Skip to content

package builder release #382

package builder release

package builder release #382

Workflow file for this run

name: package builder release
permissions: read-all
on:
workflow_dispatch:
inputs:
version:
description: version
required: true
files:
required: true
type: boolean
pip:
required: true
type: boolean
docker:
required: true
type: boolean
docker_old:
required: true
type: boolean
jobs:
get_date:
runs-on: ubuntu-20.04
if: ${{ inputs.files}}
name: get_date
steps:
- name: Get current date
id: date
run: echo "date=$(date +'%Y.%m.%d')_$(date +%s| tail -c 7)" >> $GITHUB_OUTPUT
outputs:
date: ${{ steps.date.outputs.date}}
get_commit:
runs-on: ubuntu-20.04
outputs:
long: ${{ steps.commit.outputs.long}}
short: ${{ steps.commit.outputs.short}}
hash: ${{ steps.commit.outputs.hash}}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{inputs.version}}
- name: commit
uses: pr-mpt/actions-commit-hash@v2
id: commit
create_version:
needs: [get_date, get_commit]
runs-on: ubuntu-20.04
if: ${{ inputs.files}}
name: create version doc
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: update line
run: sed -i -e s/'>=3.7.0,<4'/'>=3.7.0,<3.13'/ pyproject.toml
- name: Set up Python 3.11.5
uses: actions/setup-python@v4
with:
python-version: 3.11.5
- name: install dunamai
run: pip install dunamai
- name: replace_version
run: |
sed -i -e s/'[^ ]*hardcoded.*None'/__hardcoded__="\"$(dunamai from git --format "{base}" --pattern "(?P<base>\d+\.\d+\.((\d+\.\w+)|\w+))")\""/ ofscraper/__version__.py
- name: show file
run: cat ofscraper/__version__.py
- name: upload release file
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/upload-artifact@v4
with: |
name: ofscraper_version_${{needs.get_date.outputs.date}}
path: /home/runner/work/OF-Scraper/OF-Scraper/ofscraper/__version__.py
linux_file:
needs: [create_version, get_date, get_commit]
runs-on: ubuntu-20.04
name: create linux release file
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: list files
run: ls -d $PWD/*
- name: list files2
run: ls -d $PWD/ofscraper/*
- name: replace version.py
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_version_${{needs.get_date.outputs.date}}
path: ofscraper
- name: create one file
uses: addnab/docker-run-action@v3
with:
image: datawhores/ubuntu:latest
options: -v ${{ github.workspace }}:/root/work
shell: bash
run: |
cd work
rm -rf ./ofscraper/dist
rm -rf ./ofscraper/build
apt-get install zip libxml2-dev libxslt-dev -y
python3.11 -m venv .venv
source .venv/bin/activate
python3.11 -m pip install pyinstaller==6.4.0
/root/.local/bin/poetry install
echo "ls files"
ls .
echo "test ofscraper"
ofscraper -h
echo "install run pyinstaller dir"
pyinstaller ./ofscraper/__main__.py --name "ofscraper_linux_${{inputs.version}}" --onefile
echo "list files dir"
ls dist
- name: upload one file
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/upload-artifact@v4
with: |
name: ofscraper_linux_${{needs.get_date.outputs.date}}
path: "dist/ofscraper_linux_${{inputs.version}}"
overwrite: true
linux_dir:
needs: [create_version, get_date, get_commit]
runs-on: ubuntu-20.04
name: create linux release zip
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: list files
run: ls -d $PWD/*
- name: list files2
run: ls -d $PWD/ofscraper/*
- name: replace version.py
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_version_${{needs.get_date.outputs.date}}
path: ofscraper
- name: create zip
uses: addnab/docker-run-action@v3
with:
image: datawhores/ubuntu:latest
options: -v ${{ github.workspace }}:/root/work
shell: bash
run: |
cd work
rm -rf ./ofscraper/dist
rm -rf ./ofscraper/build
apt-get install zip libxml2-dev libxslt-dev -y
python3.11 -m venv .venv
source .venv/bin/activate
python3.11 -m pip install pyinstaller==6.4.0
/root/.local/bin/poetry install
echo "ls files"
ls .
echo "test ofscraper"
ofscraper -h
echo "run pyinstaller dir"
pyinstaller ./ofscraper/__main__.py --name "ofscraper_linux_${{inputs.version}}"
echo "list one dir"
ls dist
zip -r "dist/ofscraper_linux_${{inputs.version}}.zip" "dist/ofscraper_linux_${{inputs.version}}"
- name: upload one file
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/upload-artifact@v4
with: |
name: "ofscraper_linux_zip_${{needs.get_date.outputs.date}}"
path: "dist/ofscraper_linux_${{inputs.version}}.zip"
overwrite: true
windows_dir:
needs: [create_version, get_date, get_commit]
runs-on: windows-latest
name: create windows release zip
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: list files
run: ls .
- name: list files2
run: ls ofscraper
- name: commit
uses: pr-mpt/actions-commit-hash@v2
id: commit
- name: replace version.py
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_version_${{needs.get_date.outputs.date}}
path: ofscraper
- name: Set up Python 3.11.5
uses: actions/setup-python@v5
with:
python-version: 3.11.5
- name: install poetry
uses: abatilo/actions-poetry@v2
with:
poetry-version: 1.4.1
- name: create virtualenv
run: python3 -m venv .venv
- name: install ofscraper windows
run: |
.venv\Scripts\activate.bat
pip install .
.venv\Scripts\deactivate.bat
- name: Install pyinstaller
run: |
.venv\Scripts\activate.bat
pip install pyinstaller==6.4.0
.venv\Scripts\deactivate.bat
- name: test ofscraper
run: |
.venv\Scripts\activate.bat
ofscraper -h
- name: create-dir
id: create-dir
run: |
.venv\Scripts\activate.bat
pyinstaller ofscraper\__main__.py --collect-submodules ofscraper --name "ofscraper_windows_${{inputs.version}}" --paths . --clean --log DEBUG
continue-on-error: true
- name: create-dir2
if: steps.create-dir.outcome != 'success'
run: |
.venv\Scripts\activate.bat
pyinstaller .venv/Scripts/ofscraper --collect-submodules ofscrape --name "ofscraper_windows_${{inputs.version}}" --paths ofscraper --clean --log DEBUG
- uses: vimtor/action-zip@v1
with:
files: "dist/ofscraper_windows_${{inputs.version}}"
dest: "dist/ofscraper_windows_${{inputs.version}}.zip"
- name: upload one file
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/upload-artifact@v4
with: |
name: ofscraper_windows_zip_${{needs.get_date.outputs.date}}
path: "dist/ofscraper_windows_${{inputs.version}}.zip"
overwrite: true
windows_file:
needs: [create_version, get_date, get_commit]
runs-on: windows-latest
name: create windows release file
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: list files
run: ls .
- name: list files2
run: ls ofscraper
- name: replace version.py
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_version_${{needs.get_date.outputs.date}}
path: ofscraper
- name: Set up Python 3.11.5
uses: actions/setup-python@v5
with:
python-version: 3.11.5
- name: install poetry
uses: abatilo/actions-poetry@v2
with:
poetry-version: 1.4.1
- name: create virtualenv
run: python3 -m venv .venv
- name: install ofscraper windows
run: |
.venv\Scripts\activate.bat
pip install .
.venv\Scripts\deactivate.bat
- name: Install pyinstaller
run: |
.venv\Scripts\activate.bat
pip install pyinstaller==6.4.0
.venv\Scripts\deactivate.bat
- name: test ofscraper
run: ofscraper -h
- name: create-one-file
id: create-one-file
run: |
.venv\Scripts\activate.bat
pyinstaller ofscraper\__main__.py --collect-submodules ofscraper --onefile --name "ofscraper_windows_${{inputs.version}}" -p ofscraper --clean --log DEBUG
.venv\Scripts\deactivate.bat
continue-on-error: true
- name: create-one-file2
if: steps.create-one-file.outcome != 'success'
run: |
.venv\Scripts\activate.bat
pyinstaller .venv/Scripts/ofscraper --onefile --collect-submodules ofscraper --name "ofscraper_windows_${{inputs.version}}" -p ofscraper --clean --log DEBUG
.venv\Scripts\deactivate.bat
- name: upload one file
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/upload-artifact@v4
with: |
path: "dist/ofscraper_windows_${{inputs.version}}.exe"
name: ofscraper_windows_${{needs.get_date.outputs.date}}
overwrite: true
mac_file:
needs: [create_version, get_date, get_commit]
runs-on: macos-latest
name: create mac release file
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: list files
run: ls -d $PWD/*
- name: list files2
run: ls -d $PWD/ofscraper/*
- name: replace version.py
uses: Wandalen/wretry.action@master
with:
action: actions/download-artifact@v4
attempt_limit: 3
with: |
name: ofscraper_version_${{needs.get_date.outputs.date}}
path: ofscraper
- name: Set up Python 3.11.5
uses: actions/setup-python@v5
with:
python-version: 3.11.5
- name: create virtualenv
run: python3 -m venv .venv
- name: install poetry
uses: abatilo/actions-poetry@v2
with:
poetry-version: 1.4.1
- name: Install package
run: |
source .venv/bin/activate
pip install . -vvv
deactivate
- name: Install pyinstaller
run: |
source .venv/bin/activate
pip install pyinstaller==6.4.0
deactivate
- name: test ofscraper
run: |
export PATH=$PATH:/usr/local/bin
/Users/runner/work/OF-Scraper/OF-Scraper/.venv/bin/ofscraper -h
- name: create-one-file
id: create-one-file
run: |
rm -rf dist
rm -rf build
source .venv/bin/activate
export PATH=$PATH:/usr/local/bin
pyinstaller /Users/runner/work/OF-Scraper/OF-Scraper/ofscraper/__main__.py --collect-submodules /Users/runner/work/OF-Scraper/OF-Scraper/.venv/bin/ofscraper --onefile --name "ofscraper_macos_${{inputs.version}}"
deactivate
continue-on-error: true
- name: create-one-file2
id: create-one-file2
if: steps.create-one-file.outcome != 'success'
run: |
rm -rf dist
rm -rf build
source .venv/bin/activate
poetry run pyinstaller .venv/bin/ofscraper --onefile --name "ofscraper_macos_${{inputs.version}}"
deactivate
- name: upload one file
uses: Wandalen/wretry.action@master
with:
action: actions/upload-artifact@v4
attempt_limit: 3
with: |
name: ofscraper_macos_${{needs.get_date.outputs.date}}
path: "dist/ofscraper_macos_${{inputs.version}}"
overwrite: true
mac_dir:
needs: [create_version, get_date, get_commit]
runs-on: macos-latest
name: create mac release zip
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: list files
run: ls -d $PWD/*
- name: list files2
run: ls -d $PWD/ofscraper/*
- name: replace version.py
uses: Wandalen/wretry.action@master
with:
action: actions/download-artifact@v4
attempt_limit: 3
with: |
name: ofscraper_version_${{needs.get_date.outputs.date}}
path: ofscraper
- name: Set up Python 3.11.5
uses: actions/setup-python@v5
with:
python-version: 3.11.5
- name: create virtualenv
run: python3 -m venv .venv
- name: install poetry
uses: abatilo/actions-poetry@v2
with:
poetry-version: 1.4.1
- name: Install package
run: |
source .venv/bin/activate
pip install . -vvv
deactivate
- name: Install pyinstaller
run: |
source .venv/bin/activate
pip install pyinstaller==6.4.0
deactivate
- name: test ofscraper
run: |
export PATH=$PATH:/usr/local/bin
/Users/runner/work/OF-Scraper/OF-Scraper/.venv/bin/ofscraper -h
- name: create-dir
id: create-dir
run: |
rm -rf dist
rm -rf build
source .venv/bin/activate
pyinstaller /Users/runner/work/OF-Scraper/OF-Scraper/ofscraper/__main__.py --name "ofscraper_macos_${{inputs.version}}"
deactivate
continue-on-error: true
- name: create-dir2
id: create-dir2
if: steps.create-dir.outcome != 'success'
run: |
rm -rf dist
rm -rf build
source .venv/bin/activate
poetry run pyinstaller .venv/bin/ofscraper --name "ofscraper_macos_${{inputs.version}}"
deactivate
- uses: vimtor/action-zip@v1
with:
files: "dist/ofscraper_macos_${{inputs.version}}"
dest: "dist/ofscraper_macos_${{inputs.version}}.zip"
- name: upload one file
uses: Wandalen/wretry.action@master
with:
action: actions/upload-artifact@v4
with: |
name: ofscraper_macos_zip_${{needs.get_date.outputs.date}}
path: "dist/ofscraper_macos_${{inputs.version}}.zip"
overwrite: true
publish_release:
runs-on: ubuntu-latest
name: publish
needs:
[
get_commit,
get_date,
linux_dir,
linux_file,
windows_dir,
windows_file,
mac_file,
mac_dir,
]
permissions:
contents: write
steps:
- name: download linux
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_linux_${{needs.get_date.outputs.date}}
- name: download linux zip
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_linux_zip_${{needs.get_date.outputs.date}}
- name: download mac
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_macos_${{needs.get_date.outputs.date}}
- name: download mac zip
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_macos_zip_${{needs.get_date.outputs.date}}
- name: download windows
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_windows_${{needs.get_date.outputs.date}}
- name: download windows zip
uses: Wandalen/wretry.action@master
with:
attempt_limit: 3
action: actions/download-artifact@v4
with: |
name: ofscraper_windows_zip_${{needs.get_date.outputs.date}}
- name: show files
run: ls /home/runner/work/OF-Scraper/OF-Scraper
- name: upload package
uses: ncipollo/release-action@v1
with:
artifacts: /home/runner/work/OF-Scraper/OF-Scraper/ofscraper_*
tag: "${{inputs.version}}"
allowUpdates: True
omitBodyDuringUpdate: True
omitDraftDuringUpdate: True
commit: "${{needs.get_commit.outputs.long}}"
pypi:
needs: [get_commit]
if: ${{ inputs.pip}}
runs-on: ubuntu-latest
name: create pypi
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: Set up Python 3.11.5
uses: actions/setup-python@v4
with:
python-version: 3.11.5
- name: 🐍 Install dependencies
run: |
pip install poetry-dynamic-versioning
pip install dunamai
- name: Install Poetry
uses: snok/install-poetry@v1
- name: Build
run: |
poetry version $(dunamai from git --format "{base}" --pattern="(?P<base>\d+\.\d+\.((\d+\.\w+)|\w+))")
poetry build
- name: Push to pypi
env:
PYPI_TOKEN: ${{ secrets.pypi }}
run: |
poetry config pypi-token.pypi $PYPI_TOKEN
poetry publish
docker:
needs: [get_commit]
if: ${{ inputs.docker}}
runs-on: ubuntu-latest
name: DockerHub Release
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: get tag
run: echo release=$(git describe --tags `git rev-list --tags --max-count=1`) >> $GITHUB_ENV
- name: Setup Docker buildx
uses: docker/setup-buildx-action@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
#Install the cosign tool except on PR
#https://github.com/sigstore/cosign-installer
- name: Install cosign
uses: sigstore/cosign-installer@main #v2.6.0
with:
cosign-release: v1.13.1
#Login against a Docker registry except on PR
#https://github.com/docker/login-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: push image to Docker Hub
id: build-and-push
uses: docker/build-push-action@v4
with:
context: .
tags: |
datawhores/of-scraper:${{ inputs.version }}
datawhores/of-scraper:latest
cache-from: type=gha
cache-to: type=gha,mode=max
push: true
- name: cosign-installer
uses: sigstore/[email protected]
- name: Write signing key to disk
run: echo "$KEY" > cosign.key
shell: bash
env:
KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
- name: Sign the published Docker image
env:
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
COSIGN_EXPERIMENTAL: "true"
run: echo "datawhores/of-scraper:${{ env.release }}" | xargs -I {} cosign sign --yes --key cosign.key {}@${{ steps.build-and-push.outputs.digest }}
# # Sign the resulting Docker image digest except on PRs.
# # This will only write to the public Rekor transparency log when the Docker
# # repository is public to avoid leaking data. If you would like to publish
# # transparency data even for private images, pass --force to cosign below.
# # https://github.com/sigstore/cosign
# - name: Sign the published Docker image
# env:
# COSIGN_EXPERIMENTAL: "true"
# # This step uses the identity token to provision an ephemeral certificate
# # against the sigstore community Fulcio instance.
# run: echo "datawhores/of-scraper:${{ env.release }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }}
#Login against a Docker registry except on PR
#https://github.com/docker/login-action
github_docker:
needs: [get_commit]
if: ${{ inputs.docker}}
runs-on: ubuntu-latest
name: Docker GHCR Release
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: get tag
run: echo release=$(git describe --tags `git rev-list --tags --max-count=1`) >> $GITHUB_ENV
- name: Setup Docker buildx
uses: docker/setup-buildx-action@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
#Install the cosign tool except on PR
#https://github.com/sigstore/cosign-installer
- name: Install cosign
uses: sigstore/cosign-installer@main #v2.6.0
with:
cosign-release: v1.13.1
#Login against a Docker registry except on PR
#https://github.com/docker/login-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: login to ghcr
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN}}
# Extract metadata (tags, labels) for Docker
- name: push image to ghcr
id: build-and-push2
uses: docker/build-push-action@v4
with:
context: .
tags: |
ghcr.io/datawhores/of-scraper:${{ inputs.version }}
ghcr.io/datawhores/of-scraper:latest
cache-from: type=gha
cache-to: type=gha,mode=max
push: true
docker_old:
needs: [get_commit]
if: ${{ inputs.docker_old}}
runs-on: ubuntu-latest
name: DockerHub Release Old
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: get tag
run: echo release=$(git describe --tags `git rev-list --tags --max-count=1`) >> $GITHUB_ENV
- name: Setup Docker buildx
uses: docker/setup-buildx-action@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
#Install the cosign tool except on PR
#https://github.com/sigstore/cosign-installer
- name: Install cosign
uses: sigstore/cosign-installer@main #v2.6.0
with:
cosign-release: v1.13.1
#Login against a Docker registry except on PR
#https://github.com/docker/login-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: push image to Docker Hub
id: build-and-push
uses: docker/build-push-action@v4
with:
context: .
tags: |
datawhores/of-scraper:${{ inputs.version }}
cache-from: type=gha
cache-to: type=gha,mode=max
push: true
- name: cosign-installer
uses: sigstore/[email protected]
- name: Write signing key to disk
run: echo "$KEY" > cosign.key
shell: bash
env:
KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
- name: Sign the published Docker image
env:
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
COSIGN_EXPERIMENTAL: "true"
run: echo "datawhores/of-scraper:${{ env.release }}" | xargs -I {} cosign sign --yes --key cosign.key {}@${{ steps.build-and-push.outputs.digest }}
# # Sign the resulting Docker image digest except on PRs.
# # This will only write to the public Rekor transparency log when the Docker
# # repository is public to avoid leaking data. If you would like to publish
# # transparency data even for private images, pass --force to cosign below.
# # https://github.com/sigstore/cosign
# - name: Sign the published Docker image
# env:
# COSIGN_EXPERIMENTAL: "true"
# # This step uses the identity token to provision an ephemeral certificate
# # against the sigstore community Fulcio instance.
# run: echo "datawhores/of-scraper:${{ env.release }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }}
#Login against a Docker registry except on PR
#https://github.com/docker/login-action
docker_old_github:
needs: [get_commit]
if: ${{ inputs.docker_old}}
runs-on: ubuntu-latest
name: GHCR Release Old
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{inputs.version}}
- run: git checkout ${{needs.get_commit.outputs.long}}
- name: get tag
run: echo release=$(git describe --tags `git rev-list --tags --max-count=1`) >> $GITHUB_ENV
- name: Setup Docker buildx
uses: docker/setup-buildx-action@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
#Install the cosign tool except on PR
#https://github.com/sigstore/cosign-installer
- name: Install cosign
uses: sigstore/cosign-installer@main #v2.6.0
with:
cosign-release: v1.13.1
#Login against a Docker registry except on PR
#https://github.com/docker/login-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: login to ghcr
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN}}
# Extract metadata (tags, labels) for Docker
- name: push image to ghcr
id: build-and-push2
uses: docker/build-push-action@v4
with:
context: .
tags: |
ghcr.io/datawhores/of-scraper:${{ inputs.version }}
cache-from: type=gha
cache-to: type=gha,mode=max
push: true