diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 57564d926..5e05daf1c 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -7,9 +7,7 @@ on: paths: - '.trivy.yaml' - 'Dockerfile' - - 'Dockerfile.next' - 'docker/**' - - 'docker-next/**' - '.github/workflows/docker.yml' release: types: [ published ] @@ -84,119 +82,6 @@ jobs: View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - buildx-next: - if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && github.repository == 'gogs/gogs' }} - concurrency: - group: ${{ github.workflow }}-next-${{ github.ref }} - cancel-in-progress: true - runs-on: ubuntu-latest - permissions: - actions: write - contents: read - packages: write - steps: - - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - with: - platforms: linux/amd64,linux/arm64,linux/arm/v7 - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - - name: Inspect builder - run: | - echo "Name: ${{ steps.buildx.outputs.name }}" - echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" - echo "Status: ${{ steps.buildx.outputs.status }}" - echo "Flags: ${{ steps.buildx.outputs.flags }}" - echo "Platforms: ${{ steps.buildx.outputs.platforms }}" - - name: Login to Docker Hub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Login to GitHub Container registry - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Login to DigitalOcean Container registry - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - with: - registry: registry.digitalocean.com - username: ${{ secrets.DIGITALOCEAN_USERNAME }} - password: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} - - name: Build and push next-gen images - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 - with: - context: . - file: Dockerfile.next - platforms: linux/amd64,linux/arm64,linux/arm/v7 - push: true - tags: | - gogs/gogs:next-latest - ghcr.io/gogs/gogs:next-latest - registry.digitalocean.com/gogs/gogs:next-latest - - name: Scan for container vulnerabilities - uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1 - with: - image-ref: gogs/gogs:next-latest - exit-code: '1' - - name: Send email on failure - uses: dawidd6/action-send-mail@2cea9617b09d79a095af21254fbcb7ae95903dde # v3.12.0 - if: ${{ failure() }} - with: - server_address: smtp.mailgun.org - server_port: 465 - username: ${{ secrets.SMTP_USERNAME }} - password: ${{ secrets.SMTP_PASSWORD }} - subject: GitHub Actions (${{ github.repository }}) job result - to: github-actions-8ce6454@unknwon.io - from: GitHub Actions (${{ github.repository }}) - reply_to: noreply@unknwon.io - body: | - The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}". - - View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - - deploy-demo: - if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && github.repository == 'gogs/gogs' }} - needs: buildx-next - runs-on: ubuntu-latest - permissions: - contents: read - steps: - - name: Configure kubectl - run: | - mkdir -p ~/.kube - echo "${KUBECONFIG}" | base64 -d > ~/.kube/config - env: - KUBECONFIG: ${{ secrets.DIGITALOCEAN_K8S_CLUSTER_KUBECONFIG }} - - name: Restart gogs-demo deployment - timeout-minutes: 5 - run: | - set -ex - kubectl rollout restart deployment gogs-demo -n gogs - kubectl rollout status deployment gogs-demo -n gogs - - name: Send email on failure - uses: dawidd6/action-send-mail@2cea9617b09d79a095af21254fbcb7ae95903dde # v3.12.0 - if: ${{ failure() }} - with: - server_address: smtp.mailgun.org - server_port: 465 - username: ${{ secrets.SMTP_USERNAME }} - password: ${{ secrets.SMTP_PASSWORD }} - subject: GitHub Actions (${{ github.repository }}) job result - to: github-actions-8ce6454@unknwon.io - from: GitHub Actions (${{ github.repository }}) - reply_to: noreply@unknwon.io - body: | - The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}". - - View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - buildx-pull-request: if: ${{ github.event_name == 'pull_request'}} runs-on: ubuntu-latest @@ -236,46 +121,6 @@ jobs: image-ref: ttl.sh/gogs/gogs-${{ steps.short-sha.outputs.sha }}:7d exit-code: '1' - buildx-next-pull-request: - if: ${{ github.event_name == 'pull_request'}} - runs-on: ubuntu-latest - permissions: - contents: read - steps: - - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - with: - config-inline: | - [worker.oci] - max-parallelism = 2 - - name: Inspect builder - run: | - echo "Name: ${{ steps.buildx.outputs.name }}" - echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" - echo "Status: ${{ steps.buildx.outputs.status }}" - echo "Flags: ${{ steps.buildx.outputs.flags }}" - echo "Platforms: ${{ steps.buildx.outputs.platforms }}" - - name: Compute short commit SHA - id: short-sha - uses: benjlevesque/short-sha@599815c8ee942a9616c92bcfb4f947a3b670ab0b # v3.0 - - name: Build and push next-gen images - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 - with: - context: . - file: Dockerfile.next - platforms: linux/amd64 - push: true - tags: | - ttl.sh/gogs/gogs-next-${{ steps.short-sha.outputs.sha }}:7d - - name: Scan for container vulnerabilities - uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1 - with: - image-ref: ttl.sh/gogs/gogs-next-${{ steps.short-sha.outputs.sha }}:7d - exit-code: '1' - # Updates to the following section needs to be synced to all release branches within their lifecycles. buildx-release: if: ${{ github.event_name == 'release' }} @@ -339,84 +184,3 @@ jobs: The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}". View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - - # Updates to the following section needs to be synced to all release branches within their lifecycles. - buildx-next-release: - if: ${{ github.event_name == 'release' }} - runs-on: ubuntu-latest - permissions: - actions: write - contents: read - packages: write - steps: - - name: Compute image tag name - run: echo "IMAGE_TAG=$(echo $GITHUB_REF_NAME | cut -c 2-)" >> $GITHUB_ENV - - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - with: - platforms: linux/amd64,linux/arm64,linux/arm/v7 - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - - name: Inspect builder - run: | - echo "Name: ${{ steps.buildx.outputs.name }}" - echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" - echo "Status: ${{ steps.buildx.outputs.status }}" - echo "Flags: ${{ steps.buildx.outputs.flags }}" - echo "Platforms: ${{ steps.buildx.outputs.platforms }}" - - name: Login to Docker Hub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Login to GitHub Container registry - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push next-gen images - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 - with: - context: . - file: Dockerfile.next - platforms: linux/amd64,linux/arm64,linux/arm/v7 - push: true - tags: | - gogs/gogs:next-${{ env.IMAGE_TAG }} - ghcr.io/gogs/gogs:next-${{ env.IMAGE_TAG }} - - name: Send email on failure - uses: dawidd6/action-send-mail@2cea9617b09d79a095af21254fbcb7ae95903dde # v3.12.0 - if: ${{ failure() }} - with: - server_address: smtp.mailgun.org - server_port: 465 - username: ${{ secrets.SMTP_USERNAME }} - password: ${{ secrets.SMTP_PASSWORD }} - subject: GitHub Actions (${{ github.repository }}) job result - to: github-actions-8ce6454@unknwon.io - from: GitHub Actions (${{ github.repository }}) - reply_to: noreply@unknwon.io - body: | - The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}". - - View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} - - digitalocean-gc: - if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && github.repository == 'gogs/gogs' }} - needs: buildx-next - permissions: - contents: read - uses: ./.github/workflows/digitalocean_gc.yml - secrets: inherit - - digitalocean-gc-pull-request: - if: ${{ github.event_name == 'pull_request' && github.repository == 'gogs/gogs' }} - needs: buildx-next-pull-request - permissions: - contents: read - uses: ./.github/workflows/digitalocean_gc.yml - secrets: inherit