BinaryNinja/tvapp2
4
1
Fork 0
mirror of https://github.com/TheBinaryNinja/tvapp2.git synced 2026-06-04 12:35:40 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
577b28cd6dbf7cf232e76dbc834da2a36adae246
tvapp2/.github/workflows/deploy-docker-all.yml

1145 lines
49 KiB
YAML
Executable File
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# #
# @type github workflow
# @author Aetherinox
# @url https://github.com/Aetherinox
# @usage deploys docker container to github, gitea, and dockerhub and send message to discord
# upload this workflow to both the `main` branch of the tvapp2 repository
# @secrets secrets.ADMINSERV_GPG_KEY_ASC gpg private key (armored) | BEGIN PGP PRIVATE KEY BLOCK
# secrets.ADMINSERV_GPG_PASSPHRASE gpg private key passphrase
# secrets.ORG_BINARYNINJA_TOKEN_CL github personal access token (classic) with package:write permission
# secrets.DISCORD_WEBHOOK_CHAN_GITHUB_TVAPP2_RELEASES Discord webhook to report releases from github to discord
# #
name: "📦 Deploy Docker All"
run-name: "📦 Deploy Docker All"
# #
# Triggers
# #
on:
# #
# Trigger Workflow Dispatch
#
# If any values are not provided, will use fallback env variable
# #
workflow_dispatch:
inputs:
# #
# Image Name
#
# used in github image path
# ghcr.io/${{ env.IMAGE_GHCR_AUTHOR }}/${{ env.IMAGE_NAME }}
# #
IMAGE_NAME:
description: '📦 Image Name'
required: true
default: 'tvapp2'
type: string
# #
# Image Version
#
# used to create new release tag, and add version to docker image name
# #
IMAGE_VERSION:
description: '🏷️ Image Version'
required: true
default: '1.0.0'
type: string
# #
# Image Author
#
# used in github image path
# ghcr.io/${{ env.IMAGE_GHCR_AUTHOR }}/${{ env.IMAGE_NAME }}
# #
IMAGE_GHCR_AUTHOR:
description: '🪪 ghcr.io Image Author'
required: true
default: 'TheBinaryNinja'
type: string
# #
# Image ghcr username
#
# this is the user to sign into ghcr as.
# #
IMAGE_GHCR_USERNAME:
description: '🪪 ghcr.io Username'
required: true
default: 'TheBinaryNinja'
type: string
# #
# Dockerhub Author
#
# used in dockerhub image path
# hub.docker.com/r/${{ env.IMAGE_DOCKERHUB_AUTHOR }}/${{ env.IMAGE_NAME }}
# #
IMAGE_DOCKERHUB_AUTHOR:
description: '🪪 Dockerhub Image Author'
required: true
default: 'TheBinaryNinja'
type: string
# #
# Dockerhub Username
#
# this is the user to sign into Dockerhub as.
# this username MUST be lowercase or you will get `unauthorized: incorrect username or password`
# #
IMAGE_DOCKERHUB_USERNAME:
description: '🪪 Dockerhub Username'
required: true
default: 'thebinaryninja'
type: string
# #
# Gitea Author
#
# used in github image path
# git.binaryninja.net/${{ env.IMAGE_GITEA_AUTHOR }}/${{ env.IMAGE_NAME }}
# #
IMAGE_GITEA_AUTHOR:
description: '🪪 Gitea Image Author'
required: true
default: 'BinaryNinja'
type: string
# #
# Gitea Username
#
# this is the user to sign into gitea as.
# #
IMAGE_GITEA_USERNAME:
description: '🪪 Gitea Username'
required: true
default: 'aetherinox'
type: string
# #
# true no changes to the repo will be made
# false workflow will behave normally, and push any changes detected to the files
# #
DRY_RUN:
description: '🐛 Dry Run (Debug)'
required: true
default: false
type: boolean
# #
# true released version will be marked as a development build and will have the v1.x.x-development tag instead of -latest
# false release version will be marked with -latest docker tag
# #
DEV_RELEASE:
description: '🧪 Development Release'
required: true
default: false
type: boolean
# #
# Trigger Push
# #
push:
tags:
- '*'
# #
# Environment Vars
# #
env:
IMAGE_NAME: ${{ github.event.inputs.IMAGE_NAME || 'tvapp2' }}
IMAGE_VERSION: ${{ github.event.inputs.IMAGE_VERSION || '1.0.0' }}
IMAGE_GHCR_USERNAME: ${{ github.event.inputs.IMAGE_GHCR_USERNAME || 'BinaryNinja' }}
IMAGE_GHCR_AUTHOR: ${{ github.event.inputs.IMAGE_GHCR_AUTHOR || 'BinaryNinja' }}
IMAGE_DOCKERHUB_AUTHOR: ${{ github.event.inputs.IMAGE_DOCKERHUB_AUTHOR || 'thebinaryninja' }}
IMAGE_DOCKERHUB_USERNAME: ${{ github.event.inputs.IMAGE_DOCKERHUB_USERNAME || 'thebinaryninja' }}
IMAGE_GITEA_AUTHOR: ${{ github.event.inputs.IMAGE_GITEA_AUTHOR || 'BinaryNinja' }}
IMAGE_GITEA_USERNAME: ${{ github.event.inputs.IMAGE_GITEA_USERNAME || 'BinaryNinja' }}
BOT_NAME_1: EuropaServ
BOT_NAME_DEPENDABOT: dependabot[bot]
# #
# Jobs
#
# The way pushed docker containers on Github work, the most recent image built goes at the top.
# We will use the order below which builds the :latest image last so that it appears at the very
# top of the packages page.
# #
jobs:
# #
# Job Create Tag
# #
job-docker-release-tags-create:
name: >-
📦 Release Create Tag
# runs-on: ubuntu-latest
runs-on: apollo-x64
timeout-minutes: 4
permissions:
contents: write
packages: write
attestations: write
id-token: write
steps:
# #
# Release Tags Start
# #
- name: '🏳️ Start'
id: task_release_tags_start
run: |
echo "Creating Tag"
# #
# Release Tags Checkout
# #
- name: '✅ Checkout'
id: task_release_tags_checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# #
# Release Tags Fix Permissions
# #
- name: '#️⃣ Manage Permissions'
id: task_release_tags_permissions
run: |
find ./ -name 'run' -exec chmod 755 {} \;
WRONG_PERM=$(find ./ -path "./.git" -prune -o \( -name "run" -o -name "finish" -o -name "check" \) -not -perm -u=x,g=x,o=x -print)
if [ -n "${WRONG_PERM}" ]; then
echo "⚠️⚠️⚠️ Permissions are invalid ⚠️⚠️⚠️"
for i in ${WRONG_PERM}; do
echo "::error file=${i},line=1,title=Missing Executable Bit::This file needs to be set as executable!"
done
exit 1
else
echo "✅✅✅ Executable permissions are OK ✅✅✅"
fi
# #
# Release Tags Create Tag
#
# only called in dispatch mode
# #
- uses: rickstaa/action-create-tag@v1
id: task_release_tags_create
if: ( github.event_name != 'workflow_dispatch' && inputs.DRY_RUN == false )
with:
tag: "${{ env.IMAGE_VERSION }}"
tag_exists_error: false
message: '${{ env.IMAGE_NAME }}-${{ env.IMAGE_VERSION }}'
gpg_private_key: ${{ secrets.ADMINSERV_GPG_KEY_ASC }}
gpg_passphrase: ${{ secrets.ADMINSERV_GPG_PASSPHRASE }}
# #
# Job Docker Release Github
# #
job-docker-release-github:
name: >-
📦 Release Github
# runs-on: ubuntu-latest
runs-on: apollo-x64
timeout-minutes: 10
permissions:
contents: write
packages: write
attestations: write
id-token: write
needs: [ job-docker-release-tags-create ]
steps:
# #
# Release Github Start Amd64
# #
- name: '🏳️ Start'
id: task_release_gh_start
run: |
echo "Starting Github docker release"
# #
# Release Github Checkout
# #
- name: '✅ Checkout'
id: task_release_gh_checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# #
# Release Github Get Timestamp
# #
- name: '🕛 Get Timestamp'
id: task_release_set_timestamp
run: |
echo "DOCKER_IMAGE=`echo ${{github.repository}} | tr '[:upper:]' '[:lower:]'`" >> ${GITHUB_ENV}
echo "DOCKER_SHA=${GITHUB_SHA}" >> $GITHUB_ENV
echo "NOW=$(date +'%m-%d-%Y %H:%M:%S')" >> $GITHUB_ENV
echo "NOW_SHORT=$(date +'%m-%d-%Y')" >> $GITHUB_ENV
echo "NOW_LONG=$(date +'%m-%d-%Y %H:%M')" >> $GITHUB_ENV
echo "NOW_DOCKER_LABEL=$(date +'%Y%m%d')" >> $GITHUB_ENV
# #
# Release Github Install Dependencies
# #
- name: '📦 Install Dependencies'
id: task_release_gh_dependencies
run:
sudo apt-get install -qq dos2unix
# #
# Release Github Execute dos2unix
# #
- name: '🔐 Apply dos2unix'
id: task_release_gh_dos2unix
run: |
find ./ \( -path "./.git" -o -path "./docs" -o -path "./.github" -o -path "*.png" -o -path "*.jpg" \) -prune -o -name '*' -print | xargs dos2unix --
# #
# Release Github Fix Permissions
# #
- name: '#️⃣ Manage Permissions'
id: task_release_gh_permissions
run: |
find ./ -name 'run' -exec chmod 755 {} \;
WRONG_PERM=$(find ./ -path "./.git" -prune -o \( -name "run" -o -name "finish" -o -name "check" \) -not -perm -u=x,g=x,o=x -print)
if [ -n "${WRONG_PERM}" ]; then
echo "⚠️⚠️⚠️ Permissions are invalid ⚠️⚠️⚠️"
for i in ${WRONG_PERM}; do
echo "::error file=${i},line=1,title=Missing Executable Bit::This file needs to be set as executable!"
done
exit 1
else
echo "✅✅✅ Executable permissions are OK ✅✅✅"
fi
# #
# Release Github QEMU Amd64
# #
- name: '⚙️ Set up QEMU'
id: task_release_gh_qemu
uses: docker/setup-qemu-action@v3
# #
# Release Github Setup BuildX Amd64
# #
- name: '⚙️ Setup Buildx'
id: task_release_gh_buildx
uses: docker/setup-buildx-action@v3
with:
version: latest
driver-opts: 'image=moby/buildkit:latest'
# #
# Release Github Registry Login Amd64
# #
- name: '⚙️ Login to Github'
id: task_release_gh_registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ env.IMAGE_GHCR_USERNAME }}
password: ${{ secrets.ORG_BINARYNINJA_TOKEN_CL }}
# #
# Release Github Meta
# #
- name: '🔨 Github: Meta'
id: task_release_gh_meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/${{ env.IMAGE_GHCR_AUTHOR }}/${{ env.IMAGE_NAME }}
tags: |
# latest yes
type=raw,value=latest,enable=${{ !inputs.DEV_RELEASE }}
# dispatch add x1.x.x
type=raw,enable=${{ github.event_name == 'workflow_dispatch' && inputs.DEV_RELEASE == false }},priority=300,prefix=,suffix=,value=${{ env.IMAGE_VERSION }}
# dispatch add development
type=raw,enable=${{ github.event_name == 'workflow_dispatch' && inputs.DEV_RELEASE == true }},priority=300,prefix=,suffix=,value=development
# tag add tag
type=ref,enable=${{ github.event_name == 'pull_request' || github.event_name == 'push' }},priority=600,prefix=,suffix=,event=tag
# add development tag to default architecture (amd64)
type=raw,enable=${{ inputs.DEV_RELEASE }},priority=400,prefix=,suffix=,value=development
flavor: |
latest=${{ !inputs.DEV_RELEASE }}
labels: |
org.opencontainers.image.VERSION=${{ env.IMAGE_VERSION }}
org.opencontainers.image.BUILDDATE=${{ env.NOW_DOCKER_LABEL }}
org.opencontainers.image.licenses=MIT
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.vendor=${{ env.IMAGE_GHCR_AUTHOR }}
org.opencontainers.image.ref.name=${{ env.ref_name }}
org.opencontainers.image.development=${{ inputs.DEV_RELEASE == true && 'true' || 'false' }}
# #
# Release Github Build and Push Amd64
# #
- name: '📦 Build & Push (linux/amd64)'
id: task_release_gh_push_amd64
uses: docker/build-push-action@v6
if: ( github.event_name == 'workflow_dispatch' && inputs.DRY_RUN == false ) || ( github.event_name == 'push' )
with:
context: .
file: Dockerfile
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.task_release_gh_meta.outputs.tags }}
labels: ${{ steps.task_release_gh_meta.outputs.labels }}
provenance: false
build-args: |-
ARCH=amd64
# #
# Release Github Build and Push Arm64
# #
- name: '📦 Build & Push (linux/arm64)'
id: task_release_gh_push_arm64
uses: docker/build-push-action@v6
if: ( github.event_name == 'workflow_dispatch' && inputs.DRY_RUN == false ) || ( github.event_name == 'push' )
with:
context: .
file: Dockerfile
platforms: linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.task_release_gh_meta.outputs.tags }}
labels: ${{ steps.task_release_gh_meta.outputs.labels }}
provenance: false
build-args: |-
ARCH=arm64
# #
# Release Github Push Manifest
# #
- name: '📦 Push Manifest'
id: task_release_gh_manifest
uses: int128/docker-manifest-create-action@v2
with:
tags: |
${{ steps.task_release_gh_meta.outputs.tags }}
sources: |
ghcr.io/${{ env.DOCKER_IMAGE }}@${{ steps.task_release_gh_push_amd64.outputs.digest }}
ghcr.io/${{ env.DOCKER_IMAGE }}@${{ steps.task_release_gh_push_arm64.outputs.digest }}
# #
# Release Github Checkpoint
# #
- name: '⚠️ Checkpoint'
id: task_release_gh_checkpoint
run: |
echo "registry ..................... Github"
echo "github.actor.................. ${{ github.actor }}"
echo "github.ref ................... ${{ github.ref }}"
echo "github.ref_name .............. ${{ github.ref_name }}"
echo "github.event_name ............ ${{ github.event_name }}"
echo "inputs.DRY_RUN ............... ${{ inputs.DRY_RUN }}"
echo "env.AUTHOR ................... ${{ env.IMAGE_GHCR_AUTHOR }}"
echo "tags ......................... ${{ steps.task_release_gh_meta.outputs.tags }}"
echo "labels ....................... ${{ steps.task_release_gh_meta.outputs.labels }}"
echo "docker image ................. ${{ env.DOCKER_IMAGE }}"
echo "docker sha ................... ${{ env.DOCKER_SHA }}"
echo "docker image id (amd64) ...... ${{ steps.task_release_gh_push_amd64.outputs.imageid }}"
echo "docker digest (amd64) ........ ${{ steps.task_release_gh_push_amd64.outputs.digest }}"
echo "docker image id (arm64) ...... ${{ steps.task_release_gh_push_arm64.outputs.imageid }}"
echo "docker digest (arm64) ........ ${{ steps.task_release_gh_push_arm64.outputs.digest }}"
# #
# Release Github Get Weekly Commits
# #
- name: '🕛 Get Weekly Commit List'
id: task_release_set_weekly_commit_list
run: |
echo 'WEEKLY_COMMITS<<EOF' >> $GITHUB_ENV
git log --format="[\`%h\`](${{ github.server_url }}/${{ github.repository }}/commit/%H) %s - %an" --since=7.days >> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
# #
# Release Github Notify Github
# #
- name: '🔔 Send Discord Webhook Message'
uses: tsickert/discord-webhook@v6.0.0
if: success()
with:
username: 'Io'
avatar-url: 'https://i.imgur.com/8BVDkla.jpg'
webhook-url: ${{ secrets.DISCORD_WEBHOOK_CHAN_GITHUB_TVAPP2_RELEASES }}
embed-title: "⚙️ ${{ github.workflow_ref }}"
embed-url: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
embed-thumbnail-url: 'https://i.imgur.com/zDIzE8T.jpg'
embed-description: |
### 📦 Deploy (Github) ${{ job.status == 'success' && '✅' || '❌' }} `${{ env.IMAGE_NAME }}-${{ env.IMAGE_VERSION }}${{ inputs.DEV_RELEASE == true && '-development' || '' }}`
${{ inputs.DEV_RELEASE == true && '### ⚠️⚠️ Development / Pre-release ⚠️⚠️' || '' }}
A new version of the docker container `${{ env.IMAGE_NAME }}` has been released from Github to Github GHCR. The image is available at:
- https://github.com/${{ github.repository }}/pkgs/container/${{ env.IMAGE_NAME }}
- Version: `${{ env.IMAGE_VERSION }}`
- Release Type: `${{ inputs.DEV_RELEASE == true && '⚠️⚠️ Development / Pre-release ⚠️⚠️' || 'Stable' }}`
- Pull: `docker pull ghcr.io/${{ env.DOCKER_IMAGE }}:${{ inputs.DEV_RELEASE == true && 'development' || env.IMAGE_VERSION }}`
- Pull (amd64): `docker pull ghcr.io/${{ env.DOCKER_IMAGE }}@${{ steps.task_release_gh_push_amd64.outputs.digest }}`
- Pull (arm64): `docker pull ghcr.io/${{ env.DOCKER_IMAGE }}@${{ steps.task_release_gh_push_arm64.outputs.digest }}`
- Dry Run: `${{ inputs.DRY_RUN }}`
- Source: `Github` https://github.com/${{ github.repository }}
- Docker Image: `${{ env.IMAGE_NAME }}-${{ env.IMAGE_VERSION }}${{ inputs.DEV_RELEASE == true && '-development' || '' }}`
- Branch: `${{ github.ref_name }}`
- Workflow: `${{ github.workflow }} (#${{github.run_number}})`
- Runner: `${{ runner.name }}`
- Triggered By: `${{ github.actor }}`
- Status: `${{ job.status == 'success' && '✅ Successful' || '❌ Failed' }}`
### Tags
-# This docker image will use the following tags:
```
${{ steps.task_release_gh_meta.outputs.tags }}
```
### Labels
-# This docker image embeds the following labels:
```
${{ steps.task_release_gh_meta.outputs.labels }}
```
embed-color: ${{ job.status == 'success' && '5763719' || '15418782' }}
embed-footer-text: "Completed at ${{ env.NOW }} UTC"
embed-timestamp: "${{ env.NOW_LONG }}"
embed-author-name: "${{ github.repository_owner }}"
embed-author-url: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
embed-author-icon-url: "https://avatars.githubusercontent.com/u/200161462"
# #
# Job Docker Release Dockerhub
# #
job-docker-release-dockerhub:
name: >-
📦 Release Dockerhub
# runs-on: ubuntu-latest
runs-on: apollo-x64
timeout-minutes: 10
permissions:
contents: write
packages: write
attestations: write
id-token: write
needs: [ job-docker-release-tags-create ]
steps:
# #
# Release Dockerhub Start Amd64
# #
- name: '🏳️ Start'
id: task_release_dh_start
run: |
echo "Starting Dockerhub docker release"
# #
# Release Dockerhub Checkout Amd64
# #
- name: '✅ Checkout'
id: task_release_dh_checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# #
# Release Dockerhub Get Timestamp
# #
- name: '🕛 Get Timestamp'
id: task_release_set_timestamp
run: |
echo "DOCKER_IMAGE=`echo ${{github.repository}} | tr '[:upper:]' '[:lower:]'`" >> ${GITHUB_ENV}
echo "DOCKER_SHA=${GITHUB_SHA}" >> $GITHUB_ENV
echo "NOW=$(date +'%m-%d-%Y %H:%M:%S')" >> $GITHUB_ENV
echo "NOW_SHORT=$(date +'%m-%d-%Y')" >> $GITHUB_ENV
echo "NOW_LONG=$(date +'%m-%d-%Y %H:%M')" >> $GITHUB_ENV
echo "NOW_DOCKER_LABEL=$(date +'%Y%m%d')" >> $GITHUB_ENV
# #
# Release Dockerhub Install Dependencies
# #
- name: '📦 Install Dependencies'
id: task_release_dh_dependencies
run:
sudo apt-get install -qq dos2unix
# #
# Release Dockerhub Execute dos2unix
# #
- name: '🔐 Apply dos2unix'
id: task_release_dh_dos2unix
run: |
find ./ \( -path "./.git" -o -path "./docs" -o -path "./.github" -o -path "*.png" -o -path "*.jpg" \) -prune -o -name '*' -print | xargs dos2unix --
# #
# Release Dockerhub Fix Permissions
# #
- name: '#️⃣ Manage Permissions'
id: task_release_dh_permissions
run: |
find ./ -name 'run' -exec chmod 755 {} \;
WRONG_PERM=$(find ./ -path "./.git" -prune -o \( -name "run" -o -name "finish" -o -name "check" \) -not -perm -u=x,g=x,o=x -print)
if [ -n "${WRONG_PERM}" ]; then
echo "⚠️⚠️⚠️ Permissions are invalid ⚠️⚠️⚠️"
for i in ${WRONG_PERM}; do
echo "::error file=${i},line=1,title=Missing Executable Bit::This file needs to be set as executable!"
done
exit 1
else
echo "✅✅✅ Executable permissions are OK ✅✅✅"
fi
# #
# Release Dockerhub QEMU Amd64
# #
- name: '⚙️ Set up QEMU'
id: task_release_dh_qemu
uses: docker/setup-qemu-action@v3
# #
# Release Dockerhub Setup BuildX Amd64
# #
- name: '⚙️ Setup Buildx'
id: task_release_dh_buildx
uses: docker/setup-buildx-action@v3
with:
version: latest
driver-opts: 'image=moby/buildkit:latest'
# #
# Release Dockerhub Registry Login Amd64
# #
- name: '⚙️ Login to Dockerhub'
id: task_release_dh_registry
uses: docker/login-action@v3
with:
username: ${{ env.IMAGE_DOCKERHUB_USERNAME }}
password: ${{ secrets.ORG_BINARYNINJA_DOCKERHUB_TOKEN }}
# #
# Release Dockerhub Meta
# #
- name: '🔨 Dockerhub: Meta'
id: task_release_dh_meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.IMAGE_DOCKERHUB_AUTHOR }}/${{ env.IMAGE_NAME }}
tags: |
# latest yes
type=raw,value=latest,enable=${{ !inputs.DEV_RELEASE }}
# dispatch add x1.x.x
type=raw,enable=${{ github.event_name == 'workflow_dispatch' && inputs.DEV_RELEASE == false }},priority=300,prefix=,suffix=,value=${{ env.IMAGE_VERSION }}
# dispatch add development
type=raw,enable=${{ github.event_name == 'workflow_dispatch' && inputs.DEV_RELEASE == true }},priority=300,prefix=,suffix=,value=development
# tag add tag
type=ref,enable=${{ github.event_name == 'pull_request' || github.event_name == 'push' }},priority=600,prefix=,suffix=,event=tag
# add development tag to default architecture (amd64)
type=raw,enable=${{ inputs.DEV_RELEASE }},priority=400,prefix=,suffix=,value=development
flavor: |
latest=${{ !inputs.DEV_RELEASE }}
labels: |
org.opencontainers.image.VERSION=${{ env.IMAGE_VERSION }}
org.opencontainers.image.BUILDDATE=${{ env.NOW_DOCKER_LABEL }}
org.opencontainers.image.licenses=MIT
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.vendor=${{ env.IMAGE_DOCKERHUB_AUTHOR }}
org.opencontainers.image.ref.name=${{ env.ref_name }}
org.opencontainers.image.development=${{ inputs.DEV_RELEASE == true && 'true' || 'false' }}
# #
# Release Dockerhub Build and Push Amd64
# #
- name: '📦 Build & Push (linux/amd64)'
id: task_release_dh_push_amd64
uses: docker/build-push-action@v6
if: ( github.event_name == 'workflow_dispatch' && inputs.DRY_RUN == false ) || ( github.event_name == 'push' )
with:
context: .
file: Dockerfile
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.task_release_dh_meta.outputs.tags }}
labels: ${{ steps.task_release_dh_meta.outputs.labels }}
provenance: false
build-args: |-
ARCH=amd64
# #
# Release Dockerhub Build and Push Arm64
# #
- name: '📦 Build & Push (linux/arm64)'
id: task_release_dh_push_arm64
uses: docker/build-push-action@v6
if: ( github.event_name == 'workflow_dispatch' && inputs.DRY_RUN == false ) || ( github.event_name == 'push' )
with:
context: .
file: Dockerfile
platforms: linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.task_release_dh_meta.outputs.tags }}
labels: ${{ steps.task_release_dh_meta.outputs.labels }}
provenance: false
build-args: |-
ARCH=arm64
# #
# Release Dockerhub Push Manifest
# #
- name: '📦 Push Manifest'
id: task_release_dh_manifest
uses: int128/docker-manifest-create-action@v2
with:
tags: |
${{ steps.task_release_dh_meta.outputs.tags }}
sources: |
${{ env.DOCKER_IMAGE }}@${{ steps.task_release_dh_push_amd64.outputs.digest }}
${{ env.DOCKER_IMAGE }}@${{ steps.task_release_dh_push_arm64.outputs.digest }}
# #
# Release Dockerhub Checkpoint
# #
- name: '⚠️ Checkpoint'
id: task_release_dh_checkpoint
run: |
echo "registry ..................... Dockerhub"
echo "github.actor.................. ${{ github.actor }}"
echo "github.ref ................... ${{ github.ref }}"
echo "github.ref_name .............. ${{ github.ref_name }}"
echo "github.event_name ............ ${{ github.event_name }}"
echo "inputs.DRY_RUN ............... ${{ inputs.DRY_RUN }}"
echo "env.AUTHOR ................... ${{ env.IMAGE_DOCKERHUB_AUTHOR }}"
echo "tags ......................... ${{ steps.task_release_dh_meta.outputs.tags }}"
echo "labels ....................... ${{ steps.task_release_dh_meta.outputs.labels }}"
echo "docker image ................. ${{ env.DOCKER_IMAGE }}"
echo "docker sha ................... ${{ env.DOCKER_SHA }}"
echo "docker image id (amd64) ...... ${{ steps.task_release_dh_push_amd64.outputs.imageid }}"
echo "docker digest (amd64) ........ ${{ steps.task_release_dh_push_amd64.outputs.digest }}"
echo "docker image id (arm64) ...... ${{ steps.task_release_dh_push_arm64.outputs.imageid }}"
echo "docker digest (arm64) ........ ${{ steps.task_release_dh_push_arm64.outputs.digest }}"
# #
# Release Dockerhub Get Weekly Commits
# #
- name: '🕛 Get Weekly Commit List'
id: task_release_set_weekly_commit_list
run: |
echo 'WEEKLY_COMMITS<<EOF' >> $GITHUB_ENV
git log --format="[\`%h\`](${{ github.server_url }}/${{ github.repository }}/commit/%H) %s - %an" --since=7.days >> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
# #
# Release Dockerhub Notify Github
# #
- name: '🔔 Send Discord Webhook Message'
uses: tsickert/discord-webhook@v6.0.0
if: success()
with:
username: 'Io'
avatar-url: 'https://i.imgur.com/8BVDkla.jpg'
webhook-url: ${{ secrets.DISCORD_WEBHOOK_CHAN_GITHUB_TVAPP2_RELEASES }}
embed-title: "⚙️ ${{ github.workflow_ref }}"
embed-url: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
embed-thumbnail-url: 'https://i.imgur.com/zDIzE8T.jpg'
embed-description: |
### 📦 Deploy (Dockerhub) ${{ job.status == 'success' && '✅' || '❌' }} `${{ env.IMAGE_NAME }}-${{ env.IMAGE_VERSION }}${{ inputs.DEV_RELEASE == true && '-development' || '' }}`
${{ inputs.DEV_RELEASE == true && '### ⚠️⚠️ Development / Pre-release ⚠️⚠️' || '' }}
A new version of the docker container `${{ env.IMAGE_NAME }}` has been released from Github to Dockerhub. The image is available at:
- https://hub.docker.com/r/${{ env.IMAGE_DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}
- Version: `${{ env.IMAGE_VERSION }}`
- Release Type: `${{ inputs.DEV_RELEASE == true && '⚠️⚠️ Development / Pre-release ⚠️⚠️' || 'Stable' }}`
- Pull: `docker pull ${{ env.DOCKER_IMAGE }}:${{ inputs.DEV_RELEASE == true && 'development' || env.IMAGE_VERSION }}`
- Pull (amd64): `docker pull ${{ env.DOCKER_IMAGE }}@${{ steps.task_release_dh_push_amd64.outputs.digest }}`
- Pull (arm64): `docker pull ${{ env.DOCKER_IMAGE }}@${{ steps.task_release_dh_push_arm64.outputs.digest }}`
- Dry Run: `${{ inputs.DRY_RUN }}`
- Source: `Dockerhub` https://hub.docker.com/r/${{ env.IMAGE_DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}
- Docker Image: `${{ env.IMAGE_NAME }}-${{ env.IMAGE_VERSION }}${{ inputs.DEV_RELEASE == true && '-development' || '' }}`
- Branch: `${{ github.ref_name }}`
- Workflow: `${{ github.workflow }} (#${{github.run_number}})`
- Runner: `${{ runner.name }}`
- Triggered By: `${{ github.actor }}`
- Status: `${{ job.status == 'success' && '✅ Successful' || '❌ Failed' }}`
### Tags
-# This docker image will use the following tags:
```
${{ steps.task_release_dh_meta.outputs.tags }}
```
### Labels
-# This docker image embeds the following labels:
```
${{ steps.task_release_dh_meta.outputs.labels }}
```
embed-color: ${{ job.status == 'success' && '5763719' || '15418782' }}
embed-footer-text: "Completed at ${{ env.NOW }} UTC"
embed-timestamp: "${{ env.NOW_LONG }}"
embed-author-name: "${{ github.repository_owner }}"
embed-author-url: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
embed-author-icon-url: "https://avatars.githubusercontent.com/u/200161462"
# #
# Job Docker Release Gitea
# #
job-docker-release-gitea:
name: >-
📦 Release Gitea
# runs-on: ubuntu-latest
runs-on: apollo-x64
timeout-minutes: 10
permissions:
contents: write
packages: write
attestations: write
id-token: write
needs: [ job-docker-release-tags-create ]
steps:
# #
# Release Gitea Start Amd64
# #
- name: '🏳️ Start'
id: task_release_gi_start
run: |
echo "Starting Gitea docker release"
# #
# Release Gitea Checkout Amd64
# #
- name: '✅ Checkout'
id: task_release_gi_checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# #
# Release Gitea Get Timestamp
# #
- name: '🕛 Get Timestamp'
id: task_release_set_timestamp
run: |
echo "DOCKER_IMAGE=`echo ${{github.repository}} | tr '[:upper:]' '[:lower:]'`" >> ${GITHUB_ENV}
echo "DOCKER_SHA=${GITHUB_SHA}" >> $GITHUB_ENV
echo "NOW=$(date +'%m-%d-%Y %H:%M:%S')" >> $GITHUB_ENV
echo "NOW_SHORT=$(date +'%m-%d-%Y')" >> $GITHUB_ENV
echo "NOW_LONG=$(date +'%m-%d-%Y %H:%M')" >> $GITHUB_ENV
echo "NOW_DOCKER_LABEL=$(date +'%Y%m%d')" >> $GITHUB_ENV
# #
# Release Gitea Install Dependencies
# #
- name: '📦 Install Dependencies'
id: task_release_gi_dependencies
run:
sudo apt-get install -qq dos2unix
# #
# Release Gitea Execute dos2unix
# #
- name: '🔐 Apply dos2unix'
id: task_release_gi_dos2unix
run: |
find ./ \( -path "./.git" -o -path "./docs" -o -path "./.github" -o -path "*.png" -o -path "*.jpg" \) -prune -o -name '*' -print | xargs dos2unix --
# #
# Release Gitea Fix Permissions
# #
- name: '#️⃣ Manage Permissions'
id: task_release_gi_permissions
run: |
find ./ -name 'run' -exec chmod 755 {} \;
WRONG_PERM=$(find ./ -path "./.git" -prune -o \( -name "run" -o -name "finish" -o -name "check" \) -not -perm -u=x,g=x,o=x -print)
if [ -n "${WRONG_PERM}" ]; then
echo "⚠️⚠️⚠️ Permissions are invalid ⚠️⚠️⚠️"
for i in ${WRONG_PERM}; do
echo "::error file=${i},line=1,title=Missing Executable Bit::This file needs to be set as executable!"
done
exit 1
else
echo "✅✅✅ Executable permissions are OK ✅✅✅"
fi
# #
# Release Gitea QEMU Amd64
# #
- name: '⚙️ Set up QEMU'
id: task_release_gi_qemu
uses: docker/setup-qemu-action@v3
# #
# Release Gitea Setup BuildX Amd64
# #
- name: '⚙️ Setup Buildx'
id: task_release_gi_buildx
uses: docker/setup-buildx-action@v3
with:
version: latest
driver-opts: 'image=moby/buildkit:latest'
# #
# Release Gitea Registry Login Amd64
# #
- name: '⚙️ Login to Gitea'
id: task_release_gi_registry
uses: docker/login-action@v3
with:
registry: git.binaryninja.net
username: ${{ env.IMAGE_GITEA_USERNAME }}
password: ${{ secrets.ORG_BINARYNINJA_GITEA_TOKEN }}
# #
# Release Gitea Meta
# #
- name: '🔨 Gitea: Meta'
id: task_release_gi_meta
uses: docker/metadata-action@v5
with:
images: |
git.binaryninja.net/${{ env.IMAGE_GITEA_AUTHOR }}/${{ env.IMAGE_NAME }}
tags: |
# latest yes
type=raw,value=latest,enable=${{ !inputs.DEV_RELEASE }}
# dispatch add x1.x.x
type=raw,enable=${{ github.event_name == 'workflow_dispatch' && inputs.DEV_RELEASE == false }},priority=300,prefix=,suffix=,value=${{ env.IMAGE_VERSION }}
# dispatch add development
type=raw,enable=${{ github.event_name == 'workflow_dispatch' && inputs.DEV_RELEASE == true }},priority=300,prefix=,suffix=,value=development
# tag add tag
type=ref,enable=${{ github.event_name == 'pull_request' || github.event_name == 'push' }},priority=600,prefix=,suffix=,event=tag
# add development tag to default architecture (amd64)
type=raw,enable=${{ inputs.DEV_RELEASE }},priority=400,prefix=,suffix=,value=development
flavor: |
latest=${{ !inputs.DEV_RELEASE }}
labels: |
org.opencontainers.image.VERSION=${{ env.IMAGE_VERSION }}
org.opencontainers.image.BUILDDATE=${{ env.NOW_DOCKER_LABEL }}
org.opencontainers.image.licenses=MIT
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.vendor=${{ env.IMAGE_GITEA_AUTHOR }}
org.opencontainers.image.ref.name=${{ env.ref_name }}
org.opencontainers.image.development=${{ inputs.DEV_RELEASE == true && 'true' || 'false' }}
# #
# Release Gitea Build and Push Amd64
# #
- name: '📦 Build & Push (linux/amd64)'
id: task_release_gi_push_amd64
uses: docker/build-push-action@v6
if: ( github.event_name == 'workflow_dispatch' && inputs.DRY_RUN == false ) || ( github.event_name == 'push' )
with:
context: .
file: Dockerfile
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.task_release_gi_meta.outputs.tags }}
labels: ${{ steps.task_release_gi_meta.outputs.labels }}
provenance: false
build-args: |-
ARCH=amd64
# #
# Release Gitea Build and Push Arm64
# #
- name: '📦 Build & Push (linux/arm64)'
id: task_release_gi_push_arm64
uses: docker/build-push-action@v6
if: ( github.event_name == 'workflow_dispatch' && inputs.DRY_RUN == false ) || ( github.event_name == 'push' )
with:
context: .
file: Dockerfile
platforms: linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.task_release_gi_meta.outputs.tags }}
labels: ${{ steps.task_release_gi_meta.outputs.labels }}
provenance: false
build-args: |-
ARCH=arm64
# #
# Release Gitea Push Manifest
# #
- name: '📦 Push Manifest'
id: task_release_gi_manifest
uses: int128/docker-manifest-create-action@v2
with:
tags: |
${{ steps.task_release_gi_meta.outputs.tags }}
sources: |
git.binaryninja.net/${{ env.DOCKER_IMAGE }}@${{ steps.task_release_gi_push_amd64.outputs.digest }}
git.binaryninja.net/${{ env.DOCKER_IMAGE }}@${{ steps.task_release_gi_push_arm64.outputs.digest }}
# #
# Release Gitea Checkpoint
# #
- name: '⚠️ Checkpoint'
id: task_release_gi_checkpoint
run: |
echo "registry ..................... Gitea"
echo "github.actor.................. ${{ github.actor }}"
echo "github.ref ................... ${{ github.ref }}"
echo "github.ref_name .............. ${{ github.ref_name }}"
echo "github.event_name ............ ${{ github.event_name }}"
echo "inputs.DRY_RUN ............... ${{ inputs.DRY_RUN }}"
echo "env.AUTHOR ................... ${{ env.IMAGE_GITEA_AUTHOR }}"
echo "tags ......................... ${{ steps.task_release_gi_meta.outputs.tags }}"
echo "labels ....................... ${{ steps.task_release_gi_meta.outputs.labels }}"
echo "docker image ................. ${{ env.DOCKER_IMAGE }}"
echo "docker sha ................... ${{ env.DOCKER_SHA }}"
echo "docker image id (amd64) ...... ${{ steps.task_release_gi_push_amd64.outputs.imageid }}"
echo "docker digest (amd64) ........ ${{ steps.task_release_gi_push_amd64.outputs.digest }}"
echo "docker image id (arm64) ...... ${{ steps.task_release_gi_push_arm64.outputs.imageid }}"
echo "docker digest (arm64) ........ ${{ steps.task_release_gi_push_arm64.outputs.digest }}"
# #
# Release Gitea Get Weekly Commits
# #
- name: '🕛 Get Weekly Commit List'
id: task_release_set_weekly_commit_list
run: |
echo 'WEEKLY_COMMITS<<EOF' >> $GITHUB_ENV
git log --format="[\`%h\`](${{ github.server_url }}/${{ github.repository }}/commit/%H) %s - %an" --since=7.days >> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
# #
# Release Gitea Notify Gitea
# #
- name: '🔔 Send Discord Webhook Message'
uses: tsickert/discord-webhook@v6.0.0
if: success()
with:
username: 'Io'
avatar-url: 'https://i.imgur.com/8BVDkla.jpg'
webhook-url: ${{ secrets.DISCORD_WEBHOOK_CHAN_GITHUB_TVAPP2_RELEASES }}
embed-title: "⚙️ ${{ github.workflow_ref }}"
embed-url: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
embed-thumbnail-url: 'https://i.imgur.com/zDIzE8T.jpg'
embed-description: |
### 📦 Deploy (Gitea) ${{ job.status == 'success' && '✅' || '❌' }} `${{ env.IMAGE_NAME }}-${{ env.IMAGE_VERSION }}${{ inputs.DEV_RELEASE == true && '-development' || '' }}`
${{ inputs.DEV_RELEASE == true && '### ⚠️⚠️ Development / Pre-release ⚠️⚠️' || '' }}
A new version of the docker container `${{ env.IMAGE_NAME }}` has been released from Github to Gitea. The image is available at:
- https://git.binaryninja.net/${{ env.IMAGE_GITEA_USERNAME }}/${{ env.IMAGE_NAME }}/packages
- Version: `${{ env.IMAGE_VERSION }}`
- Release Type: `${{ inputs.DEV_RELEASE == true && '⚠️⚠️ Development / Pre-release ⚠️⚠️' || 'Stable' }}`
- Pull: `docker pull git.binaryninja.net/${{ env.DOCKER_IMAGE }}:${{ inputs.DEV_RELEASE == true && 'development' || env.IMAGE_VERSION }}`
- Pull (amd64): `docker pull git.binaryninja.net/${{ env.DOCKER_IMAGE }}@${{ steps.task_release_gi_push_amd64.outputs.digest }}`
- Pull (arm64): `docker pull git.binaryninja.net/${{ env.DOCKER_IMAGE }}@${{ steps.task_release_gi_push_arm64.outputs.digest }}`
- Dry Run: `${{ inputs.DRY_RUN }}`
- Source: `Gitea` https://git.binaryninja.net/${{ env.IMAGE_GITEA_USERNAME }}/${{ env.IMAGE_NAME }}/packages
- Docker Image: `${{ env.IMAGE_NAME }}-${{ env.IMAGE_VERSION }}${{ inputs.DEV_RELEASE == true && '-development' || '' }}`
- Branch: `${{ github.ref_name }}`
- Workflow: `${{ github.workflow }} (#${{github.run_number}})`
- Runner: `${{ runner.name }}`
- Triggered By: `${{ github.actor }}`
- Status: `${{ job.status == 'success' && '✅ Successful' || '❌ Failed' }}`
### Tags
-# This docker image will use the following tags:
```
${{ steps.task_release_gi_meta.outputs.tags }}
```
### Labels
-# This docker image embeds the following labels:
```
${{ steps.task_release_gi_meta.outputs.labels }}
```
embed-color: ${{ job.status == 'success' && '5763719' || '15418782' }}
embed-footer-text: "Completed at ${{ env.NOW }} UTC"
embed-timestamp: "${{ env.NOW_LONG }}"
embed-author-name: "${{ github.repository_owner }}"
embed-author-url: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
embed-author-icon-url: "https://avatars.githubusercontent.com/u/200161462"
Reference in New Issue View Git Blame Copy Permalink