Bump crazy-max/ghaction-import-gpg from 3 to 6 #191

Summary
Jobs
- context
- build
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/build-release-vpnddns.yml at 2f98f9a

	name: build-vpnddns

	on:
	pull_request:
	types: [ opened, synchronize, reopened, closed ]
	branches: [ main, master ]
	paths:
	- '.github/workflows/build-release-vpnddns.yml'
	- 'cli/CHANGELOG-VPNDDNS.md'
	- 'cli/LICENSE_BUNDLE.md'
	- 'cli/python/index.py'
	- 'cli/python/src/ddns/**'
	- 'cli/python/src/executor/**'
	- 'cli/python/src/utils/**'
	- '!cli/python/*.md'
	- 'docker/dockerfile/vpnddns.Dockerfile'
	push:
	branches: [ main, master ]
	tags:
	- 'vpnddns/v*'
	paths:
	- '.github/workflows/build-release-vpnddns.yml'
	- 'cli/CHANGELOG-VPNDDNS.md'
	- 'cli/LICENSE_BUNDLE.md'
	- 'cli/python/index.py'
	- 'cli/python/src/ddns/**'
	- 'cli/python/src/executor/**'
	- 'cli/python/src/utils/**'
	- '!cli/python/*.md'
	- 'docker/dockerfile/vpnddns.Dockerfile'

	env:
	APP_CODE: vpnddns
	APP_IMAGE: playio-vpnddns
	APP_FOLDER: cli/python/src/ddns
	PYTHON_VERSION: 3.8.8-slim-buster
	PLATFORMS: linux/amd64
	DOCKER_WORKDIR: cli/python
	DOCKER_FILE: cli/python/docker/vpnddns.Dockerfile
	DOCKER_USERNAME: beeio
	DOCKER_IMAGE: playio/vpnddns
	GHCR_IMAGE: ghcr.io/play-iot/vpnddns
	TAG_PREFIX: vpnddns/v
	BRAND_VERSION: v2
	BRAND_REPO: play-iot/brand

	jobs:

	context:
	runs-on: ubuntu-latest
	outputs:
	branch: ${{ steps.context.outputs.branch }}
	shouldBuild: ${{ steps.context.outputs.decision_build }}
	shouldPublish: ${{ steps.context.outputs.decision_publish }}
	isRelease: ${{ steps.context.outputs.isTag }}
	afterRelease: ${{ steps.context.outputs.isAfterMergedReleasePR }}
	sha: ${{ steps.context.outputs.shortCommitId }}
	version: ${{ steps.context.outputs.version }}

	steps:
	- uses: actions/checkout@v2
	with:
	token: ${{ secrets.BEEIO_CI_TOKEN }}

	- name: Import GPG key
	uses: crazy-max/ghaction-import-gpg@v6
	with:
	git-user-signingkey: true
	git-commit-gpgsign: true
	git-tag-gpgsign: true
	git-push-gpgsign: false
	gpg-private-key: ${{ secrets.OSS_GPG_PRIVATE_KEY }}
	passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }}

	- name: Project context
	id: context
	uses: zero88/gh-project-context@v1.1
	with:
	mustSign: true
	nextVerMode: PATCH
	tagPrefix: ${{ env.TAG_PREFIX }}
	releaseBranchPrefix: release/${{ env.APP_CODE }}/
	mergedReleaseMsgRegex: "^Merge pull request #[0-9]+ from .+/release/${{ env.APP_CODE }}/.+$"
	patterns: \|
	${{ env.APP_FOLDER }}/version.py::(APP_VERSION\s?=\s?)(')([^']+)(')::2

	build:
	runs-on: ubuntu-latest
	needs: context
	if: needs.context.outputs.shouldBuild == 'true'
	services:
	registry:
	image: zero88/gh-registry:latest
	ports:
	- 5000:5000
	options: >-
	-v /home/runner:/var/lib/registry
	--name registry
	steps:
	- uses: actions/checkout@v2

	- name: Inject Hash version
	run: \|
	hash_ver="${{ needs.context.outputs.sha }}"
	[[ ${{ needs.context.outputs.isRelease }} == 'true' ]] \|\| hash_ver="$hash_ver-${{ needs.context.outputs.branch }}"
	sed -i "s/dev/${hash_ver//\//-}/" ${{ env.APP_FOLDER }}/version.py

	- name: Inject brand and license
	run: \|
	docker run --rm -v /tmp:/tmp zero88/ghrd:latest -a "banner.txt" -r ${{ env.BRAND_VERSION }} -o /tmp ${{ env.BRAND_REPO }}
	mv /tmp/banner.txt ${{ env.APP_FOLDER }}/resources
	cp cli/LICENSE_BUNDLE.md ${{ env.APP_FOLDER }}/resources

	- name: Cache Docker layers
	uses: actions/cache@v2
	with:
	path: /home/runner/docker
	key: ${{ runner.os }}-${{ env.APP_IMAGE }}-${{ github.sha }}
	restore-keys: \|
	${{ runner.os }}-${{ env.APP_IMAGE }}-

	- name: Validate cache
	run: \|
	docker buildx imagetools inspect localhost:5000/${{ env.APP_IMAGE }}:buildcache \|\| echo "Not Found"

	- name: Docker meta
	id: docker_meta
	uses: crazy-max/ghaction-docker-meta@v2
	with:
	images: ${{ env.GHCR_IMAGE }},${{ env.DOCKER_IMAGE }}
	tags: \|
	type=ref,event=branch
	type=ref,event=pr
	type=sha
	type=match,pattern=${{ env.APP_CODE }}-v(.*),group=1

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	with:
	driver-opts: network=host

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v1
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.BEEIO_CI_TOKEN }}

	- name: Login to Docker Hub Registry
	uses: docker/login-action@v1
	with:
	username: ${{ env.DOCKER_USERNAME }}
	password: ${{ secrets.BEEIO_CI_DOCKERHUB }}

	- name: Docker build
	uses: docker/build-push-action@v2
	with:
	context: ${{ env.DOCKER_WORKDIR }}
	file: ${{ env.DOCKER_FILE }}
	platforms: ${{ env.PLATFORMS }}
	build-args: \|
	BASE_IMAGE_VERSION=${{ env.PYTHON_VERSION }}
	APP_VERSION=${{ needs.context.outputs.version }}
	COMMIT_SHA=${{ needs.context.outputs.sha }}
	cache-from: type=registry,ref=localhost:5000/${{ env.APP_IMAGE }}:buildcache
	cache-to: type=registry,ref=localhost:5000/${{ env.APP_IMAGE }}:buildcache,mode=max
	tags: ${{ steps.docker_meta.outputs.tags }}
	labels: ${{ steps.docker_meta.outputs.labels }}
	pull: true
	push: true

	- name: Cleanup Docker build cache if any
	run: \|
	docker buildx imagetools inspect localhost:5000/${{ env.APP_IMAGE }}:buildcache \|\| echo "Not Found"
	echo "======================================================"
	docker buildx prune --filter until=72h --keep-storage 3GB -f

	- name: Create Release
	if: ${{ needs.context.outputs.isRelease == 'true' }}
	uses: softprops/action-gh-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	tag_name: ${{ env.TAG_PREFIX }}${{ needs.context.outputs.version }}
	name: Release VPN DDNS v${{ needs.context.outputs.version }}
	draft: false
	prerelease: false

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump crazy-max/ghaction-import-gpg from 3 to 6 #191

Workflow file

Bump crazy-max/ghaction-import-gpg from 3 to 6 #191

Jobs

Run details

Workflow file for this run