scripts/.github/workflows/build.yaml at trunk · acrois/scripts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Build Image
on:
  workflow_dispatch:
  push:
concurrency: build-image
env:
  REGISTRY: ghcr.io/
  IMAGE: ${{ github.repository }}
  TAG: ${{ github.sha }}
jobs:
  build_deploy_cached:
    runs-on: ubuntu-latest
    name: Build and Deploy with Cache
    steps:
      - id: registry
        uses: ASzc/change-string-case-action@v1
        with:
          string: ${{ env.REGISTRY }}

      - id: image
        uses: ASzc/change-string-case-action@v1
        with:
          string: ${{ env.IMAGE }}

      - id: tag
        uses: ASzc/change-string-case-action@v1
        with:
          string: ${{ env.TAG }}

      - name: Wait for tagging to succeed
        uses: lewagon/wait-on-check-action@v1.3.3
        with:
          ref: ${{ github.ref }}
          check-name: "Tag revision"
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          wait-interval: 10

      - name: Checkout Code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          submodules: "recursive"

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        id: buildx

      - name: Cache Docker layers
        uses: actions/cache@v4
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-buildx-${{ github.sha }}
          restore-keys: |
            ${{ runner.os }}-buildx

      - name: Login to the Container Registry
        uses: docker/login-action@v2
        with:
          registry: ${{ steps.registry.outputs.lowercase }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v4
        with:
          # context: git
          images: ${{ steps.registry.outputs.lowercase }}${{ steps.image.outputs.lowercase }}
          tags: |
            type=edge,priority=100
            type=sha,priority=200
            type=ref,event=tag,priority=300
            type=raw,priority=150,value=latest,enable={{is_default_branch}}

      # Retrieve all repository tags from the GitHub API using undocumented API call to get all tags
      # https://github.com/actions/github-script
      - name: Get all tags
        id: all-tags
        uses: actions/github-script@v6
        with:
          script: |
            return github.rest.repos.listTags({
              owner: context.repo.owner,
              repo: context.repo.repo,
              per_page: 100
            })

      # Prepare JSON output for Unix command line
      # https://github.com/mad9000/actions-find-and-replace-string
      - name: Format jq result
        id: formatted-jq
        uses: mad9000/actions-find-and-replace-string@2
        with:
          source: ${{ steps.all-tags.outputs.result }}
          find: "'"
          replace: "\\'"

      # Parse Github API output and search for tags only matching the current commit SHA
      - name: Search all tags for commit
        id: tag-results
        run: |
          tags=$( echo '${{ steps.formatted-jq.outputs.value }}' | jq -r ".data | .[] | select( .commit.sha == \"${{ github.sha }}\" ) | .name" | tr '\n' ' ' )
          echo "tags=${tags}" >> $GITHUB_OUTPUT

      # Merge the tag lists from docker/metadata-action and GitHub API
      - name: Build tag list
        id: tag-list
        run: |
          echo ::set-output name=tags::"$(
            echo -n "${{ steps.meta.outputs.tags }}" | tr '\n' ','
            for r in `echo "${{ steps.tag-results.outputs.tags }}" | tr '\n' ' '`; do echo -n ,${{ steps.registry.outputs.lowercase }}${{ steps.image.outputs.lowercase }}:$r | tr '[:upper:]' '[:lower:]'; done
          )"

      - name: Build Image
        uses: docker/build-push-action@v5
        with:
          context: .
          builder: ${{ steps.buildx.outputs.name }}
          push: true
          tags: ${{ steps.tag-list.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          build-args: |
            BUILDTIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
            VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
            REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
          cache-from: type=local,src=/tmp/.buildx-cache
          cache-to: type=local,dest=/tmp/.buildx-cache-new

      # Temp fix
      # https://github.com/docker/build-push-action/issues/252
      # https://github.com/moby/buildkit/issues/1896
      - name: Move cache
        run: |
          rm -rf /tmp/.buildx-cache
          mv /tmp/.buildx-cache-new /tmp/.buildx-cache