mirror of
https://github.com/go-gitea/gitea.git
synced 2026-02-09 02:09:25 +08:00
aca6726607
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <ul> <li>Export build record and generate <a href="https://docs.docker.com/build/ci/github-actions/build-summary/">build summary</a> by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1120">docker/build-push-action#1120</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.24.0 to 0.26.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1132">docker/build-push-action#1132</a> <a href="https://redirect.github.com/docker/build-push-action/pull/1136">docker/build-push-action#1136</a> <a href="https://redirect.github.com/docker/build-push-action/pull/1138">docker/build-push-action#1138</a></li> <li>Bump braces from 3.0.2 to 3.0.3 in <a href="https://redirect.github.com/docker/build-push-action/pull/1137">docker/build-push-action#1137</a></li> </ul> <blockquote> <p>[!NOTE] This major release adds support for generating <a href="https://docs.docker.com/build/ci/github-actions/build-summary/">Build summary</a> and exporting build record for your build. You can disable this feature by setting <a href="https://docs.docker.com/build/ci/github-actions/build-summary/#disable-job-summary"> <code>DOCKER_BUILD_SUMMARY: false</code> environment variable in your workflow</a>.</p> </blockquote> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0">https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0</a></p> <h2>v5.4.0</h2> <ul> <li>Show builder information before building by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1128">docker/build-push-action#1128</a></li> <li>Handle attestations correctly with provenance and sbom inputs by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1086">docker/build-push-action#1086</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.19.0 to 0.24.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1088">docker/build-push-action#1088</a> <a href="https://redirect.github.com/docker/build-push-action/pull/1105">docker/build-push-action#1105</a> <a href="https://redirect.github.com/docker/build-push-action/pull/1121">docker/build-push-action#1121</a> <a href="https://redirect.github.com/docker/build-push-action/pull/1127">docker/build-push-action#1127</a></li> <li>Bump undici from 5.28.3 to 5.28.4 in <a href="https://redirect.github.com/docker/build-push-action/pull/1090">docker/build-push-action#1090</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0">https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0</a></p> <h2>v5.3.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.18.0 to 0.19.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1080">docker/build-push-action#1080</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0">https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0</a></p> <h2>v5.2.0</h2> <ul> <li>Disable quotes detection for <code>outputs</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1074">docker/build-push-action#1074</a></li> <li>Warn about ignored inputs by <a href="https://github.com/favonia"><code>@favonia</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1019">docker/build-push-action#1019</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1070">docker/build-push-action#1070</a></li> <li>Bump undici from 5.26.3 to 5.28.3 in <a href="https://redirect.github.com/docker/build-push-action/pull/1057">docker/build-push-action#1057</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0</a></p> <h2>v5.1.0</h2> <ul> <li>Add <code>annotations</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/992">docker/build-push-action#992</a></li> <li>Add <code>secret-envs</code> input by <a href="https://github.com/elias-lundgren"><code>@elias-lundgren</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/980">docker/build-push-action#980</a></li> <li>Bump <code>@babel/traverse</code> from 7.17.3 to 7.23.2 in <a href="https://redirect.github.com/docker/build-push-action/pull/991">docker/build-push-action#991</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.13.0-rc.1 to 0.14.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/990">docker/build-push-action#990</a> <a href="https://redirect.github.com/docker/build-push-action/pull/1006">docker/build-push-action#1006</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0">https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="263435318d"><code>2634353</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1381">#1381</a> from docker/dependabot/npm_and_yarn/docker/actions-t...</li> <li><a href="c0432d2e01"><code>c0432d2</code></a> chore: update generated content</li> <li><a href="0bb1f27d6b"><code>0bb1f27</code></a> set builder driver and endpoint attributes for dbc summary support</li> <li><a href="5f9dbf956c"><code>5f9dbf9</code></a> chore(deps): Bump <code>@docker/actions-toolkit</code> from 0.61.0 to 0.62.1</li> <li><a href="0788c444d8"><code>0788c44</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1375">#1375</a> from crazy-max/remove-gcr</li> <li><a href="aa179ca4f4"><code>aa179ca</code></a> e2e: remove GCR</li> <li><a href="1dc7386353"><code>1dc7386</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1364">#1364</a> from crazy-max/history-export-cmd</li> <li><a href="9c9803f364"><code>9c9803f</code></a> chore: update generated content</li> <li><a href="db1f6c46e8"><code>db1f6c4</code></a> DOCKER_BUILD_EXPORT_LEGACY env var to opt-in for legacy export</li> <li><a href="721e8c79de"><code>721e8c7</code></a> Bump <code>@docker/actions-toolkit</code> from 0.59.0 to 0.61.0</li> <li>Additional commits viewable in <a href="https://github.com/docker/build-push-action/compare/v5...v6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
130 lines
4.9 KiB
YAML
130 lines
4.9 KiB
YAML
name: release-nightly
|
|
|
|
on:
|
|
push:
|
|
branches: [main, release/v*]
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
nightly-binary:
|
|
runs-on: namespace-profile-gitea-release-binary
|
|
permissions:
|
|
contents: read
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
|
|
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
|
|
- run: git fetch --unshallow --quiet --tags --force
|
|
- uses: actions/setup-go@v6
|
|
with:
|
|
go-version-file: go.mod
|
|
check-latest: true
|
|
- uses: pnpm/action-setup@v4
|
|
- uses: actions/setup-node@v5
|
|
with:
|
|
node-version: 24
|
|
- run: make deps-frontend deps-backend
|
|
# xgo build
|
|
- run: make release
|
|
env:
|
|
TAGS: bindata sqlite sqlite_unlock_notify
|
|
- name: import gpg key
|
|
id: import_gpg
|
|
uses: crazy-max/ghaction-import-gpg@v6
|
|
with:
|
|
gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
|
|
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
|
|
- name: sign binaries
|
|
run: |
|
|
for f in dist/release/*; do
|
|
echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
|
|
done
|
|
# clean branch name to get the folder name in S3
|
|
- name: Get cleaned branch name
|
|
id: clean_name
|
|
run: |
|
|
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
|
|
echo "Cleaned name is ${REF_NAME}"
|
|
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
|
|
- name: configure aws
|
|
uses: aws-actions/configure-aws-credentials@v4
|
|
with:
|
|
aws-region: ${{ secrets.AWS_REGION }}
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
- name: upload binaries to s3
|
|
run: |
|
|
aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
|
|
|
|
nightly-container:
|
|
runs-on: namespace-profile-gitea-release-docker
|
|
permissions:
|
|
contents: read
|
|
packages: write # to publish to ghcr.io
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
# fetch all commits instead of only the last as some branches are long lived and could have many between versions
|
|
# fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
|
|
- run: git fetch --unshallow --quiet --tags --force
|
|
- uses: docker/setup-qemu-action@v3
|
|
- uses: docker/setup-buildx-action@v3
|
|
- name: Get cleaned branch name
|
|
id: clean_name
|
|
run: |
|
|
REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
|
|
echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
|
|
- uses: docker/metadata-action@v5
|
|
id: meta
|
|
with:
|
|
images: |-
|
|
gitea/gitea
|
|
ghcr.io/go-gitea/gitea
|
|
tags: |
|
|
type=raw,value=${{ steps.clean_name.outputs.branch }}
|
|
annotations: |
|
|
org.opencontainers.image.authors="maintainers@gitea.io"
|
|
- uses: docker/metadata-action@v5
|
|
id: meta_rootless
|
|
with:
|
|
images: |-
|
|
gitea/gitea
|
|
ghcr.io/go-gitea/gitea
|
|
# each tag below will have the suffix of -rootless
|
|
flavor: |
|
|
suffix=-rootless
|
|
tags: |
|
|
type=raw,value=${{ steps.clean_name.outputs.branch }}
|
|
annotations: |
|
|
org.opencontainers.image.authors="maintainers@gitea.io"
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
- name: Login to GHCR using PAT
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: build regular docker image
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: .
|
|
platforms: linux/amd64,linux/arm64,linux/riscv64
|
|
push: true
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
annotations: ${{ steps.meta.outputs.annotations }}
|
|
- name: build rootless docker image
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: .
|
|
platforms: linux/amd64,linux/arm64,linux/riscv64
|
|
push: true
|
|
file: Dockerfile.rootless
|
|
tags: ${{ steps.meta_rootless.outputs.tags }}
|
|
annotations: ${{ steps.meta_rootless.outputs.annotations }}
|