External Trigger Main #5313
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: External Trigger Main | |
on: | |
workflow_dispatch: | |
jobs: | |
external-trigger-main: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/[email protected] | |
- name: External Trigger | |
if: github.ref == 'refs/heads/main' | |
env: | |
SKIP_EXTERNAL_TRIGGER: ${{ vars.SKIP_EXTERNAL_TRIGGER }} | |
run: | | |
printf "# External trigger for docker-socket-proxy\n\n" >> $GITHUB_STEP_SUMMARY | |
if grep -q "^socket-proxy_main" <<< "${SKIP_EXTERNAL_TRIGGER}"; then | |
echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY | |
echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`socket-proxy_main\`; skipping trigger." >> $GITHUB_STEP_SUMMARY | |
exit 0 | |
fi | |
echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY | |
echo "> External trigger running off of main branch. To disable this trigger, add \`socket-proxy_main\` into the Github organizational variable \`SKIP_EXTERNAL_TRIGGER\`." >> $GITHUB_STEP_SUMMARY | |
printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY | |
EXT_RELEASE=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.20/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \ | |
&& awk '/^P:'"nginx"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') | |
echo "Type is \`alpine_repo\`" >> $GITHUB_STEP_SUMMARY | |
if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then | |
echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY | |
echo "> Can't retrieve external version, exiting" >> $GITHUB_STEP_SUMMARY | |
FAILURE_REASON="Can't retrieve external version for socket-proxy branch main" | |
GHA_TRIGGER_URL="https://github.com/linuxserver/docker-socket-proxy/actions/runs/${{ github.run_id }}" | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, | |
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
exit 1 | |
fi | |
EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') | |
echo "External version: \`${EXT_RELEASE}\`" >> $GITHUB_STEP_SUMMARY | |
echo "Retrieving last pushed version" >> $GITHUB_STEP_SUMMARY | |
image="linuxserver/socket-proxy" | |
tag="latest" | |
token=$(curl -sX GET \ | |
"https://ghcr.io/token?scope=repository%3Alinuxserver%2Fsocket-proxy%3Apull" \ | |
| jq -r '.token') | |
multidigest=$(curl -s \ | |
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | |
--header "Authorization: Bearer ${token}" \ | |
"https://ghcr.io/v2/${image}/manifests/${tag}" \ | |
| jq -r 'first(.manifests[].digest)') | |
digest=$(curl -s \ | |
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | |
--header "Authorization: Bearer ${token}" \ | |
"https://ghcr.io/v2/${image}/manifests/${multidigest}" \ | |
| jq -r '.config.digest') | |
image_info=$(curl -sL \ | |
--header "Authorization: Bearer ${token}" \ | |
"https://ghcr.io/v2/${image}/blobs/${digest}") | |
if [[ $(echo $image_info | jq -r '.container_config') == "null" ]]; then | |
image_info=$(echo $image_info | jq -r '.config') | |
else | |
image_info=$(echo $image_info | jq -r '.container_config') | |
fi | |
IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}') | |
IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}') | |
if [ -z "${IMAGE_VERSION}" ]; then | |
echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY | |
echo "Can't retrieve last pushed version, exiting" >> $GITHUB_STEP_SUMMARY | |
FAILURE_REASON="Can't retrieve last pushed version for socket-proxy tag latest" | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, | |
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
exit 1 | |
fi | |
echo "Last pushed version: \`${IMAGE_VERSION}\`" >> $GITHUB_STEP_SUMMARY | |
if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then | |
echo "Version \`${EXT_RELEASE}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY | |
exit 0 | |
elif [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.20/main/aarch64/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"nginx"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]]; then | |
echo "New version \`${EXT_RELEASE}\` found; but not all arch repos updated yet; exiting" >> $GITHUB_STEP_SUMMARY | |
FAILURE_REASON="New version ${EXT_RELEASE} for socket-proxy tag latest is detected, however not all arch repos are updated yet. Will try again later." | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, | |
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
exit 0 | |
elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-socket-proxy/job/main/lastBuild/api/json | jq -r '.building') == "true" ]; then | |
echo "New version \`${EXT_RELEASE}\` found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY | |
exit 0 | |
else | |
if [[ "${artifacts_found}" == "false" ]]; then | |
echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY | |
echo "> New version detected, but not all artifacts are published yet; skipping trigger" >> $GITHUB_STEP_SUMMARY | |
FAILURE_REASON="New version ${EXT_RELEASE} for socket-proxy tag latest is detected, however not all artifacts are uploaded to upstream release yet. Will try again later." | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, | |
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
else | |
printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY | |
echo "New version \`${EXT_RELEASE}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY | |
if "${artifacts_found}" == "true" ]]; then | |
echo "All artifacts seem to be uploaded." >> $GITHUB_STEP_SUMMARY | |
fi | |
response=$(curl -iX POST \ | |
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-socket-proxy/job/main/buildWithParameters?PACKAGE_CHECK=false \ | |
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") | |
echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY | |
echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY | |
sleep 10 | |
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') | |
buildurl="${buildurl%$'\r'}" | |
echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY | |
echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY | |
curl -iX POST \ | |
"${buildurl}submitDescription" \ | |
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ | |
--data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ | |
--data-urlencode "Submit=Submit" | |
echo "**** Notifying Discord ****" | |
TRIGGER_REASON="A version change was detected for socket-proxy tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}" | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, | |
"description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
fi | |
fi |