a long shot #54
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
# Trigger the workflow on the new 'v*' tag created | |
push: | |
tags: | |
- "v*" | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
target: ["linux-static", "linux-arm-static"] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: cachix/install-nix-action@v26 | |
with: | |
extra_nix_config: | | |
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= loony-tools:pr9m4BkM/5/eSTZlkQyRt57Jz7OMBxNSUiMC4FkcNfk= | |
substituters = https://cache.nixos.org/ https://cache.iog.io https://cache.zw3rk.com | |
- uses: cachix/cachix-action@v14 | |
with: | |
name: hadolint | |
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
pushFilter: '(-source$|-config$|-hadolint-root$|hadolint-gitFiles|git-ls-files|hadolint-exe-hadolint-x86_64-unknown-linux-musl-|hadolint-exe-hadolint-aarch64-unknown-linux-musl-|hadolint-lib-hadolint-x86_64-unknown-linux-musl-|hadolint-lib-hadolint-aarch64-unknown-linux-musl-)' | |
- name: Build | |
run: | | |
nix-build release.nix -A "${{matrix.target}}" -j3 | |
- name: Set binary ARCH | |
id: build-opts | |
run: | | |
if [ "${{ matrix.target }}" = 'linux-static' ]; then | |
echo ::set-output name=arch::amd64 | |
else | |
echo ::set-output name=arch::arm64 | |
fi | |
- name: Move binary | |
run: | | |
sudo cp result/bin/hadolint hadolint | |
sudo chmod 777 hadolint | |
- if: matrix.target == 'linux-static' | |
name: Compress binary | |
uses: svenstaro/upx-action@2.2.0 | |
with: | |
file: hadolint | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: hadolint-Linux-${{steps.build-opts.outputs.arch}} | |
path: hadolint | |
retention-days: 3 | |
docker: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
target: ["amd64", "arm64"] | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Download Artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: hadolint-Linux-${{matrix.target}} | |
path: ${{matrix.target}} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GHCR_IO_REGISTRY_TOKEN }} | |
- name: Login to DockerHub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Push Docker Image Scratch | |
uses: docker/build-push-action@v4 | |
with: | |
context: ${{matrix.target}} | |
file: docker/Dockerfile | |
platforms: linux/${{matrix.target}} | |
target: base | |
push: true | |
tags: | | |
ghcr.io/hadolint/hadolint:${{github.sha}}-${{matrix.target}} | |
hadolint/hadolint:${{github.sha}}-${{matrix.target}} | |
- name: Push Docker Image Debian | |
uses: docker/build-push-action@v4 | |
with: | |
context: ${{matrix.target}} | |
file: docker/Dockerfile | |
platforms: linux/${{matrix.target}} | |
target: debian | |
push: true | |
tags: | | |
ghcr.io/hadolint/hadolint:${{github.sha}}-debian-${{matrix.target}} | |
hadolint/hadolint:${{github.sha}}-debian-${{matrix.target}} | |
- name: Push Docker Image Alpine | |
uses: docker/build-push-action@v4 | |
with: | |
context: ${{matrix.target}} | |
file: docker/Dockerfile | |
platforms: linux/${{matrix.target}} | |
target: alpine | |
push: true | |
tags: | | |
ghcr.io/hadolint/hadolint:${{github.sha}}-alpine-${{matrix.target}} | |
hadolint/hadolint:${{github.sha}}-alpine-${{matrix.target}} | |
docker-release: | |
needs: docker | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
distro: ["scratch", "alpine", "debian"] | |
steps: | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to DockerHub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GHCR_IO_REGISTRY_TOKEN }} | |
- name: Set target and tag | |
id: build-opts | |
run: | | |
if [ "${{ matrix.distro }}" = 'scratch' ]; then | |
echo ::set-output name=target::${{github.sha}} | |
echo ::set-output name=latest::latest | |
echo ::set-output name=tag::"${GITHUB_REF/refs\/tags\/v/}" | |
else | |
echo ::set-output name=target::${{github.sha}}-${{matrix.distro}} | |
echo ::set-output name=latest::"latest-${{ matrix.distro }}" | |
echo ::set-output name=tag::"${GITHUB_REF/refs\/tags\/v/}-${{ matrix.distro }}" | |
fi | |
- name: Push Docker Images | |
run: | | |
docker pull ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.target }}-amd64 | |
docker pull ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.target }}-arm64 | |
docker pull hadolint/hadolint:${{ steps.build-opts.outputs.target }}-amd64 | |
docker pull hadolint/hadolint:${{ steps.build-opts.outputs.target }}-arm64 | |
docker manifest create \ | |
ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.latest }} \ | |
ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.target }}-amd64 \ | |
ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.target }}-arm64 | |
docker manifest push ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.latest }} | |
docker manifest create \ | |
hadolint/hadolint:${{ steps.build-opts.outputs.latest }} \ | |
hadolint/hadolint:${{ steps.build-opts.outputs.target }}-amd64 \ | |
hadolint/hadolint:${{ steps.build-opts.outputs.target }}-arm64 | |
docker manifest push hadolint/hadolint:${{ steps.build-opts.outputs.latest }} | |
docker manifest create \ | |
ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.tag }} \ | |
ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.target }}-amd64 \ | |
ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.target }}-arm64 | |
docker manifest push ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.tag }} | |
docker manifest create \ | |
hadolint/hadolint:${{ steps.build-opts.outputs.tag }} \ | |
hadolint/hadolint:${{ steps.build-opts.outputs.target }}-amd64 \ | |
hadolint/hadolint:${{ steps.build-opts.outputs.target }}-arm64 | |
docker manifest push hadolint/hadolint:${{ steps.build-opts.outputs.tag }} | |
docker manifest create \ | |
ghcr.io/hadolint/hadolint:v${{ steps.build-opts.outputs.tag }} \ | |
ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.target }}-amd64 \ | |
ghcr.io/hadolint/hadolint:${{ steps.build-opts.outputs.target }}-arm64 | |
docker manifest push ghcr.io/hadolint/hadolint:v${{ steps.build-opts.outputs.tag }} | |
docker manifest create \ | |
hadolint/hadolint:v${{ steps.build-opts.outputs.tag }} \ | |
hadolint/hadolint:${{ steps.build-opts.outputs.target }}-amd64 \ | |
hadolint/hadolint:${{ steps.build-opts.outputs.target }}-arm64 | |
docker manifest push hadolint/hadolint:v${{ steps.build-opts.outputs.tag }} | |
os-binaries: | |
name: ${{ matrix.os }} / ${{ github.ref }} | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- os: macos-13 | |
- os: macos-14 | |
- os: windows-latest | |
steps: | |
- name: Check out | |
uses: actions/checkout@v4 | |
- name: Set tag name | |
uses: little-core-labs/get-git-tag@v3.0.2 | |
id: tag | |
with: | |
tagRegex: "v(.*)" | |
tagRegexGroup: 1 | |
- name: Setup Haskell | |
id: setup-haskell-cabal | |
uses: haskell-actions/setup@v2 | |
with: | |
ghc-version: 9.8 | |
- name: Freeze | |
run: cabal freeze | |
- name: Cache store | |
uses: actions/cache@v4 | |
with: | |
path: ${{ steps.setup-haskell-cabal.outputs.cabal-store }} | |
key: ${{ runner.os }}-${{ hashFiles('cabal.project.freeze') }} | |
- name: Build binary | |
run: | | |
mkdir dist | |
cabal install exe:hadolint --install-method=copy --overwrite-policy=always --installdir=dist --ghc-options=-fPIC | |
- if: matrix.os == 'windows-latest' | |
name: Set extension to .exe on Windows | |
uses: allenevans/set-env@v3.0.0 | |
with: | |
EXT: '.exe' | |
- name: Set binary OS name | |
uses: allenevans/set-env@v3.0.0 | |
with: | |
BINARY_OS: ${{ runner.os }} | |
- name: Set binary Arch name | |
uses: allenevans/set-env@v3.0.0 | |
with: | |
ARCH: 'x86_64' | |
- if: (matrix.os == 'macos-13') || (matrix.os == 'macos-14') | |
name: Set binary OS name on Macos | |
uses: allenevans/set-env@v3.0.0 | |
with: | |
BINARY_OS: 'Darwin' | |
- if: matrix.os == 'macos-14' | |
name: Set binary ARCH name for apple silicon | |
uses: allenevans/set-env@v3.0.0 | |
with: | |
ARCH: 'arm64' | |
- name: Set binary path name | |
uses: allenevans/set-env@v3.0.0 | |
with: | |
BINARY_PATH: ./dist/hadolint${{ env.EXT }} | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: hadolint-${{ env.BINARY_OS }}-${{env.ARCH}}${{ env.EXT }} | |
path: ${{ env.BINARY_PATH }} | |
retention-days: 3 | |
release: | |
needs: [docker-release, os-binaries] | |
name: Create GitHub Release | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out | |
uses: actions/checkout@v4 | |
- name: Download Linux x86 | |
uses: actions/download-artifact@v4 | |
with: | |
name: hadolint-Linux-amd64 | |
path: artifacts/hadolint-Linux-x86_64 | |
- name: Download Linux arm64 | |
uses: actions/download-artifact@v4 | |
with: | |
name: hadolint-Linux-arm64 | |
path: artifacts/hadolint-Linux-arm64 | |
- name: Download Macos x86 | |
uses: actions/download-artifact@v4 | |
with: | |
name: hadolint-Darwin-x86_64 | |
path: artifacts/hadolint-Darwin-x86_64 | |
- name: Download Macos arm | |
uses: actions/download-artifact@v4 | |
with: | |
name: hadolint-Darwin-arm64 | |
path: artifacts/hadolint-Darwin-arm64 | |
- name: Download Windows x86 | |
uses: actions/download-artifact@v4 | |
with: | |
name: hadolint-Windows-x86_64.exe | |
path: artifacts/hadolint-Windows-x86_64.exe | |
- name: Rename and Checksum | |
run: | | |
mv artifacts/hadolint-Linux-x86_64/hadolint hadolint-Linux-x86_64 | |
mv artifacts/hadolint-Linux-arm64/hadolint hadolint-Linux-arm64 | |
mv artifacts/hadolint-Darwin-x86_64/hadolint hadolint-Darwin-x86_64 | |
mv artifacts/hadolint-Darwin-arm64/hadolint hadolint-Darwin-arm64 | |
mv artifacts/hadolint-Windows-x86_64.exe/hadolint.exe hadolint-Windows-x86_64.exe | |
sha256sum -b hadolint-Linux-x86_64 > hadolint-Linux-x86_64.sha256 | |
sha256sum -b hadolint-Linux-arm64 > hadolint-Linux-arm64.sha256 | |
sha256sum -b hadolint-Darwin-x86_64 > hadolint-Darwin-x86_64.sha256 | |
sha256sum -b hadolint-Darwin-arm64 > hadolint-Darwin-arm64.sha256 | |
sha256sum -b hadolint-Windows-x86_64.exe > hadolint-Windows-x86_64.exe.sha256 | |
- name: Release | |
uses: softprops/action-gh-release@v2 | |
if: startsWith(github.ref, 'refs/tags/') | |
with: | |
generate_release_notes: true | |
fail_on_unmatched_files: true | |
files: | | |
hadolint-Linux-x86_64 | |
hadolint-Linux-x86_64.sha256 | |
hadolint-Linux-arm64 | |
hadolint-Linux-arm64.sha256 | |
hadolint-Darwin-x86_64 | |
hadolint-Darwin-x86_64.sha256 | |
hadolint-Darwin-arm64 | |
hadolint-Darwin-arm64.sha256 | |
hadolint-Windows-x86_64.exe | |
hadolint-Windows-x86_64.exe.sha256 |