Manual Build & Push #62
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Manual Build & Push | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| BuildImageTag: | |
| description: 'Build Image Tag' | |
| required: true | |
| default: 'latest' | |
| type: choice | |
| options: | |
| - development | |
| - latest | |
| - test | |
| BaseImageTag: | |
| description: 'Base Image Tag' | |
| required: true | |
| default: 'latest' | |
| type: choice | |
| options: | |
| - development | |
| - latest | |
| - platform | |
| BuildPlatform: | |
| description: 'Build Image Platform' | |
| required: false | |
| default: 'N/A' | |
| type: choice | |
| options: | |
| - N/A | |
| - linux/386 | |
| - linux/amd64 | |
| - linux/arm64 | |
| - linux/arm/v7 | |
| - linux/arm/v6 | |
| - linux/riscv64 | |
| UseOldCache: | |
| description: 'Build Image Using Old Cache' | |
| required: true | |
| default: 'true' | |
| type: choice | |
| options: | |
| - true | |
| - false | |
| jobs: | |
| job01: | |
| name: Build and publish | |
| runs-on: ubuntu-latest | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| - | |
| name: Unbound version code | |
| id: unbound_version_code_check | |
| run: | | |
| function validate_version() { | |
| local version="$1" | |
| if [[ ! "$version" =~ ^[0-9]{1}\.[0-9]{2}\.[0-9]{1}$ ]]; then | |
| echo "Error invalid version format: $version" | |
| exit 1 | |
| fi | |
| } | |
| CHECK_VERSION_CODE=$(curl -s https://api.github.com/repos/NLnetLabs/unbound/releases/latest | grep '"name"' | awk -F'"' '{print $4}' | cut -d' ' -f 2) | |
| echo "Unbound Version: $CHECK_VERSION_CODE" | |
| validate_version "$CHECK_VERSION_CODE" | |
| echo VERSION_CODE=$CHECK_VERSION_CODE >> $GITHUB_OUTPUT | |
| - | |
| name: Version code [latest] | |
| if: inputs.BuildImageTag == 'latest' | |
| id: version_code_check_latest | |
| run: | | |
| function validate_version() { | |
| local version="$1" | |
| if [[ ! "$version" =~ ^[0-9]{4}\.[0-9]{2}\.[0-9]{1}$ ]]; then | |
| echo "Error invalid version format: $version" | |
| exit 1 | |
| fi | |
| } | |
| CHECK_VERSION_CODE=$(curl -s https://api.github.com/repos/pi-hole/docker-pi-hole/releases/latest | grep "tag_name" | cut -d'"' -f 4 | tail -n 1) | |
| echo "New Version: $CHECK_VERSION_CODE" | |
| validate_version "$CHECK_VERSION_CODE" | |
| echo VERSION_CODE=$CHECK_VERSION_CODE >> $GITHUB_OUTPUT | |
| - | |
| name: Version code [development] | |
| if: inputs.BuildImageTag == 'development' | |
| id: version_code_check | |
| run: | | |
| CHECK_VERSION_CODE=$(curl -s https://registry.hub.docker.com/v2/repositories/pihole/pihole/tags/${{ inputs.BuildImageTag }} | grep -oP '"tag_last_pushed":"\K[^"]+' | tail -1 | cut -c 1-9 | sed 's/-/./g') | |
| echo "New Version: $CHECK_VERSION_CODE" | |
| echo VERSION_CODE=$CHECK_VERSION_CODE >> $GITHUB_OUTPUT | |
| - | |
| name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - | |
| name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - | |
| name: Docker meta [development] | |
| if: inputs.BuildImageTag == 'development' | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| env: | |
| IMAGE_TAG: ${{ inputs.BuildImageTag }} | |
| with: | |
| images: | | |
| ${{ secrets.DOCKERHUB_NAMESPACE }}/pihole-unbound | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=raw,value=${{ inputs.BuildImageTag }} | |
| - | |
| name: Docker meta [latest] | |
| if: inputs.BuildImageTag == 'latest' | |
| id: meta_latest | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ secrets.DOCKERHUB_NAMESPACE }}/pihole-unbound | |
| flavor: | | |
| latest=true | |
| tags: | | |
| type=raw,value=${{ steps.version_code_check_latest.outputs.VERSION_CODE }}-${{ steps.unbound_version_code_check.outputs.VERSION_CODE }} | |
| - | |
| name: Docker meta [platform] | |
| if: inputs.BuildPlatform != 'N/A' | |
| id: meta_platform | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ secrets.DOCKERHUB_NAMESPACE }}/pihole-unbound | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=raw,value=test | |
| - | |
| name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USER }} | |
| password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }} | |
| - | |
| name: Build and push [latest / use cache] | |
| if: inputs.BuildImageTag == 'latest' && inputs.UseOldCache == 'true' | |
| uses: docker/build-push-action@v6 | |
| env: | |
| IMAGE_TAG: ${{ inputs.BuildImageTag }} | |
| with: | |
| context: ./ | |
| platforms: linux/amd64, linux/arm64, linux/arm/v7, linux/arm/v6 | |
| build-args: BASE_IMG_TAG=${{ inputs.BuildImageTag }} | |
| push: true | |
| tags: ${{ steps.meta_latest.outputs.tags }} | |
| labels: ${{ steps.meta_latest.outputs.labels }} | |
| cache-from: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.${{ inputs.BuildImageTag }} | |
| cache-to: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.${{ inputs.BuildImageTag }},mode=max | |
| - | |
| name: Build and push [latest / no cache] | |
| if: inputs.BuildImageTag == 'latest' && inputs.UseOldCache == 'false' | |
| uses: docker/build-push-action@v6 | |
| env: | |
| IMAGE_TAG: ${{ inputs.BuildImageTag }} | |
| with: | |
| context: ./ | |
| platforms: linux/amd64, linux/arm64, linux/arm/v7, linux/arm/v6 | |
| build-args: BASE_IMG_TAG=${{ inputs.BuildImageTag }} | |
| push: true | |
| tags: ${{ steps.meta_latest.outputs.tags }} | |
| labels: ${{ steps.meta_latest.outputs.labels }} | |
| cache-to: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.${{ inputs.BuildImageTag }},mode=max | |
| - | |
| name: Build and push [development / use cache] | |
| if: inputs.BuildImageTag == 'development' && inputs.UseOldCache == 'true' | |
| uses: docker/build-push-action@v6 | |
| env: | |
| IMAGE_TAG: ${{ inputs.BuildImageTag }} | |
| with: | |
| context: ./ | |
| file: ./Dockerfile-Dev-V6 | |
| platforms: linux/amd64, linux/arm64, linux/arm/v7, linux/arm/v6 | |
| build-args: BASE_IMG_TAG=${{ inputs.BuildImageTag }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.${{ inputs.BuildImageTag }} | |
| cache-to: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.${{ inputs.BuildImageTag }},mode=max | |
| - | |
| name: Build and push [development / no cache] | |
| if: inputs.BuildImageTag == 'development' && inputs.UseOldCache == 'false' | |
| uses: docker/build-push-action@v6 | |
| env: | |
| IMAGE_TAG: ${{ inputs.BuildImageTag }} | |
| with: | |
| context: ./ | |
| file: ./Dockerfile-Dev-V6 | |
| platforms: linux/amd64, linux/arm64, linux/arm/v7, linux/arm/v6 | |
| build-args: BASE_IMG_TAG=${{ inputs.BuildImageTag }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-to: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.${{ inputs.BuildImageTag }},mode=max | |
| - | |
| name: Build and push [platform] | |
| if: inputs.BuildPlatform != 'N/A' | |
| uses: docker/build-push-action@v6 | |
| env: | |
| IMAGE_PLATFORM: ${{ inputs.BuildPlatform }} | |
| with: | |
| context: ./ | |
| platforms: ${{ inputs.BuildPlatform }} | |
| build-args: BASE_IMG_TAG=latest | |
| push: false | |
| tags: ${{ steps.meta_platform.outputs.tags }} | |
| labels: ${{ steps.meta_platform.outputs.labels }} | |
| cache-from: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.test | |
| cache-to: | | |
| type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.test,mode=max | |
| - | |
| name: Create release [Release] | |
| if: inputs.BuildImageTag == 'latest' | |
| uses: svenstaro/upload-release-action@v2 | |
| env: | |
| UNBOUND_RELEASE_URL: https://github.com/NLnetLabs/unbound/releases/tag/release | |
| with: | |
| body: | | |
| ## Versions | |
| Pi-hole: ${{ steps.version_code_check_latest.outputs.VERSION_CODE }} | |
| Unbound: ${{ steps.unbound_version_code_check.outputs.VERSION_CODE }} | |
| ## Docker Tags | |
| | Tag | Type | Description | | |
| | :---: | :---: | :---: | | |
| | `latest` | Stable | Always latest release | | |
| | `${{ steps.version_code_check_latest.outputs.VERSION_CODE }}-${{ steps.unbound_version_code_check.outputs.VERSION_CODE }}` | Stable | Date-based release [Pi-hole Version-Unbound Version] | | |
| ## What's Changed (Docker Image v${{ steps.version_code_check_latest.outputs.VERSION_CODE }}-${{ steps.unbound_version_code_check.outputs.VERSION_CODE }}) | |
| * Check Pi-hole Docker detailed changelog [here.](https://github.com/pi-hole/docker-pi-hole/releases/tag/${{ steps.version_code_check_latest.outputs.VERSION_CODE }}) | |
| * Check Unbound detailed changelog [here.](${{ env.UNBOUND_RELEASE_URL }}-${{ steps.unbound_version_code_check.outputs.VERSION_CODE }}) | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| file: ./digest/digest_base_latest | |
| release_name: ${{ steps.version_code_check_latest.outputs.VERSION_CODE }}-${{ steps.unbound_version_code_check.outputs.VERSION_CODE }} | |
| tag: ${{ steps.version_code_check_latest.outputs.VERSION_CODE }}-${{ steps.unbound_version_code_check.outputs.VERSION_CODE }} | |
| make_latest: true | |
| overwrite: true | |
| - | |
| name: Create release [PreRelease] | |
| if: inputs.BuildImageTag == 'development' | |
| uses: svenstaro/upload-release-action@v2 | |
| env: | |
| UNBOUND_RELEASE_URL: https://github.com/NLnetLabs/unbound/releases/tag/release | |
| with: | |
| body: | | |
| ## Versions | |
| Pi-hole: `${{ inputs.BuildImageTag }}-${{ steps.version_code_check.outputs.VERSION_CODE }}` | |
| Unbound: `${{ steps.unbound_version_code_check.outputs.VERSION_CODE }}` | |
| ## What's Changed (Docker Image ${{ inputs.BuildImageTag }}-${{ steps.version_code_check.outputs.VERSION_CODE }}) | |
| * Check Pi-hole Docker detailed changelog [here.](https://github.com/pi-hole/docker-pi-hole/commits/${{ inputs.BuildImageTag }}) | |
| * Check Unbound detailed changelog [here.](${{ env.UNBOUND_RELEASE_URL }}-${{ steps.unbound_version_code_check.outputs.VERSION_CODE }}) | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| file: ./digest/digest_base_${{ inputs.BuildImageTag }} | |
| release_name: ${{ inputs.BuildImageTag }}-${{ steps.version_code_check.outputs.VERSION_CODE }} | |
| tag: ${{ inputs.BuildImageTag }}-${{ steps.version_code_check.outputs.VERSION_CODE }} | |
| prerelease: true | |
| overwrite: true | |
| - | |
| name: Update digest to file | |
| if: inputs.BuildImageTag != 'test' | |
| run: | | |
| BASE_IMAGE_DIGEST=$(curl -s https://registry.hub.docker.com/v2/repositories/pihole/pihole/tags/${{ inputs.BuildImageTag }} | grep -oP '"digest":"\K[^"]+' | tail -1) | |
| echo "New Base Digest: $BASE_IMAGE_DIGEST" | |
| echo $BASE_IMAGE_DIGEST > ./digest/digest_base_${{ inputs.BuildImageTag }} | |
| curl -O --silent https://nlnetlabs.nl/downloads/unbound/unbound-latest.tar.gz | |
| LATEST_UNBOUND_DIGEST=$(sha256sum unbound-latest.tar.gz | cut -d ' ' -f 1) | |
| echo "New Unbound Digest: $LATEST_UNBOUND_DIGEST" | |
| echo $LATEST_UNBOUND_DIGEST > ./digest/digest_unbound | |
| - | |
| name: Commit files | |
| if: inputs.BuildImageTag != 'test' | |
| run: | | |
| if [[ $(git status) == *"nothing to commit, working tree clean"* ]] || [[ $(git status) == *"nothing added to commit but untracked files present"* ]]; then | |
| exit 0 | |
| fi | |
| git config user.name "GitHub Actions" | |
| git config user.email "[email protected]" | |
| git commit -a -m "Digest Value Updated" | |
| - | |
| name: Push changes to repository | |
| if: inputs.BuildImageTag != 'test' | |
| uses: ad-m/github-push-action@master | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| force: true | |
| - | |
| name: Docker Hub Description | |
| uses: peter-evans/dockerhub-description@v4 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USER }} | |
| password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }} | |
| repository: ${{ secrets.DOCKERHUB_NAMESPACE }}/pihole-unbound | |
| short-description: ${{ github.event.repository.description }} |