Updates docker builds to use depot.dev (#517) #11
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Artifact Release | |
| on: | |
| push: | |
| tags: | |
| - "v*.*.*" | |
| jobs: | |
| docker-backend: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| # list of Docker images to use as base name for tags | |
| images: | | |
| ghcr.io/nucleuscloud/neosync/api | |
| # generate Docker tags based on the following events/attributes | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=semver,pattern={{raw}} | |
| type=sha | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Depot CLI | |
| uses: depot/setup-action@v1 | |
| - name: Build and push | |
| uses: depot/build-push-action@v1 | |
| with: | |
| context: . | |
| file: docker/Dockerfile.backend | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| docker-backend-migrations: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| # list of Docker images to use as base name for tags | |
| images: | | |
| ghcr.io/nucleuscloud/neosync/api-migrations | |
| # generate Docker tags based on the following events/attributes | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=semver,pattern={{raw}} | |
| type=sha | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Depot CLI | |
| uses: depot/setup-action@v1 | |
| - name: Build and push | |
| uses: depot/build-push-action@v1 | |
| with: | |
| file: backend/Dockerfile.migrations | |
| context: backend | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| docker-frontend: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| # list of Docker images to use as base name for tags | |
| images: | | |
| ghcr.io/nucleuscloud/neosync/app | |
| # generate Docker tags based on the following events/attributes | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=semver,pattern={{raw}} | |
| type=sha | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Depot CLI | |
| uses: depot/setup-action@v1 | |
| - name: Build and push | |
| uses: depot/build-push-action@v1 | |
| with: | |
| context: frontend | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| docker-worker: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| # list of Docker images to use as base name for tags | |
| images: | | |
| ghcr.io/nucleuscloud/neosync/worker | |
| # generate Docker tags based on the following events/attributes | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=semver,pattern={{raw}} | |
| type=sha | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Depot CLI | |
| uses: depot/setup-action@v1 | |
| - name: Build and push | |
| uses: depot/build-push-action@v1 | |
| with: | |
| context: . | |
| file: docker/Dockerfile.worker | |
| platforms: linux/amd64,linux/arm64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| helm-backend: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - docker-backend | |
| - docker-backend-migrations | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Chart.yaml | |
| uses: mikefarah/[email protected] | |
| with: | |
| cmd: | | |
| # Recursively finds all Chart.yaml files and sets their version and appVersion to the github ref | |
| for filepath in $(find backend/charts/** -type f -name 'Chart.yaml') ; do | |
| echo "$filepath" | |
| yq -i '.version = "${{ github.ref_name }}"' "$filepath" | |
| yq -i '.appVersion = "${{ github.ref_name }}"' "$filepath" | |
| done | |
| for filepath in $(find backend/charts/*/Chart.yaml -type f -name 'Chart.yaml') ; do | |
| has_deps=$(yq -r '.dependencies[0].version' "$filepath") | |
| if [ $has_deps != null ]; then | |
| yq -i '.dependencies[].version = "${{ github.ref_name }}"' "$filepath" | |
| fi | |
| done | |
| - name: Install Helm | |
| uses: azure/setup-helm@v3 | |
| env: | |
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
| - name: Login to Helm Registry | |
| run: | | |
| echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io -u ${{ github.repository_owner }} --password-stdin | |
| - name: Package Helm Charts | |
| shell: bash | |
| run: | | |
| # Finds all root charts and packages up their dependencies | |
| find backend/charts/*/Chart.yaml -type f -name 'Chart.yaml' | sed -r 's|/[^/]+$||' | sort | uniq | xargs -L 1 helm dep up | |
| # Runs through root charts and packages them | |
| for filedir in backend/charts/*/ ; do | |
| echo "$filedir" | |
| helm package "$filedir" | |
| done | |
| - name: Helm | Publish | |
| shell: bash | |
| run: | | |
| OCI_URL="oci://ghcr.io/$GITHUB_REPOSITORY/helm" | |
| for d in ./*.tgz ; do | |
| helm push "$d" "$OCI_URL" | |
| done | |
| helm-frontend: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - docker-frontend | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Chart.yaml | |
| uses: mikefarah/[email protected] | |
| with: | |
| cmd: | | |
| # Recursively finds all Chart.yaml files and sets their version and appVersion to the github ref | |
| for filepath in $(find frontend/charts/** -type f -name 'Chart.yaml') ; do | |
| echo "$filepath" | |
| yq -i '.version = "${{ github.ref_name }}"' "$filepath" | |
| yq -i '.appVersion = "${{ github.ref_name }}"' "$filepath" | |
| done | |
| for filepath in $(find frontend/charts/*/Chart.yaml -type f -name 'Chart.yaml') ; do | |
| has_deps=$(yq -r '.dependencies[0].version' "$filepath") | |
| if [ $has_deps != null ]; then | |
| yq -i '.dependencies[].version = "${{ github.ref_name }}"' "$filepath" | |
| fi | |
| done | |
| - name: Install Helm | |
| uses: azure/setup-helm@v3 | |
| env: | |
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
| - name: Login to Helm Registry | |
| run: | | |
| echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io -u ${{ github.repository_owner }} --password-stdin | |
| - name: Package Helm Charts | |
| shell: bash | |
| run: | | |
| # Finds all root charts and packages up their dependencies | |
| find frontend/charts/*/Chart.yaml -type f -name 'Chart.yaml' | sed -r 's|/[^/]+$||' | sort | uniq | xargs -L 1 helm dep up | |
| # Runs through root charts and packages them | |
| for filedir in frontend/charts/*/ ; do | |
| echo "$filedir" | |
| helm package "$filedir" | |
| done | |
| - name: Helm | Publish | |
| shell: bash | |
| run: | | |
| OCI_URL="oci://ghcr.io/$GITHUB_REPOSITORY/helm" | |
| for d in ./*.tgz ; do | |
| helm push "$d" "$OCI_URL" | |
| done | |
| helm-worker: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - docker-worker | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Chart.yaml | |
| uses: mikefarah/[email protected] | |
| with: | |
| cmd: | | |
| # Recursively finds all Chart.yaml files and sets their version and appVersion to the github ref | |
| for filepath in $(find worker/charts/** -type f -name 'Chart.yaml') ; do | |
| echo "$filepath" | |
| yq -i '.version = "${{ github.ref_name }}"' "$filepath" | |
| yq -i '.appVersion = "${{ github.ref_name }}"' "$filepath" | |
| done | |
| for filepath in $(find worker/charts/*/Chart.yaml -type f -name 'Chart.yaml') ; do | |
| has_deps=$(yq -r '.dependencies[0].version' "$filepath") | |
| if [ $has_deps != null ]; then | |
| yq -i '.dependencies[].version = "${{ github.ref_name }}"' "$filepath" | |
| fi | |
| done | |
| - name: Install Helm | |
| uses: azure/setup-helm@v3 | |
| env: | |
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
| - name: Login to Helm Registry | |
| run: | | |
| echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io -u ${{ github.repository_owner }} --password-stdin | |
| - name: Package Helm Charts | |
| shell: bash | |
| run: | | |
| # Finds all root charts and packages up their dependencies | |
| find worker/charts/*/Chart.yaml -type f -name 'Chart.yaml' | sed -r 's|/[^/]+$||' | sort | uniq | xargs -L 1 helm dep up | |
| # Runs through root charts and packages them | |
| for filedir in worker/charts/*/ ; do | |
| echo "$filedir" | |
| helm package "$filedir" | |
| done | |
| - name: Helm | Publish | |
| shell: bash | |
| run: | | |
| OCI_URL="oci://ghcr.io/$GITHUB_REPOSITORY/helm" | |
| for d in ./*.tgz ; do | |
| helm push "$d" "$OCI_URL" | |
| done | |
| helm-top: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - docker-backend | |
| - docker-backend-migrations | |
| - docker-frontend | |
| - docker-worker | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Chart.yaml | |
| uses: mikefarah/[email protected] | |
| with: | |
| cmd: | | |
| # Recursively finds all Chart.yaml files and sets their version and appVersion to the github ref | |
| for filepath in $(find charts/** -type f -name 'Chart.yaml') ; do | |
| echo "$filepath" | |
| yq -i '.version = "${{ github.ref_name }}"' "$filepath" | |
| yq -i '.appVersion = "${{ github.ref_name }}"' "$filepath" | |
| done | |
| # for filepath in $(find charts/*/Chart.yaml -type f -name 'Chart.yaml') ; do | |
| # has_deps=$(yq -r '.dependencies[0].version' "$filepath") | |
| # if [ $has_deps != null ]; then | |
| # yq -i '.dependencies[].version = "${{ github.ref_name }}"' "$filepath" | |
| # fi | |
| # done | |
| - name: Install Helm | |
| uses: azure/setup-helm@v3 | |
| env: | |
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
| - name: Login to Helm Registry | |
| run: | | |
| echo ${{secrets.GITHUB_TOKEN}} | helm registry login ghcr.io -u ${{ github.repository_owner }} --password-stdin | |
| - name: Package Helm Charts | |
| shell: bash | |
| run: | | |
| # Finds all root charts and packages up their dependencies | |
| find charts/*/Chart.yaml -type f -name 'Chart.yaml' | sed -r 's|/[^/]+$||' | sort | uniq | xargs -L 1 helm dep up | |
| # Runs through root charts and packages them | |
| for filedir in charts/*/ ; do | |
| echo "$filedir" | |
| helm package "$filedir" | |
| done | |
| - name: Helm | Publish | |
| shell: bash | |
| run: | | |
| OCI_URL="oci://ghcr.io/$GITHUB_REPOSITORY/helm" | |
| for d in ./*.tgz ; do | |
| helm push "$d" "$OCI_URL" | |
| done | |
| cli: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: cli | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version-file: cli/go.mod | |
| cache-dependency-path: cli/go.sum | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: linux/arm64 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Fetch all tags | |
| run: git fetch --force --tags | |
| # - name: Import GPG Key | |
| # id: import_gpg | |
| # uses: crazy-max/ghaction-import-gpg@v5 | |
| # with: | |
| # gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| # passphrase: ${{ secrets.GPG_PASSPHRASE }} | |
| # fingerprint: ${{ secrets.GPG_FINGERPRINT }} | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@v5 | |
| with: | |
| distribution: goreleaser | |
| version: latest | |
| args: release --clean | |
| workdir: cli | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.PUBLISH_PAT }} # needs to be a non-action token because this also pushes to the homebrew repo | |
| # GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} | |
| AUR_KEY: ${{ secrets.AUR_PRIVATE_KEY }} |