Build Portal Images #136
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Portal Images | |
| on: | |
| push: | |
| branches: ['develop'] | |
| workflow_dispatch: | |
| inputs: | |
| specific_group: | |
| description: 'Build specific group (empty for all)' | |
| required: false | |
| type: string | |
| env: | |
| YQ_VERSION: v4.40.5 | |
| XPORTAL_VERSION: v0.2.13 | |
| XCADDY_VERSION: v0.4.4 | |
| CADDY_VERSION: v2.9.0 | |
| GO_VERSION: '1.22' | |
| jobs: | |
| prepare: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix: ${{ steps.set-matrix.outputs.matrix }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # Cache the entire tools directory | |
| - name: Cache tools | |
| id: cache-tools | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| /usr/local/bin/yq | |
| ~/go/bin/jq | |
| key: ${{ runner.os }}-tools-${{ env.YQ_VERSION }} | |
| - name: Install yq | |
| if: steps.cache-tools.outputs.cache-hit != 'true' | |
| run: | | |
| gh release download ${{ env.YQ_VERSION }} --repo mikefarah/yq --pattern 'yq_linux_amd64' --output /usr/local/bin/yq | |
| chmod +x /usr/local/bin/yq | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| - name: Get matrix | |
| id: set-matrix | |
| run: | | |
| FILTER='to_entries | map(select(.value.plugins != null)) | map({group: .key, plugins: .value.plugins, version: (.value.version // "latest")})' | |
| if [ "${{ inputs.specific_group }}" != "" ]; then | |
| FILTER="$FILTER | map(select(.group == \"${{ inputs.specific_group }}\"))" | |
| fi | |
| echo "matrix=$(yq -o=j '.groups' groups.yaml | jq -c "{include: ($FILTER)}" | jq -c .include)" >> $GITHUB_OUTPUT | |
| build-caddy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| # Cache Go modules | |
| - name: Go Modules Cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go-${{ env.GO_VERSION }}- | |
| - name: Cache xcaddy | |
| id: cache-xcaddy | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/go/bin/xcaddy | |
| key: ${{ runner.os }}-xcaddy-${{ env.XCADDY_VERSION }}-${{ env.GO_VERSION }} | |
| - name: Install xcaddy | |
| if: steps.cache-xcaddy.outputs.cache-hit != 'true' | |
| run: | | |
| GOSUMDB=off GOPROXY=direct go install github.com/caddyserver/xcaddy/cmd/xcaddy@${{ env.XCADDY_VERSION }} | |
| - name: Cache Caddy build | |
| id: cache-caddy | |
| uses: actions/cache@v4 | |
| with: | |
| path: ./caddy | |
| key: caddy-${{ runner.os }}-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') || 'no-deps' }}-2.9 | |
| - name: Build Caddy | |
| if: steps.cache-caddy.outputs.cache-hit != 'true' | |
| run: | | |
| CADDY_VERSION=${{ env.CADDY_VERSION }} GOPROXY=direct xcaddy build \ | |
| --with github.com/techknowlogick/certmagic-s3 \ | |
| --with github.com/anxuanzi/caddy-dns-ClouDNS \ | |
| --replace github.com/anxuanzi/libdns-cloudns=github.com/LumeWeb/libdns-cloudns@master \ | |
| --output ./caddy | |
| - name: Upload Caddy artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: caddy-binary | |
| path: ./caddy | |
| retention-days: 1 | |
| build: | |
| needs: [prepare, build-caddy] | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 45 | |
| strategy: | |
| matrix: | |
| include: ${{ fromJSON(needs.prepare.outputs.matrix) }} | |
| fail-fast: false | |
| permissions: | |
| packages: write | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v4 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache: true | |
| cache-dependency-path: go.sum | |
| - name: Download Caddy artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: caddy-binary | |
| path: ./caddy-bin | |
| - name: Prepare Caddy binary | |
| run: | | |
| chmod +x ./caddy-bin/caddy | |
| mv ./caddy-bin/caddy ./caddy | |
| # Cache Go modules for main build | |
| - name: Go Modules Cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: ${{ runner.os }}-go-build-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go-build-${{ env.GO_VERSION }}- | |
| - name: Cache xportal binary | |
| id: cache-xportal | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/go/bin/xportal | |
| key: ${{ runner.os }}-xportal-${{ env.XPORTAL_VERSION }}-${{ env.GO_VERSION }} | |
| - name: Install xportal with retry | |
| if: steps.cache-xportal.outputs.cache-hit != 'true' | |
| uses: nick-fields/retry@v2 | |
| with: | |
| timeout_minutes: 10 | |
| max_attempts: 3 | |
| retry_wait_seconds: 30 | |
| command: | | |
| GOSUMDB=off GOPROXY=direct go install go.lumeweb.com/xportal/cmd/xportal@${{ env.XPORTAL_VERSION }} | |
| # Build portal | |
| - name: Build portal with retry | |
| if: steps.cache-portal.outputs.cache-hit != 'true' | |
| uses: nick-fields/retry@v2 | |
| with: | |
| timeout_minutes: 15 | |
| max_attempts: 3 | |
| retry_wait_seconds: 60 | |
| command: | | |
| PLUGINS=$(echo '${{ toJSON(matrix.plugins) }}' | jq -r 'join(" --with ")') | |
| GOPROXY=direct XPORTAL_DISABLE_CGO=1 PORTAL_VERSION="${{ matrix.version }}" xportal build --with $PLUGINS | |
| # Cache Docker layers using GitHub cache | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| buildkitd-flags: --debug | |
| driver-opts: | | |
| image=moby/buildkit:v0.12.0 | |
| network=host | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set lowercase names | |
| id: names | |
| run: | | |
| echo "repo=${GITHUB_REPOSITORY,,}" >> $GITHUB_OUTPUT | |
| echo "group=${MATRIX_GROUP,,}" >> $GITHUB_OUTPUT | |
| env: | |
| MATRIX_GROUP: ${{ matrix.group }} | |
| # Use multi-level caching for Docker | |
| - name: Build and push Docker image with retry | |
| uses: nick-fields/retry@v2 | |
| with: | |
| timeout_minutes: 15 | |
| max_attempts: 3 | |
| retry_wait_seconds: 60 | |
| command: | | |
| docker buildx build \ | |
| --push \ | |
| --cache-from type=gha,scope=docker-${{ matrix.group }} \ | |
| --cache-from type=registry,ref=ghcr.io/${{ steps.names.outputs.repo }}:${{ steps.names.outputs.group }} \ | |
| --cache-to type=gha,mode=max,scope=docker-${{ matrix.group }} \ | |
| --build-arg BUILDKIT_INLINE_CACHE=1 \ | |
| --tag ghcr.io/${{ steps.names.outputs.repo }}:${{ steps.names.outputs.group }} \ | |
| . |