Deploy #57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Deploy | |
# yamllint disable-line rule:truthy | |
on: | |
release: | |
types: | |
- published | |
workflow_run: | |
workflows: ["CI"] | |
branches: [main] | |
types: | |
- completed | |
concurrency: | |
group: deploy | |
jobs: | |
information: | |
if: | | |
github.event_name == 'release' | |
|| ( | |
github.event_name == 'workflow_run' | |
&& github.event.workflow_run.conclusion == 'success' | |
) | |
name: ℹ️ Gather add-on information | |
runs-on: ubuntu-latest | |
outputs: | |
architectures: ${{ steps.information.outputs.architectures }} | |
base_image_signer: ${{ steps.information.outputs.codenotary_base_image }} | |
build: ${{ steps.information.outputs.build }} | |
description: ${{ steps.information.outputs.description }} | |
environment: ${{ steps.release.outputs.environment }} | |
name: ${{ steps.information.outputs.name }} | |
signer: ${{ steps.information.outputs.codenotary_signer }} | |
slug: ${{ steps.override.outputs.slug }} | |
target: ${{ steps.information.outputs.target }} | |
version: ${{ steps.release.outputs.version }} | |
steps: | |
- name: ⤵️ Check out code from GitHub | |
uses: actions/checkout@v3 | |
- name: 🚀 Run add-on information action | |
id: information | |
uses: frenck/[email protected] | |
- name: 🚀 Process possible slug override | |
id: override | |
run: | | |
slug="${{ steps.information.outputs.slug }}" | |
if [[ ! -z "${{ inputs.slug }}" ]]; then | |
slug="${{ inputs.slug }}" | |
fi | |
echo "slug=$slug" >> $GITHUB_OUTPUT | |
- name: ℹ️ Gather version and environment | |
id: release | |
run: | | |
sha="${{ github.sha }}" | |
environment="edge" | |
version="${sha:0:7}" | |
if [[ "${{ github.event_name }}" = "release" ]]; then | |
version="${{ github.event.release.tag_name }}" | |
version="${version,,}" | |
version="${version#v}" | |
environment="stable" | |
if [[ "${{ github.event.release.prerelease }}" = "true" ]]; then | |
environment="beta" | |
fi | |
fi | |
echo "environment=$environment" >> $GITHUB_OUTPUT | |
echo "version=$version" >> $GITHUB_OUTPUT | |
deploy: | |
name: 👷 Build & Deploy ${{ matrix.architecture }} | |
needs: information | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
architecture: ${{ fromJson(needs.information.outputs.architectures) }} | |
steps: | |
- name: ⤵️ Check out code from GitHub | |
uses: actions/checkout@v3 | |
- name: 🏗 Set up QEMU | |
uses: docker/[email protected] | |
- name: 🏗 Set up Docker Buildx | |
uses: docker/[email protected] | |
- name: ℹ️ Compose build flags | |
id: flags | |
run: | | |
echo "date=$(date +"%Y-%m-%dT%H:%M:%SZ")" >> $GITHUB_OUTPUT | |
from=$(yq --no-colors eval ".build_from.${{ matrix.architecture }}" "${{ needs.information.outputs.build }}") | |
echo "from=$from" >> $GITHUB_OUTPUT | |
if [[ "${{ matrix.architecture}}" = "amd64" ]]; then | |
echo "platform=linux/amd64" >> $GITHUB_OUTPUT | |
elif [[ "${{ matrix.architecture }}" = "i386" ]]; then | |
echo "platform=linux/386" >> $GITHUB_OUTPUT | |
elif [[ "${{ matrix.architecture }}" = "armhf" ]]; then | |
echo "platform=linux/arm/v6" >> $GITHUB_OUTPUT | |
elif [[ "${{ matrix.architecture }}" = "armv7" ]]; then | |
echo "platform=linux/arm/v7" >> $GITHUB_OUTPUT | |
elif [[ "${{ matrix.architecture }}" = "aarch64" ]]; then | |
echo "platform=linux/arm64/v8" >> $GITHUB_OUTPUT | |
else | |
echo "::error ::Could not determine platform for architecture ${{ matrix.architecture }}" | |
exit 1 | |
fi | |
- name: 🏗 Login to GitHub Container Registry | |
uses: docker/[email protected] | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: ⤵️ Download base image | |
run: docker pull "${{ steps.flags.outputs.from }}" | |
# - name: ✅ Verify authenticity of base image | |
# if: needs.information.outputs.base_image_signer != 'null' | |
# uses: codenotary/cas-authenticate-docker-image-github-action@main | |
# with: | |
# asset: docker://${{ steps.flags.outputs.from }} | |
# signerID: ${{ needs.information.outputs.base_image_signer }} | |
- name: 🚀 Build | |
uses: docker/[email protected] | |
with: | |
load: true | |
# yamllint disable rule:line-length | |
tags: | | |
ghcr.io/${{ github.repository_owner }}/${{ needs.information.outputs.slug }}/${{ matrix.architecture }}:${{ needs.information.outputs.environment }} | |
ghcr.io/${{ github.repository_owner }}/${{ needs.information.outputs.slug }}/${{ matrix.architecture }}:${{ needs.information.outputs.version }} | |
# yamllint enable rule:line-length | |
context: ${{ needs.information.outputs.target }} | |
file: ${{ needs.information.outputs.target }}/Dockerfile | |
cache-from: type=gha,scope=${{ needs.information.outputs.slug }}-${{ matrix.architecture }} | |
cache-to: type=gha,mode=max,scope=${{ needs.information.outputs.slug }}-${{ matrix.architecture }} | |
platforms: ${{ steps.flags.outputs.platform }} | |
build-args: | | |
BUILD_ARCH=${{ matrix.architecture }} | |
BUILD_DATE=${{ steps.flags.outputs.date }} | |
BUILD_DESCRIPTION=${{ needs.information.outputs.description }} | |
BUILD_FROM=${{ steps.flags.outputs.from }} | |
BUILD_NAME=${{ needs.information.outputs.name }} | |
BUILD_REF=${{ github.sha }} | |
BUILD_REPOSITORY=${{ github.repository }} | |
BUILD_VERSION=${{ needs.information.outputs.version }} | |
# yamllint disable rule:line-length | |
# - name: 🔏 Notarize new image | |
# if: needs.information.outputs.signer != 'null' | |
# id: notarize_new_image | |
# uses: codenotary/cas-notarize-docker-image-github-action@main | |
# with: | |
# asset: docker://ghcr.io/${{ github.repository_owner }}/${{ needs.information.outputs.slug }}/${{ matrix.architecture }}:${{ needs.information.outputs.version }} | |
# cas_api_key: ${{ secrets.CAS_API_KEY }} | |
- name: 🚀 Push | |
run: | | |
docker push \ | |
"ghcr.io/${{ github.repository_owner }}/${{ needs.information.outputs.slug }}/${{ matrix.architecture }}:${{ needs.information.outputs.environment }}" | |
docker push \ | |
"ghcr.io/${{ github.repository_owner }}/${{ needs.information.outputs.slug }}/${{ matrix.architecture }}:${{ needs.information.outputs.version }}" | |
# yamllint enable rule:line-length | |
publish-stable: | |
name: 📢 Publish to stable repository | |
if: needs.information.outputs.environment == 'stable' | |
needs: | |
- information | |
- deploy | |
environment: | |
name: ${{ needs.information.outputs.environment }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: 🚀 Dispatch repository updater update signal | |
uses: peter-evans/repository-dispatch@v2 | |
with: | |
token: ${{ secrets.DISPATCH_TOKEN }} | |
repository: ${{ github.repository_owner }}/ais-ha-addons | |
event-type: update | |
client-payload: > | |
{ | |
"addon": "${{ needs.information.outputs.slug }}", | |
"name": "${{ needs.information.outputs.name }}", | |
"repository": "${{ github.repository }}", | |
"version": "${{ github.event.release.tag_name }}" | |
} |