast: true steps: - name: Show environment variables run: env | sort - name: Git Checkout uses: actions/checkout@v4 #https://github.com/actions/checkout - name: Check Dockerfile uses: hadolint/hadolint-action@v3.1.0 with: dockerfile: image/Dockerfile ignore: DL3008,SC1091 # https://github.com/hadolint/hadolint/wiki/DL3008 - name: Cache trivy cache uses: actions/cache@v3 with: path: ${{ env.TRIVY_CACHE_DIR }} # https://github.com/actions/cache/issues/342#issuecomment-673371329 key: ${{ runner.os }}-trivy-${{ github.run_id }} restore-keys: | ${{ runner.os }}-trivy- - name: Configure fast APT repository mirror uses: vegardit/fast-apt-mirror.sh@v1 - name: Install dos2unix run: sudo apt-get install --no-install-recommends -y dos2unix - name: Install regclient if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps uses: iarekylew00t/regctl-installer@v1 - name: Login to docker.io if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps uses: docker/login-action@v2 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Login to ghcr.io if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ github.token }} - name: Build ${{ env.DOCKER_IMAGE_REPO }}:${{ env.DOCKER_IMAGE_TAG }} env: DOCKER_IMAGE_TAG_PREFIX: ${{ matrix.DOCKER_IMAGE_TAG_PREFIX }} DOCKER_IMAGE_FLAVOR: ${{ matrix.DOCKER_IMAGE_FLAVOR }} DOCKER_PUSH: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} TRIVY_GITHUB_TOKEN: ${{ github.token }} run: | if [[ -n "${{ inputs.VERSION }}" ]]; then export GITEA_ACT_RUNNER_VERSION="${{ inputs.VERSION }}" fi bash build-image.sh - name: Delete untagged images uses: actions/github-script@v6 if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps with: github-token: ${{ secrets.GHA_DELETE_PACKAGES }} script: | const imageName = /[^/]*$/.exec(process.env.DOCKER_IMAGE_REPO)[0] const basePath = `/orgs/${{ github.repository_owner }}/packages/container/${imageName}/versions` for (version of (await github.request(`GET ${basePath}`, { per_page: 100 })).data) { if (version.metadata.container.tags.length == 0) { console.log(`deleting ${version.name}...`) const delResponse = await github.request(`DELETE ${basePath}/${version.id}`) console.log(`status: ${delResponse.status}`) } }