Skip to content

build

build #479

Workflow file for this run

name: "build"
on:
workflow_dispatch:
push:
branches:
- "*"
tags:
- "v*"
schedule:
- cron: "07 00 * * 4"
pull_request:
branches:
- "*"
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: "Checkout"
uses: "actions/checkout@v3"
- name: "Set environment variables"
run: |
# TIPS!! Works as an export replacement, that handles GITHUB_ENV
export_ga() {
for _name in "${@}"
do
local _key="${_name%%=*}"
local _value="${_name#*=}"
[ "${_key}" == "${_name}" ] && _value="${!_name}"
export $_key="${_value}"
echo "${_key}=${_value}" >> "${GITHUB_ENV}"
done
}
export_ga GITHUB_SHA_SHORT="$(git rev-parse --short HEAD)"
export_ga REPO_NAME="${{ github.event.repository.name }}"
export_ga GH_REGISTRY="ghcr.io"
export_ga GH_USER="${{ github.actor }}"
export_ga GH_OWNER="${{ github.repository_owner }}"
export_ga BUILD_DATE="$(TZ=Europe/Paris date -Iseconds)"
export_ga REFNAME="$(echo "${{ github.ref }}" | sed -e 's/.*\///')"
export_ga VERSION="$(cat package.json | jq -r '.version')"
export_ga IMAGE_NAME="${GH_REGISTRY}/${GH_OWNER}/${REPO_NAME}"
export_ga IS_PR="${{ github.event_name == 'pull_request' }}"
export_ga IS_RELEASE="${{ startsWith(github.ref, 'refs/tags/v') }}"
if [ "${IS_RELEASE}" == "true" ]
then
export_ga VERSION_LABEL="${VERSION}"
export_ga DOCKER_TAGS="${IMAGE_NAME}:${REFNAME},${IMAGE_NAME}:latest"
export_ga DOCKER_UNPRIVILEGED_TAGS="${IMAGE_NAME}:unprivileged-${REFNAME},${IMAGE_NAME}:unprivileged"
else
export_ga VERSION_LABEL="${VERSION}-${GITHUB_SHA_SHORT}"
export_ga DOCKER_TAGS="${IMAGE_NAME}:${GITHUB_SHA_SHORT},${IMAGE_NAME}:${VERSION}-git,${IMAGE_NAME}:${VERSION}-${GITHUB_SHA_SHORT},${IMAGE_NAME}:${REFNAME}-${GITHUB_SHA_SHORT},${IMAGE_NAME}:${REFNAME}"
export_ga DOCKER_UNPRIVILEGED_TAGS="${IMAGE_NAME}:unprivileged-${GITHUB_SHA_SHORT},${IMAGE_NAME}:unprivileged-${VERSION}-git,${IMAGE_NAME}:unprivileged-${VERSION}-${GITHUB_SHA_SHORT},${IMAGE_NAME}:unprivileged-${REFNAME}-${GITHUB_SHA_SHORT},${IMAGE_NAME}:unprivileged-${REFNAME}"
fi
- name: "Configure git"
run: |
git config "user.name" "github-actions"
git config "user.email" "[email protected]"
- name: "Setup node"
uses: "actions/setup-node@v3"
with:
node-version: 16
- name: "Build application"
run: |
yarn
yarn create-example-cache
yarn build
- name: "Install cosign"
if: env.IS_PR != 'true'
uses: "sigstore/[email protected]"
with:
cosign-release: "v2.0.2"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v2"
- name: "Setup Docker buildx"
uses: "docker/[email protected]"
- name: "Login to github container registry"
uses: "docker/[email protected]"
with:
registry: "${{ env.GH_REGISTRY }}"
username: "${{ env.GH_USER }}"
password: "${{ secrets.GITHUB_TOKEN }}"
- name: "Build and push (unprivileged nginx)"
uses: "docker/build-push-action@v4"
with:
context: "."
platforms: "linux/amd64,linux/arm64,linux/386,linux/arm/v7"
push: ${{ env.IS_PR != 'true' }}
no-cache: true
file: Dockerfile-for-local-build
build-args: |
SOURCE=git
POINT=${{ env.GITHUB_SHA_SHORT }}
VCS_REF=${{ env.GITHUB_SHA_SHORT }}
BUILD_DATE=${{ env.BUILD_DATE }}
VERSION=${{ env.VERSION_LABEL }}
NGINXIMAGE=ghcr.io/nginxinc/nginx-unprivileged:stable-alpine-slim
tags: "${{ env.DOCKER_UNPRIVILEGED_TAGS }}"
- name: "Build and push (standard nginx)"
uses: "docker/build-push-action@v4"
with:
context: "."
platforms: "linux/amd64,linux/arm64,linux/386,linux/arm/v7"
push: ${{ env.IS_PR != 'true' }}
no-cache: true
file: Dockerfile-for-local-build
build-args: |
SOURCE=git
POINT=${{ env.GITHUB_SHA_SHORT }}
VCS_REF=${{ env.GITHUB_SHA_SHORT }}
BUILD_DATE=${{ env.BUILD_DATE }}
VERSION=${{ env.VERSION_LABEL }}
tags: "${{ env.DOCKER_TAGS }}"