forked from keeweb/keeweb
-
Notifications
You must be signed in to change notification settings - Fork 0
352 lines (300 loc) · 14.5 KB
/
deploy-docker-github-sync.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
# #
# @type github workflow
# @author Aetherinox
# @url https://github.com/Aetherinox
#
# @usage originally, Keeweb's docker files were hosted in the main branch within the folder /package/docker/*
# with the new setup, the Keeweb docker files are stored in a separate branch from main called `docker/keeweb`.
# this workflow copies the required docker files from the new branch docker/keeweb, and brings them over to the main branch
# and places them within the original subfolder `package/docker/*`
#
# @secrets secrets.ADMINSERV_GPG_KEY_ASC gpg private key (armored) | BEGIN PGP PRIVATE KEY BLOCK
# secrets.ADMINSERV_GPG_PASSPHRASE gpg private key passphrase
#
# @triggers this workflow is automatically run every time a PUSH is made to the branch `docker/keeweb`; it will copy docker/keeweb's contents
# to the main branch's `package/docker` folder.
#
# this workflow can be manually triggered (WORKFLOW_DISPATCH). to select the destination branch, click `Run Workflow` and select `Use Workflow From`
# and select the destination branch
# #
name: "🔄 Sync › Docker › Github"
run-name: "🔄 Sync › Docker › Github"
# #
# Triggers
# #
on:
# #
# Trigger › Workflow Dispatch
#
# If any values are not provided, will use fallback env variable
# #
workflow_dispatch:
inputs:
# #
# Branch › Source
#
# Where the files to be copied are
# #
BRANCH_SRC:
description: '↪️ Branch › Source'
required: true
default: 'docker/keeweb'
type: string
# #
# Folder › Destination
#
# where the files will be placed
# #
FOLDER_DEST:
description: '📂 Folder › Destination'
required: true
default: 'package/docker'
type: string
# #
# true no changes to the repo will be made
# false workflow will behave normally, and push any changes detected to the files
# #
DRY_RUN:
description: '📑 Dry Run Only'
required: true
default: false
type: boolean
# #
# Trigger › Push
# #
push:
branches:
- docker/keeweb
# #
# Environment Vars
#
# BRANCH_SRC the source branch where you want to copy files from
# BRANCH_DEST the destination branch where the files will be copied to
# FOLDER_DEST the destination folder where the files will be placed within BRANCH_DEST
# BRANCH_MAIN even though this value is set below; it is a fallback.
# when the workflow is started, it will attempt to fetch
# the real default branch name.
# #
env:
BRANCH_SRC: ${{ github.event.inputs.BRANCH_SRC || 'docker/keeweb' }}
BRANCH_DEST: ${{ github.ref_name || 'main' }}
FOLDER_DEST: ${{ github.event.inputs.FOLDER_DEST || 'package/docker' }}
BRANCH_MAIN: 'main'
BOT_NAME_1: EuropaServ
BOT_NAME_DEPENDABOT: dependabot[bot]
# #
# Jobs
#
# The way pushed docker containers on Github work, the most recent image built goes at the top.
# We will use the order below which builds the :latest image last so that it appears at the very
# top of the packages page.
# #
jobs:
# #
# Job › Create Tag
# #
job-docker-release-tags-create:
name: >-
📦 Release › Sync
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
attestations: write
id-token: write
steps:
# #
# Sync › Start
# #
- name: '🏳️ Start'
id: task_sync_start
run: |
echo "Starting branch sync"
# #
# Sync › Checkout
# #
- name: '✅ Checkout'
id: task_sync_checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# #
# Sync › Install Dependencies
# #
- name: '📦 Install Dependencies'
id: task_sync_dependencies
run:
sudo apt-get install -qq dos2unix
# #
# Sync › Get Default Branch Name
#
# attempts to get the name of the default branch so that we don't have to manually changes
# #
- name: '🔍 Find Default Branch Name'
id: task_sync_branch_default_get
run:
echo "BRANCH_MAIN=${{ github.event.repository.default_branch }}" >> $GITHUB_ENV
# #
# Sync › Debug
# #
- name: '⚠️ Env Variable › Check'
id: task_sync_vars_check
run: |
if [[ "${{ env.BRANCH_SRC }}" == "${{ env.BRANCH_DEST }}" ]]; then
branch_default="${{ env.BRANCH_MAIN }}"
echo "⚠️⚠️⚠️ Source and destination branches are the same, changing destination branch to $branch_default ⚠️⚠️⚠️"
echo "BRANCH_DEST=$(echo $branch_default)" >> $GITHUB_ENV
fi
# #
# Sync › Var Check › Confirm
# #
- name: '⚠️ Env Variable › Confirm'
id: task_sync_vars_confirm
run: |
echo "✅✅✅ BRANCH_DEST is now ${{ env.BRANCH_DEST }} ✅✅✅"
# #
# Sync › Checkpoint › 1
# #
- name: '⚠️ Checkpoint 1'
id: task_sync_checkpoint_1
run: |
echo "github.actor.......... ${{ github.actor }}"
echo "github.ref ........... ${{ github.ref }}"
echo "github.ref_name ...... ${{ github.ref_name }}"
echo "github.event_name .... ${{ github.event_name }}"
echo "inputs.DRY_RUN ....... ${{ inputs.DRY_RUN }}"
echo "env.BRANCH_SRC........ ${{ env.BRANCH_SRC }}"
echo "env.BRANCH_DEST....... ${{ env.BRANCH_DEST || env.BRANCH_MAIN }}"
echo "env.FOLDER_DEST....... ${{ env.FOLDER_DEST }}"
echo " ⚠️⚠️⚠️⚠️ This workflow will copy files [ 📄 root Dockerfile* ] from branch 🏠 ${{ env.BRANCH_SRC }} to 🔄 ${{ env.BRANCH_DEST || env.BRANCH_MAIN }} to folder 📂 ${{ env.FOLDER_DEST }} ⚠️⚠️⚠️"
echo " › Copy files ............. 📄 root Dockerfile*"
echo " › From branch ............ 🏠 ${{ env.BRANCH_SRC }}"
echo " › To branch .............. 🔄 ${{ env.BRANCH_DEST || env.BRANCH_MAIN }}"
echo " › In folder .............. 📂 ${{ env.FOLDER_DEST }}"
# #
# Sync › Copy Dockerfiles to Main branch
#
# this action copies all the required docker files from the docker/keeweb branch, over to
# the main branch within the subfolder `package/docker/*`
#
# to discard the actions of git checkout and not commit, run:
# git checkout -
#
# if you are copying files from docker/keeweb which don't exist on the main branch, you must
# run `git add package/docker` to track the new files / folders added
#
# this step does the following:
# - deletes the package/docker/* folder contents on the destination repo
# - sets a few settings to get rid of annoying features
# - git checkout origin/main (destination branch)
# - git checkout origin/docker/keeweb (source branch) and sets working tree to /package/docker/
# - adds all changes to git which will be committed in a later step
# #
- name: '⬇️ Pull Docker Files'
id: task_sync_files_pull
run: |
rm -rf ${{ env.FOLDER_DEST }}/*
mkdir -p ${{ env.FOLDER_DEST }}
git config --global pager.diff false
git config --global advice.detachedHead false
git checkout origin/${{ env.BRANCH_DEST || env.BRANCH_MAIN }} # ${{ github.ref_name || 'main' }}
git --work-tree=${{ env.FOLDER_DEST }} checkout origin/${{ env.BRANCH_SRC }} -- root Dockerfile* # 'docker/keeweb'
git add ${{ env.FOLDER_DEST }}
# #
# Sync › Run permission management
# #
- name: '#️⃣ Manage Permissions'
id: task_sync_fix_permissions
run: |
find ${{ env.FOLDER_DEST }} -name 'run' -exec chmod 755 {} \;
WRONG_PERM=$(find ${{ env.FOLDER_DEST }} -path "./.git" -prune -o \( -name "run" -o -name "finish" -o -name "check" \) -not -perm -u=x,g=x,o=x -print)
if [ -n "${WRONG_PERM}" ]; then
echo "⚠️⚠️⚠️ Permissions are invalid ⚠️⚠️⚠️"
for i in ${WRONG_PERM}; do
echo "::error file=${i},line=1,title=Missing Executable Bit::This file needs to be set as executable!"
done
exit 1
else
echo "✅✅✅ Executable permissions are OK ✅✅✅"
fi
# #
# Sync › Run dos2unix
# #
- name: '🔐 Apply dos2unix'
id: task_sync_fix_dos2unix
run: |
echo "⚠️⚠️⚠️ Running DOS2UNIX ⚠️⚠️⚠️"
find ${{ env.FOLDER_DEST }} \( -path "./.git" -o -path "./docs" -o -path "./.github" -o -path "*.png" -o -path "*.jpg" \) -prune -o -name '*' -print | xargs dos2unix --
echo "✅✅✅ Completed DOS2UNIX ✅✅✅"
# #
# Sync › Show Differences
#
# this is just a debugging step, it shows all the files pending commit that will be committed.
# if you are stuck in the git pager, hit "Q" to quit.
#
# to disable the pager, run the command:
# git config --global pager.diff false
# #
- name: '📑 View Differences'
id: task_sync_debug_diff
run: |
git diff --name-only HEAD
# #
# Sync › Precommit
#
# define the date/time and the commit message
# #
- name: '📦 Commit › Pre-commit'
id: task_sync_commit_pre
run: |
now=$(date -u '+%m/%d/%Y %H:%M')
commit_label="chore(auto): Docker Sync" >> $GITHUB_ENV
commit_message="\`️️$commit_label 🔄\` \`$now UTC\`" >> $GITHUB_ENV
echo "COMMIT_MESSAGE=$(echo $commit_message)" >> $GITHUB_ENV
echo "NOW=$(echo $now)" >> $GITHUB_ENV
# #
# Sync › GPG Key
#
# this step is required so that you can sign commits in the last step
# stefanzweifel/git-auto-commit-action@v5
# #
- name: '📦 Commit › GPG Key'
id: task_sync_commit_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.ADMINSERV_GPG_KEY_ASC }}
passphrase: ${{ secrets.ADMINSERV_GPG_PASSPHRASE }}
git_user_signingkey: true
git_commit_gpgsign: true
# #
# Sync › Checkpoint › 2
# #
- name: '⚠️ Checkpoint 2'
id: task_sync_checkpoint_2
run: |
echo "github.actor.......... ${{ github.actor }}"
echo "github.ref ........... ${{ github.ref }}"
echo "github.ref_name ...... ${{ github.ref_name }}"
echo "github.event_name .... ${{ github.event_name }}"
echo "inputs.DRY_RUN ....... ${{ inputs.DRY_RUN }}"
echo " ⚠️⚠️⚠️⚠️ This workflow will copy files [ 📄 root Dockerfile* ] from branch 🏠 ${{ env.BRANCH_SRC }} to 🔄 ${{ env.BRANCH_DEST || env.BRANCH_MAIN }} to folder 📂 ${{ env.FOLDER_DEST }} ⚠️⚠️⚠️"
echo " › Copy files ............. 📄 root Dockerfile*"
echo " › From branch ............ 🏠 ${{ env.BRANCH_SRC }}"
echo " › To branch .............. 🔄 ${{ env.BRANCH_DEST || env.BRANCH_MAIN }}"
echo " › In folder .............. 📂 ${{ env.FOLDER_DEST }}"
# #
# Sync › Commit
#
# commits the pending changes to the main branch
# #
- name: '🔄 Sync › Commit'
id: task_sync_commit
uses: stefanzweifel/git-auto-commit-action@v5
if: ( github.event_name == 'workflow_dispatch' && inputs.DRY_RUN == false ) || ( github.event_name == 'push' )
with:
commit_message: ${{ env.COMMIT_MESSAGE }}
commit_author: "${{ steps.task_sync_commit_gpg.outputs.name }} <${{ steps.task_sync_commit_gpg.outputs.email }}>"
commit_user_name: ${{ steps.task_sync_commit_gpg.outputs.name }}
commit_user_email: ${{ steps.task_sync_commit_gpg.outputs.email }}
branch: ${{ env.BRANCH_DEST || env.BRANCH_MAIN }}
add_options: '-u'