docker - fix wrong sha256 image tag #44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Automatic push (RELEASE) | |
| permissions: read-all | |
| on: | |
| push: | |
| branches: [master] | |
| jobs: | |
| # scorecards-analysis: | |
| # uses: ./.github/workflows/scorecards-analysis.yml | |
| codeql: | |
| uses: ./.github/workflows/codeql.yml | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| # Build amd64 + 386 containers images | |
| build-containers: | |
| strategy: | |
| matrix: | |
| image: [bunkerweb, scheduler, autoconf, ui] | |
| arch: [linux/amd64, linux/386] | |
| include: | |
| - release: latest | |
| cache: false | |
| push: false | |
| - image: bunkerweb | |
| dockerfile: src/bw/Dockerfile | |
| - image: scheduler | |
| dockerfile: src/scheduler/Dockerfile | |
| - image: autoconf | |
| dockerfile: src/autoconf/Dockerfile | |
| - image: ui | |
| dockerfile: src/ui/Dockerfile | |
| - arch: linux/amd64 | |
| cache_suffix: amd64 | |
| - arch: linux/386 | |
| cache_suffix: "386" | |
| uses: ./.github/workflows/container-build.yml | |
| with: | |
| RELEASE: ${{ matrix.release }} | |
| ARCH: ${{ matrix.arch }} | |
| IMAGE: ${{ matrix.image }} | |
| DOCKERFILE: ${{ matrix.dockerfile }} | |
| CACHE: ${{ matrix.cache }} | |
| PUSH: ${{ matrix.push }} | |
| CACHE_SUFFIX: ${{ matrix.cache_suffix }} | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
| # Create ARM environment | |
| create-arm: | |
| uses: ./.github/workflows/create-arm.yml | |
| secrets: | |
| SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} | |
| SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} | |
| SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }} | |
| SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }} | |
| ARM_SSH_KEY: ${{ secrets.ARM_SSH_KEY }} | |
| ARM_SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }} | |
| # Build arm64 + arm/v7 images | |
| build-containers-arm: | |
| needs: [create-arm] | |
| strategy: | |
| matrix: | |
| image: [bunkerweb, scheduler, autoconf, ui] | |
| arch: ["linux/arm64,linux/arm/v7"] | |
| include: | |
| - release: latest | |
| cache: false | |
| push: false | |
| cache_suffix: arm | |
| - image: bunkerweb | |
| dockerfile: src/bw/Dockerfile | |
| - image: scheduler | |
| dockerfile: src/scheduler/Dockerfile | |
| - image: autoconf | |
| dockerfile: src/autoconf/Dockerfile | |
| - image: ui | |
| dockerfile: src/ui/Dockerfile | |
| uses: ./.github/workflows/container-build.yml | |
| with: | |
| RELEASE: ${{ matrix.release }} | |
| ARCH: ${{ matrix.arch }} | |
| IMAGE: ${{ matrix.image }} | |
| DOCKERFILE: ${{ matrix.dockerfile }} | |
| CACHE: ${{ matrix.cache }} | |
| PUSH: ${{ matrix.push }} | |
| CACHE_SUFFIX: ${{ matrix.cache_suffix }} | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
| ARM_SSH_KEY: ${{ secrets.ARM_SSH_KEY }} | |
| ARM_SSH_IP: ${{ needs.create-arm.outputs.ip }} | |
| ARM_SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }} | |
| # Build Linux packages | |
| build-packages: | |
| needs: [create-arm] | |
| strategy: | |
| matrix: | |
| linux: [ubuntu, debian, fedora, rhel, rhel9, ubuntu-jammy] | |
| platforms: [linux/amd64, linux/arm64] | |
| include: | |
| - release: latest | |
| - linux: ubuntu | |
| package: deb | |
| - linux: debian | |
| package: deb | |
| - linux: fedora | |
| package: rpm | |
| - linux: rhel | |
| package: rpm | |
| - linux: rhel9 | |
| package: rpm | |
| - linux: ubuntu-jammy | |
| package: deb | |
| uses: ./.github/workflows/linux-build.yml | |
| with: | |
| RELEASE: ${{ matrix.release }} | |
| LINUX: ${{ matrix.linux }} | |
| PACKAGE: ${{ matrix.package }} | |
| TEST: false | |
| PLATFORMS: ${{ matrix.platforms }} | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
| ARM_SSH_KEY: ${{ secrets.ARM_SSH_KEY }} | |
| ARM_SSH_IP: ${{ needs.create-arm.outputs.ip }} | |
| ARM_SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }} | |
| # Wait for all builds and extract VERSION | |
| wait-builds: | |
| runs-on: ubuntu-latest | |
| needs: [codeql, build-containers, build-containers-arm, build-packages] | |
| outputs: | |
| version: ${{ steps.getversion.outputs.version }} | |
| versionrpm: ${{ steps.getversionrpm.outputs.versionrpm }} | |
| steps: | |
| - name: Checkout source code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Get VERSION | |
| id: getversion | |
| run: echo "version=$(cat src/VERSION | tr -d '\n')" >> "$GITHUB_OUTPUT" | |
| - name: Get VERSION (for RPM based) | |
| id: getversionrpm | |
| run: echo "versionrpm=$(cat src/VERSION | tr -d '\n' | sed 's/-/_/g')" >> "$GITHUB_OUTPUT" | |
| # Push Docker images | |
| push-images: | |
| permissions: | |
| contents: read | |
| packages: write | |
| needs: [create-arm, wait-builds] | |
| strategy: | |
| matrix: | |
| image: | |
| [bunkerweb, bunkerweb-scheduler, bunkerweb-autoconf, bunkerweb-ui] | |
| include: | |
| - release: latest | |
| - image: bunkerweb | |
| cache_from: bunkerweb | |
| dockerfile: src/bw/Dockerfile | |
| - image: bunkerweb-scheduler | |
| cache_from: scheduler | |
| dockerfile: src/scheduler/Dockerfile | |
| - image: bunkerweb-autoconf | |
| cache_from: autoconf | |
| dockerfile: src/autoconf/Dockerfile | |
| - image: bunkerweb-ui | |
| cache_from: ui | |
| dockerfile: src/ui/Dockerfile | |
| uses: ./.github/workflows/push-docker.yml | |
| with: | |
| IMAGE: ${{ matrix.image }} | |
| TAGS: bunkerity/${{ matrix.image }}:${{ matrix.release }},bunkerity/${{ matrix.image }}:${{ needs.wait-builds.outputs.version }},ghcr.io/bunkerity/${{ matrix.image }}:${{ matrix.release }},ghcr.io/bunkerity/${{ matrix.image }}:${{ needs.wait-builds.outputs.version }} | |
| CACHE_FROM: ${{ matrix.cache_from }}-${{ matrix.release }} | |
| DOCKERFILE: ${{ matrix.dockerfile }} | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
| ARM_SSH_KEY: ${{ secrets.ARM_SSH_KEY }} | |
| ARM_SSH_IP: ${{ needs.create-arm.outputs.ip }} | |
| ARM_SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }} | |
| # Push Linux packages | |
| push-packages: | |
| needs: [wait-builds] | |
| strategy: | |
| matrix: | |
| linux: [ubuntu, debian, fedora, el, el9, ubuntu-jammy] | |
| arch: [amd64, arm64] | |
| include: | |
| - release: latest | |
| repo: bunkerweb | |
| - linux: ubuntu | |
| separator: _ | |
| suffix: "" | |
| version: noble | |
| package: deb | |
| - linux: debian | |
| separator: _ | |
| suffix: "" | |
| version: bookworm | |
| package: deb | |
| - linux: fedora | |
| separator: "-" | |
| suffix: "1." | |
| version: 40 | |
| package: rpm | |
| - linux: el | |
| separator: "-" | |
| suffix: "1." | |
| version: 8 | |
| package: rpm | |
| - linux: el9 | |
| separator: "-" | |
| suffix: "1." | |
| version: 9 | |
| package: rpm | |
| - linux: ubuntu-jammy | |
| separator: _ | |
| suffix: "" | |
| version: jammy | |
| package: deb | |
| - linux: ubuntu | |
| arch: amd64 | |
| package_arch: amd64 | |
| - linux: debian | |
| arch: amd64 | |
| package_arch: amd64 | |
| - linux: fedora | |
| arch: amd64 | |
| package_arch: x86_64 | |
| - linux: el | |
| arch: amd64 | |
| package_arch: x86_64 | |
| - linux: el9 | |
| arch: amd64 | |
| package_arch: x86_64 | |
| - linux: ubuntu-jammy | |
| arch: amd64 | |
| package_arch: amd64 | |
| - linux: ubuntu | |
| arch: arm64 | |
| package_arch: arm64 | |
| - linux: debian | |
| arch: arm64 | |
| package_arch: arm64 | |
| - linux: fedora | |
| arch: arm64 | |
| package_arch: aarch64 | |
| - linux: el | |
| arch: arm64 | |
| package_arch: aarch64 | |
| - linux: el9 | |
| arch: arm64 | |
| package_arch: aarch64 | |
| - linux: ubuntu-jammy | |
| arch: arm64 | |
| package_arch: arm64 | |
| uses: ./.github/workflows/push-packagecloud.yml | |
| with: | |
| SEPARATOR: ${{ matrix.separator }} | |
| SUFFIX: ${{ matrix.suffix }} | |
| REPO: ${{ matrix.repo }} | |
| LINUX: ${{ matrix.linux }} | |
| VERSION: ${{ matrix.version }} | |
| PACKAGE: ${{ matrix.package }} | |
| BW_VERSION: ${{ matrix.package == 'rpm' && needs.wait-builds.outputs.versionrpm || needs.wait-builds.outputs.version }} | |
| PACKAGE_ARCH: ${{ matrix.package_arch }} | |
| ARCH: ${{ matrix.arch }} | |
| secrets: | |
| PACKAGECLOUD_TOKEN: ${{ secrets.PACKAGECLOUD_TOKEN }} | |
| # Create doc PDF | |
| doc-pdf: | |
| needs: [wait-builds, push-images, push-packages] | |
| uses: ./.github/workflows/doc-to-pdf.yml | |
| with: | |
| VERSION: ${{ needs.wait-builds.outputs.version }} | |
| # Push on GH | |
| push-gh: | |
| needs: [wait-builds, doc-pdf] | |
| permissions: | |
| contents: write | |
| discussions: write | |
| uses: ./.github/workflows/push-github.yml | |
| with: | |
| VERSION: ${{ needs.wait-builds.outputs.version }} | |
| PRERELEASE: false | |
| # Push doc | |
| push-doc: | |
| needs: [wait-builds, push-gh] | |
| permissions: | |
| contents: write | |
| uses: ./.github/workflows/push-doc.yml | |
| with: | |
| VERSION: ${{ needs.wait-builds.outputs.version }} | |
| ALIAS: latest | |
| secrets: | |
| BUNKERBOT_TOKEN: ${{ secrets.BUNKERBOT_TOKEN }} | |
| # Remove ARM VM | |
| rm-arm: | |
| if: ${{ always() }} | |
| needs: [create-arm, push-images, build-packages] | |
| uses: ./.github/workflows/rm-arm.yml | |
| secrets: | |
| ARM_ID: ${{ needs.create-arm.outputs.id }} | |
| SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} | |
| SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} | |
| SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }} | |
| SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }} |