Andreas/watchtower
1
0
Fork 0
mirror of https://github.com/containrrr/watchtower.git synced 2025-09-21 21:30:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
watchtower/.github/workflows/release.yml
Nick Fedor 062df875a4
Update docker/login-action SHA to latest
2025-02-03 22:48:39 -07:00

215 lines
6.9 KiB
YAML
Raw Blame History

name: Release (Production)
on:
workflow_dispatch: {}
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
- "**/v[0-9]+.[0-9]+.[0-9]+"
permissions:
contents: read # Needed for all jobs to checkout the repository
packages: write # For the build job to push to GHCR
attestations: write # For managing attestations in the build job
id-token: write # For OIDC token usage in the build and potentially in the renew-docs job
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: stable
- name: golangci-lint
uses: golangci/golangci-lint-action@5421a116d2bf2a1d53595d0dca7da6e18bd1cfd7
with:
version: v1.60
test:
name: Test
strategy:
matrix:
go-version:
- 1.23.x
platform:
- ubuntu-latest
- macos-latest
- windows-latest
runs-on: ${{ matrix.platform }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: 1.23.x
- name: Run tests
run: |
go test ./... -coverprofile coverage.out
build:
name: Build
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
attestations: write
id-token: write
needs:
- test
- lint
env:
CGO_ENABLED: 0
TAG: ${{ github.ref_name }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: 1.23.x
- name: Login to Docker Hub
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GHCR
uses: docker/login-action@327cd5a69de6c009b9ce71bce8395f28e651bf99 # v3.3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build
uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1
with:
version: v0.155.0
args: --debug
env:
GITHUB_TOKEN: ${{ secrets.BOT_GHCR_PAT }}
- name: Enable experimental docker features
run: |
mkdir -p ~/.docker/ && \
echo '{"experimental": "enabled"}' > ~/.docker/config.json
- name: Create GHCR manifests for version and latest and push to GHCR
env:
GHCR_USER: ${{ secrets.BOT_USERNAME }}
GHCR_TOKEN: ${{ secrets.BOT_GHCR_PAT }}
run: |
echo $GHCR_TOKEN | docker login ghcr.io -u $GHCR_USER --password-stdin && \
export DH_TAG=$(git tag --points-at HEAD | sed 's/^v*//') && \
# Create latest manifest
docker manifest create \
ghcr.io/nicholas-fedor/watchtower:latest \
ghcr.io/nicholas-fedor/watchtower:amd64-latest \
ghcr.io/nicholas-fedor/watchtower:i386-latest \
ghcr.io/nicholas-fedor/watchtower:armhf-latest \
ghcr.io/nicholas-fedor/watchtower:arm64v8-latest
# Create versioned manifest
docker manifest create \
ghcr.io/nicholas-fedor/watchtower:$DH_TAG \
ghcr.io/nicholas-fedor/watchtower:amd64-$DH_TAG \
ghcr.io/nicholas-fedor/watchtower:i386-$DH_TAG \
ghcr.io/nicholas-fedor/watchtower:armhf-$DH_TAG \
ghcr.io/nicholas-fedor/watchtower:arm64v8-$DH_TAG
# Latest manifest annotation
# for REPO in '' ghcr.io/ ; do
# docker manifest annotate \
# ${REPO}nicholas-fedor/watchtower:latest \
# ${REPO}nicholas-fedor/watchtower:i386-latest \
# --os linux \
# --arch 386
# docker manifest annotate \
# ${REPO}nicholas-fedor/watchtower:latest \
# ${REPO}nicholas-fedor/watchtower:armhf-latest \
# --os linux \
# --arch arm
# docker manifest annotate \
# ${REPO}nicholas-fedor/watchtower:latest \
# ${REPO}nicholas-fedor/watchtower:arm64v8-latest \
# --os linux \
# --arch arm64 \
# --variant v8
# done
# Versioned manifest annotation
# for REPO in '' ghcr.io/ ; do
# docker manifest annotate \
# ${REPO}nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') \
# ${REPO}nicholas-fedor/watchtower:i386-$(echo $TAG | sed 's/^v*//') \
# --os linux \
# --arch 386
# docker manifest annotate \
# ${REPO}nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') \
# ${REPO}nicholas-fedor/watchtower:armhf-$(echo $TAG | sed 's/^v*//') \
# --os linux \
# --arch arm
# docker manifest annotate \
# ${REPO}nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') \
# ${REPO}nicholas-fedor/watchtower:arm64v8-$(echo $TAG | sed 's/^v*//') \
# --os linux \
# --arch arm64 \
# --variant v8
# done
# Push manifests to GHCR
docker manifest push ghcr.io/nicholas-fedor/watchtower:latest
docker manifest push ghcr.io/nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//')
- name: Create Docker Hub manifests for version and latest and push to Docker Hub
env:
DOCKER_USER: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
run: |
echo $DOCKER_TOKEN | docker login -u $DOCKER_USER --password-stdin && \
export DH_TAG=$(git tag --points-at HEAD | sed 's/^v*//') && \
# Create latest manifest
docker manifest create \
nickfedor/watchtower:latest \
nickfedor/watchtower:amd64-latest \
nickfedor/watchtower:i386-latest \
nickfedor/watchtower:armhf-latest \
nickfedor/watchtower:arm64v8-latest
# Create versioned manifest
docker manifest create \
nickfedor/watchtower:$DH_TAG \
nickfedor/watchtower:amd64-$DH_TAG \
nickfedor/watchtower:i386-$DH_TAG \
nickfedor/watchtower:armhf-$DH_TAG \
nickfedor/watchtower:arm64v8-$DH_TAG
# Push manifests to Docker Hub
docker manifest push nickfedor/watchtower:latest
docker manifest push nickfedor/watchtower:$(echo $TAG | sed 's/^v*//')
renew-docs:
name: Refresh pkg.go.dev
needs: build
runs-on: ubuntu-latest
steps:
- name: Pull new module version
uses: nicholas-fedor/go-proxy-pull-action@be8fbcee83b723a2737534664314c7bb0d537701 #master@v1.0.0
Reference in a new issue View git blame Copy permalink