-
Notifications
You must be signed in to change notification settings - Fork 0
140 lines (119 loc) · 4.95 KB
/
poll-new-releases.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
name: Build and Push Custom Caddy Container
on:
schedule:
- cron: "1 0 * * *" # Runs once a day
workflow_dispatch: # Allows manual trigger
permissions:
contents: write # Needed to commit changes
packages: write # Needed to push to GHCR
jobs:
build-and-push-container:
runs-on: ubuntu-latest
steps:
# 1. Check Out Repository
- name: Check Out Repository
uses: actions/checkout@v3
with:
persist-credentials: false # Prevents default GITHUB_TOKEN from being used for push
fetch-depth: 0 # Fetch all history for git commands
# 2. Set Up Git for Committing
- name: Set Up Git
run: |
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
# 3. Fetch Latest Caddy Release
- name: Fetch Latest Caddy Release
id: fetch_release
run: |
# Fetch the latest release from Caddy
latest_release=$(curl -s https://api.github.com/repos/caddyserver/caddy/releases/latest)
echo "$latest_release" > release.json
# Extract the prerelease status
is_prerelease=$(jq -r '.prerelease' release.json)
echo "is_prerelease=$is_prerelease" >> $GITHUB_ENV
if [ "$is_prerelease" = "true" ]; then
echo "The latest release is a pre-release. Skipping build and push."
echo "new_release=false" >> $GITHUB_ENV
exit 0
fi
# Extract the raw tag (e.g., "v2.9.0")
raw_tag=$(jq -r '.tag_name' release.json)
echo "Raw tag: $raw_tag"
# Process the tag: remove 'v' and strip trailing '.0' if present
processed_tag=$(echo "$raw_tag" | sed -E 's/^v//; s/\.0$//')
echo "Processed tag: $processed_tag"
# Validate that the processed tag is not empty
if [[ -z "$processed_tag" ]]; then
echo "Error: Processed tag is empty."
exit 1
fi
# Export the processed tag to an environment variable
echo "latest_tag=$processed_tag" >> $GITHUB_ENV
# 4. Read Last Built Tag
- name: Read Last Built Tag
id: read_last_tag
run: |
if [ -f ".last_release_tag" ]; then
last_tag=$(cat .last_release_tag)
echo "Last built tag: $last_tag"
echo "last_tag=$last_tag" >> $GITHUB_ENV
else
echo "Last built tag not found."
echo "last_tag=" >> $GITHUB_ENV
fi
# 5. Compare Tags to Determine if a New Release Exists
- name: Compare Tags
id: compare_tags
run: |
if [ "${{ env.latest_tag }}" != "${{ env.last_tag }}" ]; then
echo "new_release=true" >> $GITHUB_ENV
else
echo "new_release=false" >> $GITHUB_ENV
fi
# 6. Debugging Information (Optional)
- name: Debug Tags
run: |
echo "Latest tag: ${{ env.latest_tag }}"
echo "Last built tag: ${{ env.last_tag }}"
echo "New release: ${{ env.new_release }}"
echo "Is pre-release: ${{ env.is_prerelease }}"
# 7. Build the Docker Image if a New Release is Detected
- name: Build New Image
if: env.new_release == 'true'
run: |
echo "Building Docker image with CADDY_VERSION=${{ env.latest_tag }}"
docker build \
--build-arg CADDY_VERSION=${{ env.latest_tag }} \
-t ghcr.io/callumau/caddy-cloudflare/caddy:${{ env.latest_tag }} \
-t ghcr.io/callumau/caddy-cloudflare/caddy:latest .
# 8. Log in to GHCR
- name: Log in to GHCR
if: env.new_release == 'true'
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }} # Use GHCR_PAT if using a PAT
# 9. Push the Docker Image to GHCR
- name: Push New Image to GHCR
if: env.new_release == 'true'
run: |
docker push ghcr.io/callumau/caddy-cloudflare/caddy:${{ env.latest_tag }}
docker push ghcr.io/callumau/caddy-cloudflare/caddy:latest
# 10. Set Up Git Authentication
- name: Set Up Git Authentication
if: env.new_release == 'true'
run: |
git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git
# 11. Update the Last Built Tag File
- name: Update Last Built Tag
if: env.new_release == 'true'
run: |
echo "${{ env.latest_tag }}" > .last_release_tag
git add .last_release_tag
git commit -m "Update last_release_tag to ${{ env.latest_tag }}"
git push origin HEAD:main # Replace 'main' with your default branch if different
# 12. Handle No New Release Scenario
- name: No New Release Detected
if: env.new_release != 'true'
run: echo "No new release detected. Skipping build and push."