librewolf/bunkerized-nginx
4
0
Fork 1
mirror of https://github.com/bunkerity/bunkerized-nginx synced 2023-12-13 21:30:18 +01:00
Code Issues Projects Releases Wiki Activity
bunkerized-nginx/.github/workflows/linux-build.yml

145 lines
4.8 KiB
YAML
Raw Blame History

name: Build Linux package (REUSABLE)
on:
workflow_call:
inputs:
RELEASE:
required: true
type: string
LINUX:
required: true
type: string
PACKAGE:
required: true
type: string
PLATFORMS:
required: true
type: string
TEST:
required: false
type: boolean
default: false
secrets:
DOCKER_USERNAME:
required: true
DOCKER_TOKEN:
required: true
PRIVATE_REGISTRY:
required: true
PRIVATE_REGISTRY_TOKEN:
required: true
ARM_SSH_KEY:
required: false
ARM_SSH_IP:
required: false
ARM_SSH_CONFIG:
required: false
jobs:
build:
runs-on: ubuntu-latest
steps:
# Prepare
- name: Checkout source code
uses: actions/checkout@v3
- name: Extract arch
run : |
echo "ARCH=${{ env.PLATFORMS }}" | sed 's/linux//g' | sed 's@/@@g' >> "$GITHUB_ENV"
env:
PLATFORMS: ${{ inputs.PLATFORMS }}
- name: Extract linux arch
if: inputs.PACKAGE == 'rpm'
run : |
echo "LARCH=${{ env.ARCH }}" | sed 's/amd64/x86_64/g' | sed 's/arm64/aarch64/g' >> "$GITHUB_ENV"
env:
ARCH: ${{ env.ARCH }}
- name: Extract linux arch
if: inputs.PACKAGE == 'deb'
run : |
echo "LARCH=${{ env.ARCH }}" >> "$GITHUB_ENV"
env:
ARCH: ${{ env.ARCH }}
- name: Setup SSH for ARM node
if: startsWith(env.ARCH, 'arm') == true
run: |
mkdir -p ~/.ssh
echo "$SSH_KEY" > ~/.ssh/id_rsa_arm
chmod 600 ~/.ssh/id_rsa_arm
echo "$SSH_CONFIG" | sed "s/SSH_IP/$SSH_IP/g" > ~/.ssh/config
env:
SSH_KEY: ${{ secrets.ARM_SSH_KEY }}
SSH_IP: ${{ secrets.ARM_SSH_IP }}
SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }}
- name: Setup Buildx
uses: docker/setup-buildx-action@v2
if: startsWith(env.ARCH, 'arm') == false
- name: Setup Buildx (ARM)
uses: docker/setup-buildx-action@v2
if: startsWith(env.ARCH, 'arm') == true
with:
endpoint: ssh://root@arm
platforms: linux/arm64,linux/arm/v7,linux/arm/v6
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Login to private repository
uses: docker/login-action@v2
with:
registry: ${{ secrets.PRIVATE_REGISTRY }}
username: registry
password: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# Build staging package image
- name: Build package image
if: inputs.RELEASE == 'staging'
uses: docker/build-push-action@v3
with:
context: .
load: true
file: src/linux/Dockerfile-${{ inputs.LINUX }}
platforms: ${{ inputs.PLATFORMS }}
tags: local/bunkerweb-${{ inputs.LINUX }}:latest
cache-from: type=registry,ref=bunkerity/cache:${{ inputs.LINUX }}-staging
cache-to: type=registry,ref=bunkerity/cache:${{ inputs.LINUX }}-staging,mode=min
# Build non-staging package image
- name: Build package image
if: inputs.RELEASE != 'staging'
uses: docker/build-push-action@v3
with:
context: .
load: true
file: src/linux/Dockerfile-${{ inputs.LINUX }}
platforms: ${{ inputs.PLATFORMS }}
tags: local/bunkerweb-${{ inputs.LINUX }}:latest
# Generate package
- name: Generate package
if: startsWith(env.ARCH, 'arm') == false
run: ./src/linux/package.sh ${{ inputs.LINUX }} ${{ env.LARCH }}
env:
LARCH: ${{ env.LARCH }}
- name: Generate package (ARM)
if: startsWith(env.ARCH, 'arm') == true
run: |
docker save local/bunkerweb-${{ inputs.LINUX }}:latest | ssh -C root@arm docker load
scp ./src/linux/package.sh root@arm:/opt
ssh root@arm chmod +x /opt/package.sh
ssh root@arm /opt/package.sh ${{ inputs.LINUX }} ${{ env.LARCH }}
scp -r root@arm:/root/package-${{ inputs.LINUX }} ./package-${{ inputs.LINUX }}
env:
LARCH: ${{ env.LARCH }}
- uses: actions/upload-artifact@v3
with:
name: package-${{ inputs.LINUX }}-${{ env.LARCH }}
path: package-${{ inputs.LINUX }}/*.${{ inputs.PACKAGE }}
# Build test image
- name: Build test image
if: inputs.TEST == true
uses: docker/build-push-action@v3
with:
context: .
file: tests/linux/Dockerfile-${{ inputs.LINUX }}
platforms: ${{ inputs.PLATFORMS }}
push: true
tags: ${{ secrets.PRIVATE_REGISTRY }}/infra/${{ inputs.LINUX }}-tests:${{ inputs.RELEASE }}
Reference in a new issue View git blame Copy permalink