Pi-Farm
b2b2651cac
Some checks failed
Docker Build Smart Logic / Build amd64 & arm64 (push) Failing after 4s
196 lines
6.6 KiB
YAML
196 lines
6.6 KiB
YAML
name: Docker Build Smart Logic
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
tags:
|
|
- 'v*'
|
|
workflow_dispatch:
|
|
|
|
|
|
env:
|
|
REGISTRY_HOST: git.pi-farm.de
|
|
IMAGE_BASE: ${{ gitea.repository }}
|
|
|
|
jobs:
|
|
build:
|
|
name: Build amd64 & arm64
|
|
runs-on: buildx-multiarch
|
|
|
|
steps:
|
|
|
|
- name: Checkout repository
|
|
uses: http://git.pi-farm.de/pi-farm/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
fetch-tags: true
|
|
|
|
- name: Dump context
|
|
run: env | sort
|
|
|
|
- name: Show ref info
|
|
run: |
|
|
echo "REF=$GITHUB_REF"
|
|
echo "REF_TYPE=$GITHUB_REF_TYPE"
|
|
echo "REF_NAME=$GITHUB_REF_NAME"
|
|
|
|
- name: Dynamic Template Fix
|
|
id: template_fix
|
|
run: |
|
|
if grep -q "{{.RepoName}}" README.md 2>/dev/null; then
|
|
echo "Ersetze Platzhalter in README, docker-compose und LICENSE..."
|
|
|
|
REPO_NAME=$(echo "${{ gitea.repository }}" | cut -d'/' -f2)
|
|
OWNER_NAME=$(echo "${{ gitea.repository }}" | cut -d'/' -f1)
|
|
BRANCH_NAME="${{ gitea.ref_name }}"
|
|
|
|
sed -i "s|{{.RepoName}}|${REPO_NAME}|g" README.md docker-compose.yml LICENSE 2>/dev/null || true
|
|
sed -i "s|{{.OwnerName}}|${OWNER_NAME}|g" README.md docker-compose.yml LICENSE 2>/dev/null || true
|
|
sed -i "s|{{.BranchName}}|${BRANCH_NAME}|g" README.md docker-compose.yml LICENSE 2>/dev/null || true
|
|
|
|
git config user.name "Gitea Bot"
|
|
git config user.email "bot@gitea.local"
|
|
git add README.md docker-compose.yml LICENSE
|
|
|
|
if git diff --staged --quiet; then
|
|
echo "Keine Änderungen zum Committen."
|
|
else
|
|
git commit -m "docs: fix template placeholders [skip ci]"
|
|
git push origin HEAD:${{ gitea.ref_name }}
|
|
fi
|
|
else
|
|
echo "Platzhalter bereits ersetzt."
|
|
fi
|
|
|
|
- name: Detect version
|
|
run: |
|
|
if [ "$GITHUB_REF_TYPE" = "tag" ]; then
|
|
VERSION="$GITHUB_REF_NAME"
|
|
CLEAN_VERSION="${VERSION#v}"
|
|
IS_TAG=true
|
|
else
|
|
VERSION="edge"
|
|
CLEAN_VERSION="edge"
|
|
IS_TAG=false
|
|
fi
|
|
|
|
echo "VERSION=$VERSION" >> $GITHUB_ENV
|
|
echo "CLEAN_VERSION=$CLEAN_VERSION" >> $GITHUB_ENV
|
|
echo "IS_TAG=$IS_TAG" >> $GITHUB_ENV
|
|
|
|
- name: Set dynamic variables and check Dockerfiles
|
|
id: check_files
|
|
run: |
|
|
if [ -s "Dockerfile" ]; then
|
|
echo "Dockerfile gefunden und nicht leer. Build wird vorbereitet."
|
|
echo "should_build=true" >> $GITEA_OUTPUT
|
|
else
|
|
echo "Dockerfile ist leer oder fehlt. Build wird übersprungen."
|
|
echo "should_build=false" >> $GITEA_OUTPUT
|
|
exit 0
|
|
fi
|
|
|
|
AMD64_FILE="Dockerfile"
|
|
if [ -s "Dockerfile.aarch64" ]; then
|
|
echo "Spezielles Dockerfile.aarch64 erkannt."
|
|
ARM64_FILE="Dockerfile.aarch64"
|
|
else
|
|
ARM64_FILE="Dockerfile"
|
|
fi
|
|
|
|
echo "IMAGE_NAME=${{ env.REGISTRY_HOST }}/${{ env.IMAGE_BASE }}" >> $GITEA_ENV
|
|
echo "CACHE_IMAGE_NAME=${{ env.REGISTRY_HOST }}/${{ env.IMAGE_BASE }}-cache" >> $GITEA_ENV
|
|
echo "AMD64_DOCKERFILE=$AMD64_FILE" >> $GITEA_ENV
|
|
echo "ARM64_DOCKERFILE=$ARM64_FILE" >> $GITEA_ENV
|
|
echo "BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ)" >> $GITEA_ENV
|
|
|
|
- name: Login to registry
|
|
if: steps.check_files.outputs.should_build == 'true'
|
|
run: |
|
|
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login \
|
|
${{ env.REGISTRY_HOST }} -u ${{ secrets.REGISTRY_USER }} --password-stdin
|
|
|
|
- name: Setup buildx
|
|
if: steps.check_files.outputs.should_build == 'true'
|
|
run: |
|
|
docker buildx rm multiarch || true
|
|
docker buildx create --name multiarch --driver docker-container --use
|
|
docker buildx inspect --bootstrap
|
|
|
|
- name: Compute Docker tags
|
|
run: |
|
|
TAGS="${IMAGE_NAME}:${VERSION}"
|
|
|
|
if [[ "$IS_TAG" == "true" ]]; then
|
|
MAJOR=$(echo $CLEAN_VERSION | cut -d. -f1)
|
|
MINOR=$(echo $CLEAN_VERSION | cut -d. -f1,2)
|
|
|
|
TAGS="$TAGS,${IMAGE_NAME}:${MINOR}"
|
|
TAGS="$TAGS,${IMAGE_NAME}:${MAJOR}"
|
|
TAGS="$TAGS,${IMAGE_NAME}:latest"
|
|
else
|
|
TAGS="$TAGS,${IMAGE_NAME}:main"
|
|
fi
|
|
|
|
echo "DOCKER_TAGS=$TAGS" >> $GITEA_ENV
|
|
|
|
- name: Load versions.env
|
|
id: load_env
|
|
run: |
|
|
echo "Lade versions.env"
|
|
set -a
|
|
. versions.env
|
|
set +a
|
|
# Schreibe die wichtigsten Variablen ins GITEA_ENV für weitere Steps
|
|
echo "BASE_IMAGE=$BASE_IMAGE" >> $GITEA_ENV
|
|
echo "APP_VERSION=$APP_VERSION" >> $GITEA_ENV
|
|
echo "TARGET_PLATFORMS=$TARGET_PLATFORMS" >> $GITEA_ENV
|
|
echo "IMAGE_NAME=${REGISTRY_HOST}/${IMAGE_BASE}" >> $GITEA_ENV
|
|
echo "CACHE_IMAGE_NAME=${REGISTRY_HOST}/${IMAGE_BASE}-cache" >> $GITEA_ENV
|
|
echo "VERSION=${{ gitea.ref_name }}" >> $GITEA_ENV
|
|
echo "BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ)" >> $GITEA_ENV
|
|
|
|
- name: Build & push multiarch
|
|
if: steps.check_files.outputs.should_build == 'true'
|
|
run: |
|
|
echo "== Multiarch Build Start =="
|
|
|
|
# Build amd64
|
|
docker buildx build \
|
|
--platform linux/amd64 \
|
|
-f ${AMD64_DOCKERFILE} \
|
|
--build-arg BASE_IMAGE=$BASE_IMAGE \
|
|
--build-arg APP_VERSION=$APP_VERSION \
|
|
--label org.opencontainers.image.version=$APP_VERSION \
|
|
--label org.opencontainers.image.created=$BUILD_DATE \
|
|
-t ${CACHE_IMAGE_NAME}:${VERSION}-amd64 \
|
|
--push .
|
|
|
|
# Build arm64
|
|
docker buildx build \
|
|
--platform linux/arm64 \
|
|
-f ${ARM64_DOCKERFILE} \
|
|
--build-arg BASE_IMAGE=$BASE_IMAGE \
|
|
--build-arg APP_VERSION=$APP_VERSION \
|
|
--label org.opencontainers.image.version=$APP_VERSION \
|
|
--label org.opencontainers.image.created=$BUILD_DATE \
|
|
-t ${CACHE_IMAGE_NAME}:${VERSION}-arm64 \
|
|
--push .
|
|
|
|
# Merge into manifest
|
|
docker buildx imagetools create -t ${IMAGE_NAME}:${VERSION} \
|
|
${CACHE_IMAGE_NAME}:${VERSION}-amd64 \
|
|
${CACHE_IMAGE_NAME}:${VERSION}-arm64
|
|
|
|
echo "== Multiarch Build Complete =="
|
|
|
|
|
|
- name: Generate SBOM
|
|
run: |
|
|
docker sbom ${IMAGE_NAME}:edge > sbom.spdx.json || true
|
|
|
|
- name: Sign image
|
|
run: cosign sign --key ${{ secrets.COSIGN_KEY }} ${IMAGE_NAME}:v${VERSION}
|
|
|