Skip to content

Merge pull request #78 from LedgerHQ/tdejoigny-dockerfile #157

Merge pull request #78 from LedgerHQ/tdejoigny-dockerfile

Merge pull request #78 from LedgerHQ/tdejoigny-dockerfile #157

Workflow file for this run

# Build the docker images and push them to GitHub Packages
name: Publish Docker images
on:
workflow_dispatch:
push:
branches:
- master
pull_request:
env:
REGISTRY: ghcr.io
REPO_PATH: ${{ github.repository }}
REPO_NAME: ${{ github.event.repository.name }}
BUILD_PLATFORMS: linux/amd64,linux/arm64
jobs:
check_changelog:
name: Check changelog versions
runs-on: ubuntu-latest
steps:
- name: Clone
uses: actions/checkout@v3
- name: Get current version
id: get-current-version
run: |
echo "current_version=$(grep -Po '(?<=## \[)(\d\.)+[^\]]' CHANGELOG.md | head -n 1)" >> "$GITHUB_OUTPUT"
- name: Login to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Check already existing image
run: |
GHCR_TOKEN=$(echo ${{ secrets.GITHUB_TOKEN }} | base64)
# Get tags of all images from GHCR
TAGS_FULL=$(curl -H "Authorization: Bearer ${GHCR_TOKEN}" https://ghcr.io/v2/${REPO_PATH,,}/${REPO_NAME,,}/tags/list)
TAGS_LITE=$(curl -H "Authorization: Bearer ${GHCR_TOKEN}" https://ghcr.io/v2/${REPO_PATH,,}/${REPO_NAME,,}-lite/tags/list)
TAGS_LEGACY=$(curl -H "Authorization: Bearer ${GHCR_TOKEN}" https://ghcr.io/v2/${REPO_PATH,,}/${REPO_NAME,,}-legacy/tags/list)
TAGS_DEV_TOOLS=$(curl -H "Authorization: Bearer ${GHCR_TOKEN}" https://ghcr.io/v2/${REPO_PATH,,}/ledger-app-dev-tools/tags/list)
# Concatenate all tags from json fields in one string without brackets
ALL_TAGS=$(echo $TAGS_FULL $TAGS_LITE $TAGS_LEGACY $TAGS_DEV_TOOLS | jq -s '.[0].tags + .[1].tags + .[2].tags + .[3].tags' | tr -d '[]')
# Get the tag to find
TAG_TO_FIND=${{ steps.get-current-version.outputs.current_version }}
# Check if the tag to find is already present in the list of tags
if [[ "$ALL_TAGS" == *"$TAG_TO_FIND"* ]]; then
echo "An image tagged with the latest changelog version already exists on GHCR. Please update the changelog."
exit 1
else
exit 0
fi
outputs:
current_version: ${{ steps.get-current-version.outputs.current_version }}
mods_list:
name: Get modified files
runs-on: ubuntu-latest
steps:
- name: Clone
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Get changes
id: get-changes
uses: tj-actions/changed-files@v33
outputs:
modified_files: ${{ steps.get-changes.outputs.all_modified_files }}
builder_lite:
name: App Builder Lite
runs-on: ubuntu-latest
needs: [mods_list, check_changelog]
if: needs.check_changelog.result == 'success' && contains(needs.mods_list.outputs.modified_files, 'lite/Dockerfile')
permissions:
packages: write
steps:
- name: Clone
uses: actions/checkout@v3
- name: Login to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Make full image name
run: |
echo "IMAGE=${REGISTRY}/${REPO_PATH,,}/${REPO_NAME,,}-lite" >>${GITHUB_ENV}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.IMAGE }}
- name: Set-up QEMU
uses: docker/setup-qemu-action@v2
- name: Set-up Buildx
uses: docker/setup-buildx-action@v2
- name: Build and push container
uses: docker/build-push-action@v3
with:
file: lite/Dockerfile
platforms: ${{ env.BUILD_PLATFORMS }}
tags: ${{ env.IMAGE }}:${{ github.sha }},${{ env.IMAGE }}:latest,${{ env.IMAGE }}:${{ needs.check_changelog.outputs.current_version }}
labels: ${{ steps.meta.outputs.labels }}
push: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch' }}
builder_legacy:
name: App Builder Legacy
runs-on: ubuntu-latest
needs: [mods_list, check_changelog, builder_lite]
if: always() && needs.check_changelog.result == 'success' && (needs.builder_lite.result == 'success' || (needs.builder_lite.result == 'skipped' && contains(needs.mods_list.outputs.modified_files, 'legacy/Dockerfile')))
permissions:
packages: write
steps:
- name: Clone
uses: actions/checkout@v3
- name: Login to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Make full image name
run: |
echo "IMAGE=${REGISTRY}/${REPO_PATH,,}/${REPO_NAME,,}-legacy" >>${GITHUB_ENV}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.IMAGE }}
- name: Build and push container
uses: docker/build-push-action@v3
with:
file: legacy/Dockerfile
tags: ${{ env.IMAGE }}:${{ github.sha }},${{ env.IMAGE }}:latest,${{ env.IMAGE }}:${{ needs.check_changelog.outputs.current_version }}
labels: ${{ steps.meta.outputs.labels }}
push: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch' }}
builder:
name: App Builder
runs-on: ubuntu-latest
needs: [mods_list, check_changelog, builder_lite]
if: always() && needs.check_changelog.result == 'success' && (needs.builder_lite.result == 'success' || (needs.builder_lite.result == 'skipped' && contains(needs.mods_list.outputs.modified_files, 'full/Dockerfile')))
permissions:
packages: write
steps:
- name: Clone
uses: actions/checkout@v3
- name: Login to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Make full image name
run: |
echo "IMAGE=${REGISTRY}/${REPO_PATH,,}/${REPO_NAME,,}" >>${GITHUB_ENV}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.IMAGE }}
- name: Set-up QEMU
uses: docker/setup-qemu-action@v2
- name: Set-up Buildx
uses: docker/setup-buildx-action@v2
- name: Build and push container
uses: docker/build-push-action@v3
with:
file: full/Dockerfile
platforms: ${{ env.BUILD_PLATFORMS }}
tags: ${{ env.IMAGE }}:${{ github.sha }},${{ env.IMAGE }}:latest,${{ env.IMAGE }}:${{ needs.check_changelog.outputs.current_version }}
labels: ${{ steps.meta.outputs.labels }}
push: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch' }}
dev_tools:
name: App Developer Tools
runs-on: ubuntu-latest
needs: [mods_list, check_changelog, builder]
if: always() && needs.check_changelog.result == 'success' && (needs.builder.result == 'success' || (needs.builder.result == 'skipped' && contains(needs.mods_list.outputs.modified_files, 'dev-tools/Dockerfile')))
permissions:
packages: write
steps:
- name: Clone
uses: actions/checkout@v3
- name: Login to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Make full image name
run: |
echo "IMAGE=${REGISTRY}/${REPO_PATH,,}/ledger-app-dev-tools" >>${GITHUB_ENV}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.IMAGE }}
- name: Set-up QEMU
uses: docker/setup-qemu-action@v2
- name: Set-up Buildx
uses: docker/setup-buildx-action@v2
- name: Build and push container
uses: docker/build-push-action@v3
with:
file: dev-tools/Dockerfile
platforms: ${{ env.BUILD_PLATFORMS }}
tags: ${{ env.IMAGE }}:${{ github.sha }},${{ env.IMAGE }}:latest,${{ env.IMAGE }}:${{ needs.check_changelog.outputs.current_version }}
labels: ${{ steps.meta.outputs.labels }}
push: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch' }}