From 8c773bfde32d0981c3473995411239edbd99c5ae Mon Sep 17 00:00:00 2001 From: Son Date: Wed, 15 May 2024 09:07:49 -0400 Subject: [PATCH] docker and gh actions: fix yq permissions and add release revisions capability for gh actions --- .github/workflows/release.yml | 64 +++++++++++++++++++++++++++-------- Dockerfile | 3 +- entrypoint.sh | 7 +++- 3 files changed, 57 insertions(+), 17 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 94662bd..3d3c9e8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,9 +6,14 @@ on: # yamllint disable-line rule:truthy workflow_dispatch: jobs: - release: - name: Release - Docker image + check_versions: + name: Release - Version checking runs-on: ubuntu-latest + outputs: + base_version: ${{ steps.image.outputs.BASE_VERSION }} + revision: ${{ steps.image.outputs.REVISION }} + next_revision: ${{ steps.image.outputs.NEXT_REVISION }} + release: ${{ steps.condition.outputs.RELEASE }} steps: - name: Get latest version of SOGo id: sogo @@ -18,21 +23,53 @@ jobs: - name: Get latest version of Docker image id: image run: | - echo "VERSION=$(curl -s https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/latest | jq -r '.tag_name')" >> "$GITHUB_OUTPUT" + RAW_LATEST_RELEASE=$(curl -s https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/latest) + + VERSION=$(echo "$RAW_LATEST_RELEASE" | jq -r '.tag_name') + echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT" + + echo "BASE_VERSION=$(echo "$VERSION" | sed 's/-.*//')" >> "$GITHUB_OUTPUT" + REVISION=$([[ "$VERSION" == *-* ]] && echo "$VERSION" | sed 's/.*-//' || echo "") + echo "REVISION=$REVISION" >> "$GITHUB_OUTPUT" + + NEXT_REVISION=$([[ "$REVISION" =~ ^[0-9]+$ ]] && echo $(($REVISION + 1)) || echo 1) + echo "NEXT_REVISION=$NEXT_REVISION" >> "$GITHUB_OUTPUT" + + - name: Decide if release version or not + id: condition + env: + SOGO_VERSION: ${{steps.sogo.outputs.VERSION}} + DOCKER_VERSION: ${{steps.image.outputs.BASE_VERSION}} + DOCKER_REVISION: ${{steps.image.outputs.REVISION}} + ACTION_TRIGGER: ${{github.event_name}} + run: | + VERSIONS_ARE_EQUAL=$([ "$SOGO_VERSION" = "$DOCKER_VERSION" ] && echo "true" || echo "false") + + if [ "$ACTION_TRIGGER" = "workflow_dispatch" ] || [ "$VERSIONS_ARE_EQUAL" != "true" ]; then + RELEASE="true" + else + RELEASE="false" + fi + + echo "RELEASE=$RELEASE" >> "$GITHUB_OUTPUT" + + release: + name: Release - Docker image + needs: check_versions + runs-on: ubuntu-latest + if: needs.check_versions.outputs.release == 'true' + steps: - name: Checkout - if: steps.sogo.outputs.VERSION != steps.image.outputs.VERSION uses: actions/checkout@v4 - name: Docker - Login - if: steps.sogo.outputs.VERSION != steps.image.outputs.VERSION uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Docker - GHCR Login - if: steps.sogo.outputs.VERSION != steps.image.outputs.VERSION uses: docker/login-action@v3 with: registry: ghcr.io @@ -40,15 +77,12 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Set up QEMU - if: steps.sogo.outputs.VERSION != steps.image.outputs.VERSION uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - if: steps.sogo.outputs.VERSION != steps.image.outputs.VERSION uses: docker/setup-buildx-action@v3 - name: Docker - Metadata - if: steps.sogo.outputs.VERSION != steps.image.outputs.VERSION id: meta uses: docker/metadata-action@v5 with: @@ -57,11 +91,11 @@ jobs: ghcr.io/${{ github.repository }} # generate Docker tags based on the following events/attributes tags: | - type=raw,value=${{ steps.sogo.outputs.VERSION }} + type=raw,value=${{ needs.check_versions.outputs.base_version }} + type=raw,value=${{ needs.check_versions.outputs.base_version }}-${{ needs.check_versions.outputs.next_revision }} flavor: latest=true - name: Docker - Build / Push - if: steps.sogo.outputs.VERSION != steps.image.outputs.VERSION id: docker_build uses: docker/build-push-action@v5 with: @@ -69,13 +103,13 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} build-args: | - SOGO_VERSION=${{ steps.sogo.outputs.VERSION }} + SOGO_VERSION=${{ needs.check_versions.outputs.base_version }} - name: Github Release uses: softprops/action-gh-release@v2 - if: steps.sogo.outputs.VERSION != steps.image.outputs.VERSION with: - tag_name: ${{ steps.sogo.outputs.VERSION }} + tag_name: ${{ needs.check_versions.outputs.base_version }}-${{ needs.check_versions.outputs.next_revision }} make_latest: 'true' + generate_release_notes: true body: | - SOGo Update: https://github.com/Alinto/sogo/releases/tag/SOGo-${{ steps.sogo.outputs.VERSION }} \ No newline at end of file + SOGo Update: https://github.com/Alinto/sogo/releases/tag/SOGo-${{ needs.check_versions.outputs.base_version }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 526cff9..267f476 100644 --- a/Dockerfile +++ b/Dockerfile @@ -128,7 +128,8 @@ RUN rsync -avLkq /usr/local/lib/GNUstep/ /usr/lib/GNUstep && \ rsync -avLkq /usr/local/include/GNUstep/ /usr/include/GNUstep && \ rm -rf /usr/local/lib/GNUstep && \ rm -rf /usr/local/include/GNUstep && \ - chmod +x /opt/entrypoint.sh + chmod +rx /usr/bin/yq && \ + chmod +rx /opt/entrypoint.sh # start from config folder WORKDIR /etc/sogo diff --git a/entrypoint.sh b/entrypoint.sh index 8b33db0..3c5d5c6 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -4,7 +4,12 @@ set -e -useradd -ms /bin/bash sogo +# Check if user "sogo" does not exist +if ! id "sogo" &>/dev/null; then + # Create user "sogo" + useradd -ms /bin/bash sogo + echo "User 'sogo' has been created." +fi # Set process UID and GID at runtime if [ -n "$PUID" ] && [ -n "$PGID" ]; then