From d5fc819ffaf8d2cb8f6e57561e19aa80e3be8581 Mon Sep 17 00:00:00 2001 From: tnfAngel <57068341+tnfAngel@users.noreply.github.com> Date: Tue, 16 Apr 2024 09:02:05 +0100 Subject: [PATCH] github actions --- .github/dependabot.yml | 9 +++++ .github/workflows/container.yml | 67 +++++++++++++++++++++++++++++++++ .github/workflows/pipelines.yml | 33 ++++++++++++++++ 3 files changed, 109 insertions(+) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/container.yml create mode 100644 .github/workflows/pipelines.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..881cb2d --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,9 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: '/' + target-branch: dev + schedule: + interval: daily + labels: + - dependency:gha diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml new file mode 100644 index 0000000..6ac4d9a --- /dev/null +++ b/.github/workflows/container.yml @@ -0,0 +1,67 @@ +name: 'CD -> Container' + +on: + workflow_dispatch: + push: + branches: + - stable + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: false + +permissions: + contents: read + +jobs: + build: + name: 'Build & publish container image' + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + packages: write + + env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + + steps: + - name: 'Checkout' + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: 'Setup tags' + id: setup-tags + run: | + TIMESTAMP="$(date +%Y.%m.%d)" + SHA_SHORT="${GITHUB_SHA::7}" + + TAGS=() + TAGS+=("latest") + TAGS+=("${GITHUB_SHA}") + TAGS+=("${TIMESTAMP}-${SHA_SHORT}") + + echo "build-tags=${TAGS[*]}" >> $GITHUB_OUTPUT + + - name: 'Build image' + id: build-image + uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # master + with: + archs: amd64 + containerfiles: Dockerfile + image: ${{ env.IMAGE_NAME }} + layers: true + tags: ${{ steps.setup-tags.outputs.build-tags }} + + - name: 'Push to GHCR' + uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2.8 + env: + REGISTRY_USER: ${{ github.actor }} + REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} + + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + registry: ${{ env.REGISTRY }} + username: ${{ env.REGISTRY_USER }} + password: ${{ env.REGISTRY_PASSWORD }} diff --git a/.github/workflows/pipelines.yml b/.github/workflows/pipelines.yml new file mode 100644 index 0000000..f5777f8 --- /dev/null +++ b/.github/workflows/pipelines.yml @@ -0,0 +1,33 @@ +name: 'CI -> Pipeline' + +on: + pull_request: + branches: [stable] + types: [opened, synchronize] + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + contents: read + +jobs: + lint: + name: 'Lint' + runs-on: ubuntu-22.04 + permissions: write-all + steps: + - name: 'Checkout' + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 + with: + persist-credentials: false + + - name: 'Setup Bun' + uses: oven-sh/setup-bun@8f24390df009a496891208e5e36b8a1de1f45135 # v1.2.1 + + - name: 'Setup dependencies' + run: bun install --frozen-lockfile + + - name: 'Run lint' + run: bun run lint \ No newline at end of file