9584baa208
All checks were successful
itom-platform auto build image / build (push) Successful in 2m40s
181 lines
5.8 KiB
YAML
181 lines
5.8 KiB
YAML
name: itom-platform auto build image
|
|
# itom-platform:auto-ci-managed
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- dev
|
|
workflow_dispatch: {}
|
|
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
|
|
env:
|
|
CI_TRIGGER_MODE_VAR: ${{ vars.CI_TRIGGER_MODE }}
|
|
CI_TRIGGER_MODE_SECRET: ${{ secrets.CI_TRIGGER_MODE }}
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
|
|
env:
|
|
REGISTRY: docker.io
|
|
IMAGE: docker.io/kim6789/chat-deploy
|
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
|
|
|
steps:
|
|
- name: Check trigger mode
|
|
shell: sh
|
|
run: |
|
|
set -eu
|
|
MODE="${CI_TRIGGER_MODE_VAR:-${CI_TRIGGER_MODE_SECRET:-dispatch}}"
|
|
MODE=$(echo "$MODE" | tr 'A-Z' 'a-z')
|
|
EVENT="${GITHUB_EVENT_NAME:-${GITEA_EVENT_NAME:-}}"
|
|
EVENT=$(echo "$EVENT" | tr 'A-Z' 'a-z')
|
|
ALLOW="false"
|
|
case "$EVENT" in
|
|
workflow_dispatch|manual)
|
|
if [ "$MODE" = "dispatch" ] || [ "$MODE" = "both" ]; then
|
|
ALLOW="true"
|
|
fi
|
|
;;
|
|
push)
|
|
if [ "$MODE" = "push" ] || [ "$MODE" = "both" ]; then
|
|
ALLOW="true"
|
|
fi
|
|
;;
|
|
*)
|
|
if [ "$MODE" = "dispatch" ] || [ "$MODE" = "both" ]; then
|
|
ALLOW="true"
|
|
fi
|
|
;;
|
|
esac
|
|
echo "CI_TRIGGER_MODE=$MODE" >> "$GITHUB_ENV"
|
|
echo "CI_TRIGGER_ALLOWED=$ALLOW" >> "$GITHUB_ENV"
|
|
if [ "$ALLOW" != "true" ]; then
|
|
echo "Skip build: event=$EVENT mode=$MODE"
|
|
fi
|
|
|
|
- name: Install git
|
|
if: ${{ env.CI_TRIGGER_ALLOWED == 'true' }}
|
|
shell: sh
|
|
run: |
|
|
set -eu
|
|
if ! command -v git >/dev/null 2>&1; then
|
|
apk add --no-cache git openssh-client ca-certificates || apt-get update && apt-get install -y git
|
|
fi
|
|
|
|
- name: Checkout
|
|
if: ${{ env.CI_TRIGGER_ALLOWED == 'true' }}
|
|
shell: sh
|
|
env:
|
|
GIT_USER: ${{ secrets.GIT_USER }}
|
|
GIT_TOKEN: ${{ secrets.GIT_TOKEN }}
|
|
run: |
|
|
set -eu
|
|
WORKDIR="${GITHUB_WORKSPACE:-/workspace}"
|
|
mkdir -p "$WORKDIR"
|
|
REPO="${GITHUB_REPOSITORY:-${GITEA_REPOSITORY:-}}"
|
|
SERVER="${GITHUB_SERVER_URL:-${GITEA_SERVER_URL:-https://git.imall.cloud}}"
|
|
if [ -z "$REPO" ]; then
|
|
echo "ERROR: missing repository info."
|
|
exit 1
|
|
fi
|
|
USER=""
|
|
TOKEN=""
|
|
if [ -n "${GIT_USER:-}" ] && [ -n "${GIT_TOKEN:-}" ]; then
|
|
USER="$GIT_USER"
|
|
TOKEN="$GIT_TOKEN"
|
|
elif [ -n "${GITEA_TOKEN:-}" ]; then
|
|
USER="${GITEA_ACTOR:-${GITHUB_ACTOR:-}}"
|
|
TOKEN="$GITEA_TOKEN"
|
|
elif [ -n "${GITHUB_TOKEN:-}" ]; then
|
|
USER="${GITHUB_ACTOR:-}"
|
|
TOKEN="$GITHUB_TOKEN"
|
|
fi
|
|
if [ -n "$TOKEN" ] && [ -n "$USER" ]; then
|
|
AUTH_HOST="${SERVER#https://}"
|
|
AUTH_HOST="${AUTH_HOST#http://}"
|
|
git clone "https://${USER}:${TOKEN}@${AUTH_HOST}/${REPO}.git" "$WORKDIR"
|
|
else
|
|
git clone "${SERVER}/${REPO}.git" "$WORKDIR"
|
|
fi
|
|
cd "$WORKDIR"
|
|
SHA="${GITHUB_SHA:-${GITEA_SHA:-}}"
|
|
if [ -n "$SHA" ]; then
|
|
git checkout "$SHA"
|
|
fi
|
|
|
|
- name: Prepare tags
|
|
if: ${{ env.CI_TRIGGER_ALLOWED == 'true' }}
|
|
shell: sh
|
|
run: |
|
|
set -eu
|
|
BRANCH="${GITHUB_REF_NAME:-${GITEA_REF_NAME:-}}"
|
|
if [ -z "$BRANCH" ]; then
|
|
BRANCH=$(echo "${GITHUB_REF:-${GITEA_REF:-}}" | sed 's#.*/##')
|
|
fi
|
|
BRANCH=$(echo "$BRANCH" | tr '/' '-')
|
|
SHA="${GITHUB_SHA:-${GITEA_SHA:-}}"
|
|
SHA_SHORT=$(echo "$SHA" | cut -c1-7)
|
|
echo "BRANCH=$BRANCH" >> "$GITHUB_ENV"
|
|
echo "SHA_SHORT=$SHA_SHORT" >> "$GITHUB_ENV"
|
|
|
|
- name: Resolve Dockerfile
|
|
if: ${{ env.CI_TRIGGER_ALLOWED == 'true' }}
|
|
shell: sh
|
|
run: |
|
|
set -eu
|
|
DOCKERFILE_PATH="${DOCKERFILE_PATH:-}"
|
|
BUILD_CONTEXT="${BUILD_CONTEXT:-.}"
|
|
if [ -z "$DOCKERFILE_PATH" ]; then
|
|
for candidate in Dockerfile docker/Dockerfile .docker/Dockerfile build/Dockerfile; do
|
|
if [ -f "$candidate" ]; then
|
|
DOCKERFILE_PATH="$candidate"
|
|
break
|
|
fi
|
|
done
|
|
fi
|
|
if [ -z "$DOCKERFILE_PATH" ]; then
|
|
echo "ERROR: Dockerfile not found."
|
|
exit 1
|
|
fi
|
|
echo "DOCKERFILE_PATH=$DOCKERFILE_PATH" >> "$GITHUB_ENV"
|
|
echo "BUILD_CONTEXT=$BUILD_CONTEXT" >> "$GITHUB_ENV"
|
|
|
|
- name: Login registry
|
|
if: ${{ env.CI_TRIGGER_ALLOWED == 'true' }}
|
|
shell: sh
|
|
env:
|
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
|
run: |
|
|
set -eu
|
|
if [ -z "${DOCKER_USERNAME:-}" ] || [ -z "${DOCKER_PASSWORD:-}" ]; then
|
|
echo "ERROR: Missing Docker Hub credentials."
|
|
exit 1
|
|
fi
|
|
echo "$DOCKER_PASSWORD" | docker login "$REGISTRY" -u "$DOCKER_USERNAME" --password-stdin
|
|
|
|
- name: Build and push images
|
|
if: ${{ env.CI_TRIGGER_ALLOWED == 'true' }}
|
|
shell: sh
|
|
run: |
|
|
set -eu
|
|
cd "${GITHUB_WORKSPACE:-/workspace}"
|
|
IMAGE_BRANCH_TAG="$IMAGE:${BRANCH}"
|
|
IMAGE_SHA_TAG="$IMAGE:sha-${SHA_SHORT}"
|
|
|
|
echo "Building image..."
|
|
docker build -t "$IMAGE_BRANCH_TAG" -t "$IMAGE_SHA_TAG" -f "$DOCKERFILE_PATH" "$BUILD_CONTEXT"
|
|
|
|
echo "Pushing $IMAGE_BRANCH_TAG..."
|
|
docker push "$IMAGE_BRANCH_TAG"
|
|
|
|
echo "Pushing $IMAGE_SHA_TAG..."
|
|
docker push "$IMAGE_SHA_TAG"
|
|
|
|
echo "Build and push completed successfully."
|