Skip to content

WIP: Do not push end-user envs to ghcr. #2

WIP: Do not push end-user envs to ghcr.

WIP: Do not push end-user envs to ghcr. #2

Workflow file for this run

name: Build dev environments
on:
push:
schedule:
- cron: "0 0 * * *" # Run every day at 00:00 UTC.
env:
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
REGISTRY_USER: ${{ github.actor }}
REGISTRY_PASSWORD: ${{ github.token }}
# Each day, build and publish to ghcr.io:
#
# - the dangerzone.rocks/dangerzone container image
# - the dangerzone.rocks/build/{debian,ubuntu,fedora}:version
# dev environments used to run the tests
#
# End-user environments are not published to the GHCR because
# they need .rpm or .deb files to be built, which is what we
# want to test.
jobs:
build-dev-environment:
name: "Build dev-env (${{ matrix.distro }}-${{ matrix.version }})"
runs-on: ubuntu-latest
strategy:
matrix:
include:
- distro: ubuntu
version: "20.04"
- distro: ubuntu
version: "22.04"
- distro: ubuntu
version: "23.10"
- distro: ubuntu
version: "24.04"
- distro: debian
version: bullseye
- distro: debian
version: bookworm
- distro: debian
version: trixie
- distro: fedora
version: "39"
- distro: fedora
version: "40"
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Build dev environment
run: |
./dev_scripts/env.py --distro ${{ matrix.distro }} \
--version ${{ matrix.version }} \
build-dev
- name: Login to GHCR
run: |
echo ${{ github.token }} | podman login ghcr.io -u USERNAME --password-stdin
- name: Push To GHCR
run: |
podman push \
dangerzone.rocks/build/${{ matrix.distro }}:${{ matrix.version }} \
${{ env.IMAGE_REGISTRY }}/dangerzone.rocks/build/${{ matrix.distro }}:${{ matrix.version }}
build-container-image:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Get current date
id: date
run: echo "::set-output name=date::$(date +'%Y-%m-%d')"
- name: Restore container cache
uses: actions/cache@v4
with:
key: v2-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/common.py', 'dangerzone/conversion/doc_to_pixels.py', 'dangerzone/conversion/pixels_to_pdf.py') }}
path: |
share/container.tar.gz
share/image-id.txt
- name: Build Dangerzone image
run: |
if [ -f "share/container.tar.gz" ]; then
echo "Already cached, skipping"
else
sudo pip3 install poetry
python3 ./install/common/build-image.py
fi
- name: Load container image
run: |
gunzip -c share/container.tar.gz | podman load
- name: Login to GHCR
run: |
echo ${{ github.token }} | podman login ghcr.io -u USERNAME --password-stdin
- name: Push To GHCR
run: |
podman push \
dangerzone.rocks/dangerzone \
${{ env.IMAGE_REGISTRY }}/dangerzone.rocks/dangerzone