Fix: Workflow caching old version of QBt #231

Workflow file for this run

.github/workflows/publish.yml at 1e08e36

	name: Build docker image

	on:
	push:
	branches: [ "master" ]
	# Publish semver tags as releases.
	tags:
	- 'v..*'
	paths:
	- '.github/workflows**'
	- 'rootfs/**'
	- 'build/**'
	- 'Dockerfile'
	pull_request:
	branches:
	- 'master'
	paths:
	- '.github/workflows**'
	- 'rootfs/**'
	- 'build/**'
	- 'Dockerfile'
	workflow_dispatch:


	env:
	# github.repository as <account>/<repo>
	IMAGE_NAME: ${{ github.repository }}


	jobs:
	build:

	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	# This is used to complete the identity challenge
	# with sigstore/fulcio when running outside of PRs.
	id-token: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	# Install the cosign tool except on PR
	- name: Install cosign
	if: github.event_name != 'pull_request'
	uses: sigstore/cosign-installer@v3
	with:
	cosign-release: 'v2.2.4'

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Setup Docker buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to GitHub Container Registry
	if: github.event_name != 'pull_request'
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Login to Docker Hub
	if: github.event_name != 'pull_request'
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Extract Docker metadata
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: \|
	ghcr.io/${{ env.IMAGE_NAME }}
	trigus42/qbittorrentvpn

	- name: Get latest release
	run: \|
	# Fetch release information and extract the release tag
	RELEASE_TAG=$(curl -s https://api.github.com/repos/userdocs/qbittorrent-nox-static/releases/latest \| jq -r '.tag_name')

	echo "RELEASE_TAG=$RELEASE_TAG" \| tee -a $GITHUB_ENV
	echo "VERSION_NUMBER=$(echo $RELEASE_TAG \| grep -P "\d(\.\d+)+" -o \| head -n 1)" \| tee -a $GITHUB_ENV

	- name: Setup vars
	run: \|
	echo "DATE=$(date -u +%Y%m%d)" \| tee -a $GITHUB_ENV
	echo "SHORT_SHA=$(git rev-parse --short HEAD)" \| tee -a $GITHUB_ENV

	# Build and push Docker image with Buildx (don't push on PR)
	- name: Build and push Docker image
	if: github.event_name != 'pull_request' && github.ref_name == 'master'
	id: build-and-push-master
	uses: docker/build-push-action@v5
	with:
	context: .
	platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64
	push: ${{ github.event_name != 'pull_request' }}
	build-args: \|
	"SOURCE_COMMIT=${{ env.SHORT_SHA }}"
	"QBITTORRENT_TAG=${{ env.RELEASE_TAG }}"
	tags: \|
	ghcr.io/trigus42/alpine-qbittorrentvpn:latest
	ghcr.io/trigus42/alpine-qbittorrentvpn:${{ github.head_ref \|\| github.ref_name }}
	ghcr.io/trigus42/alpine-qbittorrentvpn:${{ github.sha }}
	ghcr.io/trigus42/alpine-qbittorrentvpn:qbt${{ env.VERSION_NUMBER }}
	ghcr.io/trigus42/alpine-qbittorrentvpn:${{ github.sha }}-qbt${{ env.VERSION_NUMBER }}
	ghcr.io/trigus42/alpine-qbittorrentvpn:qbt${{ env.VERSION_NUMBER }}-${{ env.DATE }}
	trigus42/qbittorrentvpn:latest
	trigus42/qbittorrentvpn:${{ github.head_ref \|\| github.ref_name }}
	trigus42/qbittorrentvpn:${{ github.sha }}
	trigus42/qbittorrentvpn:qbt${{ env.VERSION_NUMBER }}
	trigus42/qbittorrentvpn:${{ github.sha }}-qbt${{ env.VERSION_NUMBER }}
	trigus42/qbittorrentvpn:qbt${{ env.VERSION_NUMBER }}-${{ env.DATE }}
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

	# Build and push Docker image with Buildx (don't push on PR)
	- name: Build and push Docker image
	if: github.ref_name != 'master'
	id: build-and-push
	uses: docker/build-push-action@v5
	with:
	context: .
	platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64
	push: ${{ github.event_name != 'pull_request' }}
	build-args: \|
	"SOURCE_COMMIT=${{ env.SHORT_SHA }}"
	"QBITTORRENT_TAG=${{ env.RELEASE_TAG }}"
	tags: \|
	ghcr.io/trigus42/alpine-qbittorrentvpn:${{ github.head_ref \|\| github.ref_name }}
	ghcr.io/trigus42/alpine-qbittorrentvpn:${{ github.head_ref \|\| github.ref_name }}-${{ github.sha }}
	trigus42/qbittorrentvpn:${{ github.head_ref \|\| github.ref_name }}
	trigus42/qbittorrentvpn:${{ github.head_ref \|\| github.ref_name }}-${{ github.sha }}
	labels: ${{ steps.meta.outputs.labels }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

	# Sign the resulting Docker image digest except on PRs.
	- name: Sign the published Docker image
	if: ${{ github.event_name != 'pull_request' }}
	env:
	COSIGN_EXPERIMENTAL: "true"
	# This step uses the identity token to provision an ephemeral certificate
	# against the sigstore community Fulcio instance.
	run: \|
	if [ -n "${{ steps.build-and-push-master.outputs.digest }}" ]; then
	echo "${{ steps.meta.outputs.tags }}" \| xargs -I {} cosign sign --yes {}@${{ steps.build-and-push-master.outputs.digest }}
	else
	echo "${{ steps.meta.outputs.tags }}" \| xargs -I {} cosign sign --yes {}@${{ steps.build-and-push.outputs.digest }}
	fi

	# For use in check_update workflow
	- name: Store artifacts
	if: github.event_name != 'pull_request' && github.ref_name == 'master'
	run: \|
	# Store the newly fetched release version in a file
	echo "${{ env.RELEASE_TAG }}" > qbt-release-info
	echo "Saved ${{ env.RELEASE_TAG }} to qbt-release-info"

	- name: Upload new artifacts
	if: github.event_name != 'pull_request' && github.ref_name == 'master'
	uses: actions/upload-artifact@v4
	with:
	name: qbt-release-info
	path: qbt-release-info

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix: Workflow caching old version of QBt #231

Workflow file

Fix: Workflow caching old version of QBt #231

Jobs

Run details

Workflow file for this run