Updated release workflow again.
Some checks failed
Some checks failed
This commit is contained in:
@@ -5,9 +5,9 @@ on:
|
||||
- 'v*' # v1.2.3, v1.2.3-rc.1, etc.
|
||||
|
||||
jobs:
|
||||
build-and-publish-image:
|
||||
publish-image:
|
||||
name: Build & Publish Image
|
||||
runs-on: [self-hosted, linux, x64, docker] # NAS or any Linux runner with Docker
|
||||
runs-on: [self-hosted, linux, x64, docker]
|
||||
container:
|
||||
image: ghcr.io/catthehacker/ubuntu:act-latest
|
||||
options: >-
|
||||
@@ -15,33 +15,23 @@ jobs:
|
||||
env:
|
||||
REGISTRY: ${{ secrets.REGISTRY_HOST }}
|
||||
OWNER_REPO: ${{ github.repository }}
|
||||
DOCKERFILE: JSMR.Api/Dockerfile
|
||||
CONTEXT: .
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- uses: actions/setup-dotnet@v4
|
||||
with: { dotnet-version: '9.0.x' }
|
||||
|
||||
- run: dotnet restore
|
||||
- run: dotnet publish JSMR/JSMR.Api/JSMR.Api.csproj -c Release -o publish
|
||||
|
||||
- name: Create Dockerfile.ci
|
||||
run: |
|
||||
cat > Dockerfile.ci <<'EOF'
|
||||
FROM mcr.microsoft.com/dotnet/aspnet:9.0
|
||||
WORKDIR /app
|
||||
COPY publish/ ./
|
||||
ENV ASPNETCORE_URLS=http://+:8080
|
||||
EXPOSE 8080
|
||||
ENTRYPOINT ["dotnet", "JSMR.Api.dll"]
|
||||
EOF
|
||||
|
||||
- name: Normalize image name
|
||||
id: names
|
||||
- name: Compute image name + tag + prerelease flag
|
||||
id: meta
|
||||
shell: bash
|
||||
run: |
|
||||
IMAGE_LC="$(echo "${REGISTRY}/${OWNER_REPO}" | tr '[:upper:]' '[:lower:]')"
|
||||
echo "image=${IMAGE_LC}" >> "$GITHUB_OUTPUT"
|
||||
# tag derived from ref, e.g. refs/tags/v1.3.0 -> v1.3.0
|
||||
echo "tag=${GITHUB_REF_NAME}" >> "$GITHUB_OUTPUT"
|
||||
if [[ "${GITHUB_REF_NAME}" == *"-"* ]]; then
|
||||
echo "is_prerelease=true" >> "$GITHUB_OUTPUT"
|
||||
else
|
||||
echo "is_prerelease=false" >> "$GITHUB_OUTPUT"
|
||||
fi
|
||||
|
||||
- name: Docker login
|
||||
run: |
|
||||
@@ -50,59 +40,110 @@ jobs:
|
||||
-u "${{ secrets.REGISTRY_USER }}" \
|
||||
--password-stdin
|
||||
|
||||
- name: Build image
|
||||
run: docker build -f Dockerfile.ci -t "${{ steps.names.outputs.image }}:${{ steps.names.outputs.tag }}" .
|
||||
- name: Enable BuildKit
|
||||
run: echo "DOCKER_BUILDKIT=1" >> $GITHUB_ENV
|
||||
|
||||
- name: Push image
|
||||
- name: Build (from your API Dockerfile)
|
||||
run: |
|
||||
docker push "${{ steps.names.outputs.image }}:${{ steps.names.outputs.tag }}"
|
||||
docker tag "${{ steps.names.outputs.image }}:${{ steps.names.outputs.tag }}" "${{ steps.names.outputs.image }}:latest"
|
||||
docker push "${{ steps.names.outputs.image }}:latest"
|
||||
docker build \
|
||||
-f "$DOCKERFILE" \
|
||||
-t "${{ steps.meta.outputs.image }}:${{ steps.meta.outputs.tag }}" \
|
||||
--label "org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}" \
|
||||
--label "org.opencontainers.image.version=${{ steps.meta.outputs.tag }}" \
|
||||
"$CONTEXT"
|
||||
|
||||
- name: Push (tagged)
|
||||
run: docker push "${{ steps.meta.outputs.image }}:${{ steps.meta.outputs.tag }}"
|
||||
|
||||
- name: Also tag/push :latest for stable tags only
|
||||
if: ${{ steps.meta.outputs.is_prerelease == 'false' }}
|
||||
run: |
|
||||
docker tag "${{ steps.meta.outputs.image }}:${{ steps.meta.outputs.tag }}" "${{ steps.meta.outputs.image }}:latest"
|
||||
docker push "${{ steps.meta.outputs.image }}:latest"
|
||||
|
||||
# Optional: export a tiny text artifact with the image refs (handy for debugging)
|
||||
- name: Emit image refs
|
||||
run: |
|
||||
echo "${{ steps.meta.outputs.image }}:${{ steps.meta.outputs.tag }}" > image.txt
|
||||
if [ "${{ steps.meta.outputs.is_prerelease }}" = "false" ]; then
|
||||
echo "${{ steps.meta.outputs.image }}:latest" >> image.txt
|
||||
fi
|
||||
- uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: api-publish-${{ steps.names.outputs.tag }}
|
||||
path: publish
|
||||
name: image-refs-${{ steps.meta.outputs.tag }}
|
||||
path: image.txt
|
||||
|
||||
create-gitea-release:
|
||||
name: Create Gitea Release
|
||||
needs: build-and-publish-image
|
||||
needs: publish-image
|
||||
runs-on: [self-hosted, linux, x64, docker]
|
||||
container:
|
||||
image: ghcr.io/catthehacker/ubuntu:act-latest
|
||||
options: >-
|
||||
--privileged
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
# simplest notes: use tag message (annotated) and attach image refs
|
||||
- name: Generate basic notes
|
||||
id: notes
|
||||
- name: Install jq (for safe JSON quoting)
|
||||
run: |
|
||||
echo "## Release $GITHUB_REF_NAME" > REL_NOTES.md
|
||||
echo "" >> REL_NOTES.md
|
||||
echo "- Image: ${{ secrets.REGISTRY_HOST }}/${{ github.repository }}:${GITHUB_REF_NAME}" >> REL_NOTES.md
|
||||
echo "- Latest: ${{ secrets.REGISTRY_HOST }}/${{ github.repository }}:latest" >> REL_NOTES.md
|
||||
apt-get update -y
|
||||
apt-get install -y jq curl
|
||||
|
||||
# Gitea has a create-release action too; if not, use API curl
|
||||
- name: Create Release via API
|
||||
- name: Prepare release notes
|
||||
id: notes
|
||||
env:
|
||||
GITEA_BASE: ${{ secrets.GITEA_BASE_URL }} # e.g. https://gitea.example.com
|
||||
TOKEN: ${{ secrets.GITEA_TOKEN }} # personal access token w/ repo write
|
||||
REGISTRY: ${{ secrets.REGISTRY_HOST }}
|
||||
REPO: ${{ github.repository }}
|
||||
shell: bash
|
||||
run: |
|
||||
TAG="${GITHUB_REF_NAME}"
|
||||
IMG="${REGISTRY}/${REPO}:${TAG}"
|
||||
cat > REL_NOTES.md <<EOF
|
||||
## ${TAG}
|
||||
|
||||
**Images**
|
||||
- \`${IMG}\`
|
||||
EOF
|
||||
# Add :latest mention only for stable tags
|
||||
if [[ "$TAG" != *"-"* ]]; then
|
||||
echo "- \`${REGISTRY}/${REPO}:latest\`" >> REL_NOTES.md
|
||||
fi
|
||||
|
||||
- name: Create or Update Release via Gitea API
|
||||
env:
|
||||
GITEA_BASE: ${{ secrets.GITEA_BASE_URL }}
|
||||
TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
shell: bash
|
||||
run: |
|
||||
TAG="${GITHUB_REF_NAME}"
|
||||
BODY="$(cat REL_NOTES.md)"
|
||||
curl -sS -X POST "${GITEA_BASE}/api/v1/repos/${{ github.repository }}/releases" \
|
||||
-H "Authorization: token ${TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d @- <<JSON
|
||||
{
|
||||
"tag_name": "${GITHUB_REF_NAME}",
|
||||
"name": "${GITHUB_REF_NAME}",
|
||||
"body": ${jq@JSON:- <<<'$BODY'},
|
||||
"draft": false,
|
||||
"prerelease": ${GITHUB_REF_NAME##*-rc*:+false}${GITHUB_REF_NAME##*-rc*:-true}
|
||||
}
|
||||
JSON
|
||||
IS_PRERELEASE=false
|
||||
[[ "$TAG" == *"-"* ]] && IS_PRERELEASE=true
|
||||
|
||||
# Try to get existing release by tag
|
||||
set +e
|
||||
EXISTING=$(curl -s -H "Authorization: token ${TOKEN}" "${GITEA_BASE}/api/v1/repos/${{ github.repository }}/releases/tags/${TAG}")
|
||||
STATUS=$?
|
||||
set -e
|
||||
|
||||
if echo "$EXISTING" | jq -e .id >/dev/null 2>&1; then
|
||||
REL_ID=$(echo "$EXISTING" | jq -r .id)
|
||||
# Update
|
||||
curl -sS -X PATCH "${GITEA_BASE}/api/v1/repos/${{ github.repository }}/releases/${REL_ID}" \
|
||||
-H "Authorization: token ${TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$(jq -n --arg t "$TAG" --arg b "$BODY" --argjson pre $IS_PRERELEASE '{name:$t, body:$b, prerelease:$pre}')" >/dev/null
|
||||
else
|
||||
# Create
|
||||
curl -sS -X POST "${GITEA_BASE}/api/v1/repos/${{ github.repository }}/releases" \
|
||||
-H "Authorization: token ${TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$(jq -n --arg t "$TAG" --arg b "$BODY" --argjson pre $IS_PRERELEASE '{tag_name:$t, name:$t, body:$b, draft:false, prerelease:$pre}')" >/dev/null
|
||||
fi
|
||||
|
||||
deploy-api:
|
||||
name: Deploy API (Production)
|
||||
needs: build-and-publish-image
|
||||
needs: publish-image
|
||||
runs-on: [self-hosted, linux, x64, docker] # your Synology runner
|
||||
environment: production # optional: add env protection rules in Gitea
|
||||
steps:
|
||||
|
||||
Reference in New Issue
Block a user