chore(deps): update alpine/helm docker tag to v3.14.2 (main) #204
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Push mimir-build-image | |
# configure trigger by pull request | |
on: | |
pull_request: | |
types: [opened, synchronize] | |
paths: | |
- mimir-build-image/Dockerfile | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number }} | |
cancel-in-progress: true | |
jobs: | |
build_and_push: | |
runs-on: ubuntu-latest | |
permissions: | |
# Allow pushing to the GitHub repo for collaborators, forks should remain read-only | |
contents: write | |
# Allow PR modification for collaborators, forks should remain read-only | |
pull-requests: write | |
# We want to allow running github actions for all contributors, but don't want all contributors to be able to | |
# publish new build images just by sending the PR. Hence this change. | |
if: ${{ contains(fromJSON('["OWNER", "MEMBER"]'), github.event.pull_request.author_association )}} || github.actor == 'renovate[bot]' | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
- name: Checkout Pull Request Branch | |
run: gh pr checkout ${{ github.event.pull_request.number }} | |
env: | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
- name: Setup QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Prepare Variables | |
id: prepare | |
run: | | |
echo "path=mimir-build-image/Dockerfile" >> $GITHUB_OUTPUT | |
main_build_image=$(make print-build-image) | |
main_image_tag=$(echo $main_build_image | cut -d ':' -f 2) | |
image_name=$(echo $main_build_image | cut -d ':' -f 1) | |
echo "image=$image_name" >> $GITHUB_OUTPUT | |
echo "main_image_tag=$main_image_tag" >> $GITHUB_OUTPUT | |
- name: Compute Image Tag | |
id: compute_hash | |
run: | | |
current_hash=$(md5sum ${{ steps.prepare.outputs.path }} | awk '{print substr($1, 0, 10)}') | |
echo "the file path is ${{ steps.prepare.outputs.path }}" | |
echo "build tag is $current_hash" | |
tag="pr${{ github.event.pull_request.number }}-$current_hash" | |
echo "tag=$tag" >> $GITHUB_OUTPUT | |
- name: Check Should Build Image | |
id: check_build | |
run: | | |
echo "Checking if image should be built" | |
if skopeo inspect --raw "docker://${{ steps.prepare.outputs.image }}:${{ steps.compute_hash.outputs.tag }}" >/dev/null 2>&1; then | |
echo "build=false" >> $GITHUB_OUTPUT | |
echo "Tag ${{ steps.compute_hash.outputs.tag }} exists" | |
else | |
echo "Tag ${{ steps.compute_hash.outputs.tag }} does not exist" | |
echo "build=true" >> $GITHUB_OUTPUT | |
fi | |
- name: Add Comment to the PR | |
id: notification | |
run: | | |
if [ ${{ steps.check_build.outputs.build }} == 'true' ]; then | |
gh pr comment $PR_NUMBER --body "**Building new version of mimir-build-image**. After image is built and pushed to Docker Hub, \ | |
a new commit will automatically be added to this PR with new image version \`$IMAGE:$TAG\`. This can take up to 1 hour." | |
else | |
echo "This PR will not trigger a build of mimir-build-image" | |
gh pr comment $PR_NUMBER --body "**Not building new version of mimir-build-image**. This PR modifies \`mimir-build-image/Dockerfile\`, but the image \`$IMAGE:$TAG\` already exists." | |
fi | |
env: | |
PR_NUMBER: ${{ github.event.pull_request.number }} | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
TAG: ${{ steps.compute_hash.outputs.tag }} | |
IMAGE: ${{ steps.prepare.outputs.image }} | |
- name: Build and Push Docker Image | |
if: steps.check_build.outputs.build == 'true' | |
run: | | |
echo "Building and Pushing Docker Image" | |
make push-multiarch-build-image IMAGE_TAG=${{ steps.compute_hash.outputs.tag }} | |
- name: Compare built tag with Makefile | |
id: compare_tag | |
run: | | |
echo "Comparing built tag with Makefile" | |
if [ ${{ steps.compute_hash.outputs.tag }} == "$(make print-build-image)" ]; then | |
echo "Built tag is the same as the one in Makefile" | |
echo "isDifferent=false" >> $GITHUB_OUTPUT | |
else | |
echo "Built tag is different from the one in Makefile" | |
echo "isDifferent=true" >> $GITHUB_OUTPUT | |
fi | |
- name: Add commit to PR in order to update Build Image version | |
if: steps.compare_tag.outputs.isDifferent == 'true' | |
run: | | |
echo "Get current Build Image Version" | |
echo "Current Build Image Version is $MAIN_TAG" | |
echo "Built Image Version is $TAG" | |
if [ "$MAIN_TAG" = "$TAG" ]; then | |
echo "Build Image Version is already up to date" | |
else | |
echo "Build Image Version is not up to date" | |
sed -i "s/$MAIN_TAG/${{ steps.compute_hash.outputs.tag }}/g" Makefile | |
git config --global user.email "${{ github.event.pull_request.user.login }}@users.noreply.github.com" | |
git config --global user.name "${{ github.event.pull_request.user.login }}" | |
git add Makefile | |
git commit -m "Update build image version to ${{ steps.compute_hash.outputs.tag }}" | |
git push origin HEAD | |
fi | |
env: | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
TAG: ${{ steps.compute_hash.outputs.tag }} | |
MAIN_TAG: ${{ steps.prepare.outputs.main_image_tag }} |