-
Notifications
You must be signed in to change notification settings - Fork 10
131 lines (112 loc) · 4.54 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: "build"
on:
workflow_dispatch:
push:
branches:
- "*"
tags:
- "v*"
schedule:
- cron: "07 00 * * 4"
pull_request:
branches:
- "*"
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: "Checkout"
uses: "actions/checkout@v3"
- name: "Set environment variables"
run: |
# TIPS!! Works as an export replacement, that handles GITHUB_ENV
export_ga() {
for _name in "${@}"
do
local _key="${_name%%=*}"
local _value="${_name#*=}"
[ "${_key}" == "${_name}" ] && _value="${!_name}"
export $_key="${_value}"
echo "${_key}=${_value}" >> "${GITHUB_ENV}"
done
}
export_ga GITHUB_SHA_SHORT="$(git rev-parse --short HEAD)"
export_ga REPO_NAME="${{ github.event.repository.name }}"
export_ga GH_REGISTRY="ghcr.io"
export_ga GH_USER="${{ github.actor }}"
export_ga GH_OWNER="${{ github.repository_owner }}"
export_ga BUILD_DATE="$(TZ=Europe/Paris date -Iseconds)"
export_ga REFNAME="$(echo "${{ github.ref }}" | sed -e 's/.*\///')"
export_ga VERSION="$(cat package.json | jq -r '.version')"
export_ga IMAGE_NAME="${GH_REGISTRY}/${GH_OWNER}/${REPO_NAME}"
export_ga IS_PR="${{ github.event_name == 'pull_request' }}"
export_ga IS_RELEASE="${{ startsWith(github.ref, 'refs/tags/v') }}"
if [ "${IS_RELEASE}" == "true" ]
then
export_ga VERSION_LABEL="${VERSION}"
export_ga DOCKER_TAGS="${IMAGE_NAME}:${REFNAME},${IMAGE_NAME}:latest"
export_ga DOCKER_UNPRIVILEGED_TAGS="${IMAGE_NAME}:unprivileged-${REFNAME},${IMAGE_NAME}:unprivileged"
else
export_ga VERSION_LABEL="${VERSION}-${GITHUB_SHA_SHORT}"
export_ga DOCKER_TAGS="${IMAGE_NAME}:${GITHUB_SHA_SHORT},${IMAGE_NAME}:${VERSION}-git,${IMAGE_NAME}:${VERSION}-${GITHUB_SHA_SHORT},${IMAGE_NAME}:${REFNAME}-${GITHUB_SHA_SHORT},${IMAGE_NAME}:${REFNAME}"
export_ga DOCKER_UNPRIVILEGED_TAGS="${IMAGE_NAME}:unprivileged-${GITHUB_SHA_SHORT},${IMAGE_NAME}:unprivileged-${VERSION}-git,${IMAGE_NAME}:unprivileged-${VERSION}-${GITHUB_SHA_SHORT},${IMAGE_NAME}:unprivileged-${REFNAME}-${GITHUB_SHA_SHORT},${IMAGE_NAME}:unprivileged-${REFNAME}"
fi
- name: "Configure git"
run: |
git config "user.name" "github-actions"
git config "user.email" "[email protected]"
- name: "Setup node"
uses: "actions/setup-node@v3"
with:
node-version: 16
- name: "Build application"
run: |
yarn
yarn create-example-cache
yarn build
- name: "Install cosign"
if: env.IS_PR != 'true'
uses: "sigstore/[email protected]"
with:
cosign-release: "v2.0.2"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v2"
- name: "Setup Docker buildx"
uses: "docker/[email protected]"
- name: "Login to github container registry"
uses: "docker/[email protected]"
with:
registry: "${{ env.GH_REGISTRY }}"
username: "${{ env.GH_USER }}"
password: "${{ secrets.GITHUB_TOKEN }}"
- name: "Build and push (unprivileged nginx)"
uses: "docker/build-push-action@v4"
with:
context: "."
platforms: "linux/amd64,linux/arm64,linux/386,linux/arm/v7"
push: ${{ env.IS_PR != 'true' }}
no-cache: true
file: Dockerfile-for-local-build
build-args: |
SOURCE=git
POINT=${{ env.GITHUB_SHA_SHORT }}
VCS_REF=${{ env.GITHUB_SHA_SHORT }}
BUILD_DATE=${{ env.BUILD_DATE }}
VERSION=${{ env.VERSION_LABEL }}
NGINXIMAGE=ghcr.io/nginxinc/nginx-unprivileged:stable-alpine-slim
tags: "${{ env.DOCKER_UNPRIVILEGED_TAGS }}"
- name: "Build and push (standard nginx)"
uses: "docker/build-push-action@v4"
with:
context: "."
platforms: "linux/amd64,linux/arm64,linux/386,linux/arm/v7"
push: ${{ env.IS_PR != 'true' }}
no-cache: true
file: Dockerfile-for-local-build
build-args: |
SOURCE=git
POINT=${{ env.GITHUB_SHA_SHORT }}
VCS_REF=${{ env.GITHUB_SHA_SHORT }}
BUILD_DATE=${{ env.BUILD_DATE }}
VERSION=${{ env.VERSION_LABEL }}
tags: "${{ env.DOCKER_TAGS }}"