Build and Push Custom Caddy Container #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Push Custom Caddy Container | |
| on: | |
| schedule: | |
| - cron: "1 0 * * *" # Runs once a day | |
| workflow_dispatch: # Allows manual trigger | |
| permissions: | |
| contents: write # Needed to commit changes | |
| packages: write # Needed to push to GHCR | |
| jobs: | |
| build-and-push-container: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # 1. Check Out Repository | |
| - name: Check Out Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| persist-credentials: false # Prevents default GITHUB_TOKEN from being used for push | |
| fetch-depth: 0 # Fetch all history for git commands | |
| # 2. Set Up Git for Committing | |
| - name: Set Up Git | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| # 3. Fetch Latest Caddy Release | |
| - name: Fetch Latest Caddy Release | |
| id: fetch_release | |
| run: | | |
| # Fetch the latest release from Caddy | |
| latest_release=$(curl -s https://api.github.com/repos/caddyserver/caddy/releases/latest) | |
| echo "$latest_release" > release.json | |
| # Extract the raw tag (e.g., "v2.9.0") | |
| raw_tag=$(jq -r '.tag_name' release.json) | |
| echo "Raw tag: $raw_tag" | |
| # Process the tag: remove 'v' and strip trailing '.0' if present | |
| processed_tag=$(echo "$raw_tag" | sed -E 's/^v//; s/\.0$//') | |
| echo "Processed tag: $processed_tag" | |
| # Validate that the processed tag is not empty | |
| if [[ -z "$processed_tag" ]]; then | |
| echo "Error: Processed tag is empty." | |
| exit 1 | |
| fi | |
| # Export the processed tag to an environment variable | |
| echo "latest_tag=$processed_tag" >> $GITHUB_ENV | |
| # 4. Read Last Built Tag | |
| - name: Read Last Built Tag | |
| id: read_last_tag | |
| run: | | |
| if [ -f ".last_release_tag" ]; then | |
| last_tag=$(cat .last_release_tag) | |
| echo "Last built tag: $last_tag" | |
| echo "last_tag=$last_tag" >> $GITHUB_ENV | |
| else | |
| echo "Last built tag not found." | |
| echo "last_tag=" >> $GITHUB_ENV | |
| fi | |
| # 5. Compare Tags to Determine if a New Release Exists | |
| - name: Compare Tags | |
| id: compare_tags | |
| run: | | |
| if [ "${{ env.latest_tag }}" != "${{ env.last_tag }}" ]; then | |
| echo "new_release=true" >> $GITHUB_ENV | |
| else | |
| echo "new_release=false" >> $GITHUB_ENV | |
| fi | |
| # 6. Debugging Information (Optional) | |
| - name: Debug Tags | |
| run: | | |
| echo "Latest tag: ${{ env.latest_tag }}" | |
| echo "Last built tag: ${{ env.last_tag }}" | |
| echo "New release: ${{ env.new_release }}" | |
| # 7. Build the Docker Image if a New Release is Detected | |
| - name: Build New Image | |
| if: env.new_release == 'true' | |
| run: | | |
| echo "Building Docker image with CADDY_VERSION=${{ env.latest_tag }}" | |
| docker build \ | |
| --build-arg CADDY_VERSION=${{ env.latest_tag }} \ | |
| -t ghcr.io/callumau/caddy-cloudflare/caddy:${{ env.latest_tag }} \ | |
| -t ghcr.io/callumau/caddy-cloudflare/caddy:latest . | |
| # 8. Log in to GHCR | |
| - name: Log in to GHCR | |
| if: env.new_release == 'true' | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} # Use GHCR_PAT if using a PAT | |
| # 9. Push the Docker Image to GHCR | |
| - name: Push New Image to GHCR | |
| if: env.new_release == 'true' | |
| run: | | |
| docker push ghcr.io/callumau/caddy-cloudflare/caddy:${{ env.latest_tag }} | |
| docker push ghcr.io/callumau/caddy-cloudflare/caddy:latest | |
| # 10. Update the Last Built Tag File | |
| - name: Update Last Built Tag | |
| if: env.new_release == 'true' | |
| run: | | |
| echo "${{ env.latest_tag }}" > .last_release_tag | |
| git add .last_release_tag | |
| git commit -m "Update last_release_tag to ${{ env.latest_tag }}" | |
| git push origin HEAD:main # Replace 'main' with your default branch if different | |
| # 11. Handle No New Release Scenario | |
| - name: No New Release Detected | |
| if: env.new_release != 'true' | |
| run: echo "No new release detected. Skipping build and push." |