# SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com) # SPDX-FileContributor: Sebastian Thomschke # SPDX-License-Identifier: Apache-2.0 # SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/docker-gitea-act-runner # # https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions name: Build on: push: branches: # build all branches - '**' tags-ignore: # but don't build tags - '**' paths-ignore: - '**/*.md' - '.github/*.yml' schedule: # https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows - cron: '0 17 * * 3' pull_request: workflow_dispatch: # https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/ defaults: run: shell: bash env: DOCKER_IMAGE_REPO: vegardit/gitea-act-runner TRIVY_CACHE_DIR: ~/.trivy/cache jobs: build: runs-on: ubuntu-latest strategy: matrix: include: - DOCKER_IMAGE_FLAVOR: dood DOCKER_IMAGE_TAG: latest - DOCKER_IMAGE_FLAVOR: dind DOCKER_IMAGE_TAG: dind-latest fail-fast: true steps: - name: Show environment variables run: env | sort - name: Git Checkout uses: actions/checkout@v3 #https://github.com/actions/checkout - name: Check Dockerfile uses: hadolint/hadolint-action@v3.1.0 with: dockerfile: image/Dockerfile ignore: DL3008,SC1091 # https://github.com/hadolint/hadolint/wiki/DL3008 - name: Cache trivy cache uses: actions/cache@v3 with: path: ${{ env.TRIVY_CACHE_DIR }} # https://github.com/actions/cache/issues/342#issuecomment-673371329 key: ${{ runner.os }}-trivy-${{ github.run_id }} restore-keys: | ${{ runner.os }}-trivy- - name: Configure fast APT repository mirror uses: vegardit/fast-apt-mirror.sh@v1 - name: Install dos2unix run: sudo apt-get install --no-install-recommends -y dos2unix - name: Login to docker.io if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps run: | docker login docker.io -u "${{ secrets.DOCKER_HUB_USERNAME }}" -p "${{ secrets.DOCKER_HUB_TOKEN }}" - name: Build ${{ env.DOCKER_IMAGE_REPO }}:${{ env.DOCKER_IMAGE_TAG }} env: DOCKER_IMAGE_TAG: ${{ matrix.DOCKER_IMAGE_TAG }} DOCKER_IMAGE_FLAVOR: ${{ matrix.DOCKER_IMAGE_FLAVOR }} DOCKER_PUSH: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} TRIVY_GITHUB_TOKEN: ${{ github.token }} run: bash build-image.sh - name: Publish Docker image to GH registry if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps uses: truemark/skopeo-copy-action@v1 # https://github.com/truemark/skopeo-copy-action with: src-image: "docker://docker.io/${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.DOCKER_IMAGE_TAG }}" dest-image: "docker://ghcr.io/${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.DOCKER_IMAGE_TAG }}" dest-username: "${{ github.actor }}" dest-password: "${{ github.token }}" multi-arch: "all" - name: Delete untagged images uses: actions/github-script@v6 if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps with: github-token: ${{ secrets.GHA_DELETE_PACKAGES }} script: | const imageName = /[^/]*$/.exec(process.env.DOCKER_IMAGE_REPO)[0] const basePath = `/orgs/${{ github.repository_owner }}/packages/container/${imageName}/versions` for (version of (await github.request(`GET ${basePath}`, { per_page: 100 })).data) { if (version.metadata.container.tags.length == 0) { console.log(`deleting ${version.name}...`) const delResponse = await github.request(`DELETE ${basePath}/${version.id}`) console.log(`status: ${delResponse.status}`) } }