asonix
643ea7c4ef
All checks were successful
/ build-containers (map[name:amd64 platform:amd64]) (push) Successful in 2m58s
/ prepare-suffix (push) Successful in 1s
/ build-assets (push) Successful in 2m59s
/ build-containers (map[name:arm64v8 platform:arm64]) (push) Successful in 17m17s
/ publish-docker (push) Successful in 12s
248 lines
7.7 KiB
YAML
248 lines
7.7 KiB
YAML
on:
|
|
push:
|
|
branches:
|
|
- 'main'
|
|
|
|
env:
|
|
RAILS_SERVE_STATIC_FILES: 'true'
|
|
RAILS_ENV: 'production'
|
|
NODE_ENV: 'production'
|
|
GIT_BRANCH: 'asonix/downstream'
|
|
GIT_REPOSITORY: 'asonix/mastodon'
|
|
GIT_HOST: 'https://git.asonix.dog'
|
|
REGISTRY_IMAGE: 'asonix/mastodon'
|
|
MASTODON_VERSION: 'v4.2.7'
|
|
REVISION: '1'
|
|
|
|
|
|
jobs:
|
|
build-assets:
|
|
runs-on: base-image
|
|
steps:
|
|
-
|
|
name: Clone mastodon
|
|
uses: https://github.com/actions/checkout@v4
|
|
with:
|
|
repository: ${{ env.GIT_REPOSITORY }}
|
|
ref: ${{ env.GIT_BRANCH }}
|
|
-
|
|
name: Install Ruby
|
|
run: |
|
|
apt-get -y install ruby-full libidn-dev
|
|
gem install bundler
|
|
-
|
|
name: Configure Bundler
|
|
run: |
|
|
bundle config set --local deployment true
|
|
bundle config set --local without 'development test'
|
|
bundle config set --local path vendor/bundle
|
|
bundle config set silence_root_warning true
|
|
-
|
|
name: Fetch gem cache
|
|
id: gem-cache
|
|
uses: https://github.com/actions/cache/restore@v4
|
|
with:
|
|
path: |
|
|
vendor/bundle/
|
|
key: gem-${{ hashFiles('Gemfile') }}-${{ hashFiles('Gemfile.lock') }}
|
|
-
|
|
name: Install gems
|
|
if: steps.gem-cache.outputs.cache-hit != 'true'
|
|
run: |
|
|
bundle install -j$(nproc)
|
|
-
|
|
name: Save gem cache
|
|
if: steps.gem-cache.outputs.cache-hit != 'true'
|
|
uses: https://github.com/actions/cache/save@v4
|
|
with:
|
|
path: |
|
|
vendor/bundle/
|
|
key: ${{ steps.gem-cache.outputs.cache-primary-key }}
|
|
-
|
|
name: Fetch node cache
|
|
id: node-cache
|
|
uses: https://github.com/actions/cache/restore@v4
|
|
with:
|
|
path: |
|
|
node_modules/
|
|
key: node-${{ hashFiles('package.json') }}-${{ hashFiles('yarn.lock') }}
|
|
-
|
|
name: Install node packages
|
|
if: steps.node-cache.outputs.cache-hit != 'true'
|
|
run: |
|
|
yarn install --pure-lockfile --production --network-timeout=30000
|
|
-
|
|
name: Save node cache
|
|
if: steps.node-cache.outputs.cache-hit != 'true'
|
|
uses: https://github.com/actions/cache/save@v4
|
|
with:
|
|
path: |
|
|
node_modules/
|
|
key: ${{ steps.node-cache.outputs.cache-primary-key }}
|
|
-
|
|
name: Build Assets
|
|
run: bundle exec rails assets:precompile
|
|
env:
|
|
OTP_SECRET: precompile_placeholder
|
|
SECRET_KEY_BASE: precompile_placeholder
|
|
-
|
|
name: GZip Assets
|
|
run: tar -zcf public.tar.gz public
|
|
-
|
|
name: Upload Assets
|
|
uses: https://github.com/actions/upload-artifact@v3
|
|
with:
|
|
name: assets
|
|
path: public.tar.gz
|
|
|
|
|
|
prepare-suffix:
|
|
runs-on: base-image
|
|
outputs:
|
|
SUFFIX: ${{ steps.prepare-suffix.outputs.suffix }}
|
|
steps:
|
|
-
|
|
name: Prepare suffix
|
|
id: prepare-suffix
|
|
run: |
|
|
suffix=${{ env.GIT_BRANCH }}
|
|
echo "suffix=${suffix//\//-}" >> "$GITHUB_OUTPUT"
|
|
shell: bash
|
|
|
|
|
|
build-containers:
|
|
needs: [build-assets, prepare-suffix]
|
|
runs-on: base-image
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
info:
|
|
- platform: amd64
|
|
name: amd64
|
|
- platform: arm64
|
|
name: arm64v8
|
|
steps:
|
|
-
|
|
name: Clone self
|
|
uses: https://github.com/actions/checkout@v4
|
|
-
|
|
name: Download assets
|
|
uses: https://github.com/actions/download-artifact@v3
|
|
with:
|
|
name: assets
|
|
path: .
|
|
-
|
|
name: GUnzip Assets
|
|
run: |
|
|
tar -zxf public.tar.gz
|
|
-
|
|
name: Prepare Platform
|
|
run: |
|
|
platform=${{ matrix.info.platform }}
|
|
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
|
|
shell: bash
|
|
-
|
|
name: Docker meta
|
|
id: meta
|
|
uses: https://github.com/docker/metadata-action@v5
|
|
with:
|
|
images: ${{ env.REGISTRY_IMAGE }}
|
|
flavor: |
|
|
latest=auto
|
|
suffix=-${{ needs.prepare-suffix.outputs.suffix }}-${{ matrix.info.name }}
|
|
tags: |
|
|
type=semver,pattern={{version}}-r${{ env.REVISION }},value=${{ env.MASTODON_VERSION }}
|
|
type=semver,pattern={{version}},value=${{ env.MASTODON_VERSION }}
|
|
type=semver,pattern={{major}}.{{minor}},value=${{ env.MASTODON_VERSION }}
|
|
type=semver,pattern={{major}},value=${{ env.MASTODON_VERSION }}
|
|
-
|
|
name: Set up QEMU
|
|
uses: https://github.com/docker/setup-qemu-action@v3
|
|
-
|
|
name: Set up Docker Buildx
|
|
uses: https://github.com/docker/setup-buildx-action@v3
|
|
-
|
|
name: Docker login
|
|
uses: https://github.com/docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
-
|
|
name: Build and push docker image
|
|
id: build
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
build-args: |
|
|
GIT_REPOSITORY=${{ env.GIT_HOST }}/${{ env.GIT_REPOSITORY }}
|
|
GIT_BRANCH=${{ env.GIT_BRANCH }}
|
|
platforms: ${{ matrix.info.platform }}
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
labels: ${{ steps.meta.outputs.labels }}
|
|
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},name-canonical=true,push=true
|
|
-
|
|
name: Export digest
|
|
run: |
|
|
mkdir -p /tmp/digests
|
|
digest="${{ steps.build.outputs.digest }}"
|
|
touch "/tmp/digests/${digest#sha256:}"
|
|
echo "Created /tmp/digests/${digest#sha256:}"
|
|
shell: bash
|
|
-
|
|
name: Upload ${{ matrix.info.platform }} digest
|
|
uses: https://github.com/actions/upload-artifact@v3
|
|
with:
|
|
name: digests
|
|
path: /tmp/digests/*
|
|
if-no-files-found: error
|
|
retention-days: 1
|
|
|
|
publish-docker:
|
|
runs-on: base-image
|
|
needs: [build-containers, prepare-suffix]
|
|
steps:
|
|
-
|
|
name: Download digests
|
|
uses: https://github.com/actions/download-artifact@v3
|
|
with:
|
|
name: digests
|
|
path: /tmp/digests
|
|
pattern: digests-*
|
|
merge-multiple: true
|
|
-
|
|
name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
-
|
|
name: Docker login
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
-
|
|
name: Docker meta
|
|
id: meta
|
|
uses: https://github.com/docker/metadata-action@v5
|
|
with:
|
|
images: ${{ env.REGISTRY_IMAGE }}
|
|
flavor: |
|
|
latest=auto
|
|
suffix=-${{ needs.prepare-suffix.outputs.suffix }}
|
|
tags: |
|
|
type=semver,pattern={{version}}-r${{ env.REVISION }},value=${{ env.MASTODON_VERSION }}
|
|
type=semver,pattern={{version}},value=${{ env.MASTODON_VERSION }}
|
|
type=semver,pattern={{major}}.{{minor}},value=${{ env.MASTODON_VERSION }}
|
|
type=semver,pattern={{major}},value=${{ env.MASTODON_VERSION }}
|
|
-
|
|
name: Create manifest list and push
|
|
working-directory: /tmp/digests
|
|
run: |
|
|
tags=$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "${DOCKER_METADATA_OUTPUT_JSON}")
|
|
images=$(printf "${{ env.REGISTRY_IMAGE }}@sha256:%s " *)
|
|
echo "Running 'docker buildx imagetools create ${tags[@]} ${images[@]}'"
|
|
docker buildx imagetools create ${tags[@]} ${images[@]}
|
|
shell: bash
|
|
-
|
|
name: Inspect Image
|
|
run: |
|
|
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}
|