nginx #3520
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build image | |
on: | |
push: | |
branches: | |
- master | |
- main | |
workflow_dispatch: | |
inputs: | |
buildtype: | |
description: 'Build by "force" or on "change"' | |
required: true | |
default: 'force' | |
repository_dispatch: | |
types: nginx | |
jobs: | |
compare: | |
runs-on: ubuntu-latest | |
outputs: | |
flag: ${{ steps.set-flag.outputs.flag }} | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: [amd64, arm, arm64] | |
steps: | |
- name: checkout repository | |
uses: actions/checkout@v2 | |
- name: container registries | |
run: | | |
docker login ghcr.io -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} | |
docker login docker.io -u ${{ secrets.DOCKERUSERNAME }} -p ${{ secrets.DOCKERAPIKEY }} | |
- name: compare image | |
id: set-flag | |
run: | | |
export DOCKER_CLI_EXPERIMENTAL=enabled | |
repo="treehouses/nginx-tags:${{ matrix.arch }}" | |
base="treehouses/alpine-tags:${{ matrix.arch }}" | |
docker pull -q $base &>/dev/null | |
docker pull -q $repo &>/dev/null | |
basesha=$(docker image inspect $base | jq --raw-output '.[0].RootFS.Layers|.[]') | |
reposha=$(docker image inspect $repo | jq --raw-output '.[0].RootFS.Layers|.[]') | |
echo "base sha:$basesha repo sha:$reposha" | |
${{ github.event.inputs.buildtype == 'force' }} && echo "::set-output name=flag::true" || echo "building on change" | |
[[ $reposha == *$basesha* ]] && echo "no changes" || echo "::set-output name=flag::true" | |
images: | |
needs: compare | |
runs-on: ubuntu-latest | |
outputs: | |
build: ${{ steps.set-build.outputs.build }} | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: [amd64, arm, arm64] | |
steps: | |
- name: checkout repository | |
uses: actions/checkout@v2 | |
- name: container registries | |
run: | | |
docker login ghcr.io -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} | |
docker login docker.io -u ${{ secrets.DOCKERUSERNAME }} -p ${{ secrets.DOCKERAPIKEY }} | |
- name: docker image | |
if: ${{ needs.compare.outputs.flag }} | |
id: set-build | |
run: | | |
export DOCKER_CLI_EXPERIMENTAL=enabled | |
base="treehouses/alpine-tags:${{ matrix.arch }}" | |
repo="treehouses/nginx-tags" | |
dest="$repo:${{ matrix.arch }}" | |
date="$(date +%Y%m%d%H%M)" | |
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes | |
docker build -t ghcr.io/$dest --build-arg BASE=$base . | |
docker tag ghcr.io/$dest docker.io/$dest | |
docker tag ghcr.io/$dest ghcr.io/$dest-$date | |
docker tag docker.io/$dest docker.io/$dest-$date | |
docker push --all-tags ghcr.io/$repo | |
docker push --all-tags docker.io/$repo | |
docker images | |
echo "::set-output name=build::true" | |
manifests: | |
needs: images | |
strategy: | |
fail-fast: false | |
matrix: | |
registry: [docker.io, ghcr.io] | |
runs-on: ubuntu-latest | |
outputs: | |
send: ${{ steps.set-send.outputs.send }} | |
steps: | |
- name: container registries | |
run: | | |
docker login ghcr.io -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} | |
docker login docker.io -u ${{ secrets.DOCKERUSERNAME }} -p ${{ secrets.DOCKERAPIKEY }} | |
- name: create manifests | |
if: ${{ needs.images.outputs.build }} | |
id: set-send | |
run: | | |
repo="${{ matrix.registry }}/treehouses/nginx" | |
date="$(date +%Y%m%d%H%M)" | |
docker manifest create $repo:latest $repo-tags:amd64 $repo-tags:arm $repo-tags:arm64 | |
docker manifest create $repo:$date $repo-tags:amd64 $repo-tags:arm $repo-tags:arm64 | |
docker manifest annotate $repo:latest $repo-tags:arm --os linux --arch arm | |
docker manifest annotate $repo:$date $repo-tags:arm --os linux --arch arm | |
docker manifest inspect $repo:latest | |
docker manifest push $repo:latest | |
docker manifest push $repo:$date | |
echo "::set-output name=send::true" | |
message: | |
needs: manifests | |
runs-on: ubuntu-latest | |
steps: | |
- name: message chat of new image | |
if: ${{ needs.manifests.outputs.send }} | |
run: | | |
sudo npm install -g @treehouses/cli | |
export gitter_channel="${{ secrets.CHANNEL }}" | |
echo "https://hub.docker.com/r/treehouses/nginx/tags" | |
echo "https://github.com/treehouses/nginx/pkgs/container/nginx" | |
treehouses feedback "new treehouses/nginx check https://hub.docker.com/r/treehouses/nginx/tags or https://github.com/treehouses/nginx/pkgs/container/nginx" |