Add GitHub Actions workflow for automatic release candidate builds and deployments

2026-05-24 09:28:37 +00:00 · 2024-12-23 11:35:21 +01:00 · 2024-12-23 11:35:21 +01:00 · 2cbe2521f3
commit 2cbe2521f3
parent d0be0fc2e0
1 changed files with 286 additions and 0 deletions
--- a/.github/workflows/rc.yml
+++ b/.github/workflows/rc.yml
@ -0,0 +1,286 @@
+name: Automatic push (RC)
+
+permissions: read-all
+
+on:
+  push:
+    branches: [rc]
+
+jobs:
+  # Build amd64 + 386 containers images
+  build-containers:
+    strategy:
+      matrix:
+        image: [bunkerweb, scheduler, autoconf, ui]
+        arch: [linux/amd64, linux/386]
+        include:
+          - release: rc
+            cache: false
+            push: false
+          - image: bunkerweb
+            dockerfile: src/bw/Dockerfile
+          - image: scheduler
+            dockerfile: src/scheduler/Dockerfile
+          - image: autoconf
+            dockerfile: src/autoconf/Dockerfile
+          - image: ui
+            dockerfile: src/ui/Dockerfile
+          - arch: linux/amd64
+            cache_suffix: amd64
+          - arch: linux/386
+            cache_suffix: "386"
+    uses: ./.github/workflows/container-build.yml
+    with:
+      RELEASE: ${{ matrix.release }}
+      ARCH: ${{ matrix.arch }}
+      IMAGE: ${{ matrix.image }}
+      DOCKERFILE: ${{ matrix.dockerfile }}
+      CACHE: ${{ matrix.cache }}
+      PUSH: ${{ matrix.push }}
+      CACHE_SUFFIX: ${{ matrix.cache_suffix }}
+    secrets:
+      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+      DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
+
+  # Create ARM environment
+  create-arm:
+    uses: ./.github/workflows/create-arm.yml
+    secrets:
+      SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+      SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+      SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
+      SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}
+      ARM_SSH_KEY: ${{ secrets.ARM_SSH_KEY }}
+      ARM_SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }}
+
+  # Build arm64 + arm/v7 images
+  build-containers-arm:
+    needs: [create-arm]
+    strategy:
+      matrix:
+        image: [bunkerweb, scheduler, autoconf, ui]
+        arch: ["linux/arm64,linux/arm/v7"]
+        include:
+          - release: rc
+            cache: false
+            push: false
+            cache_suffix: arm
+          - image: bunkerweb
+            dockerfile: src/bw/Dockerfile
+          - image: scheduler
+            dockerfile: src/scheduler/Dockerfile
+          - image: autoconf
+            dockerfile: src/autoconf/Dockerfile
+          - image: ui
+            dockerfile: src/ui/Dockerfile
+    uses: ./.github/workflows/container-build.yml
+    with:
+      RELEASE: ${{ matrix.release }}
+      ARCH: ${{ matrix.arch }}
+      IMAGE: ${{ matrix.image }}
+      DOCKERFILE: ${{ matrix.dockerfile }}
+      CACHE: ${{ matrix.cache }}
+      PUSH: ${{ matrix.push }}
+      CACHE_SUFFIX: ${{ matrix.cache_suffix }}
+    secrets:
+      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+      DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
+      ARM_SSH_KEY: ${{ secrets.ARM_SSH_KEY }}
+      ARM_SSH_IP: ${{ needs.create-arm.outputs.ip }}
+      ARM_SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }}
+
+  # Build Linux packages
+  build-packages:
+    needs: [create-arm]
+    strategy:
+      matrix:
+        linux: [ubuntu, debian, fedora, rhel, rhel9]
+        platforms: [linux/amd64, linux/arm64]
+        include:
+          - release: rc
+          - linux: ubuntu
+            package: deb
+          - linux: debian
+            package: deb
+          - linux: fedora
+            package: rpm
+          - linux: rhel
+            package: rpm
+          - linux: rhel9
+            package: rpm
+    uses: ./.github/workflows/linux-build.yml
+    with:
+      RELEASE: ${{ matrix.release }}
+      LINUX: ${{ matrix.linux }}
+      PACKAGE: ${{ matrix.package }}
+      TEST: false
+      PLATFORMS: ${{ matrix.platforms }}
+    secrets:
+      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+      DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
+      ARM_SSH_KEY: ${{ secrets.ARM_SSH_KEY }}
+      ARM_SSH_IP: ${{ needs.create-arm.outputs.ip }}
+      ARM_SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }}
+
+  # Wait for all builds and extract VERSION
+  wait-builds:
+    runs-on: ubuntu-latest
+    needs: [build-containers, build-containers-arm, build-packages]
+    outputs:
+      version: ${{ steps.getversion.outputs.version }}
+      versionrpm: ${{ steps.getversionrpm.outputs.versionrpm }}
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: Get VERSION
+        id: getversion
+        run: echo "version=$(cat src/VERSION | tr -d '\n')" >> "$GITHUB_OUTPUT"
+      - name: Get VERSION (for RPM based)
+        id: getversionrpm
+        run: echo "versionrpm=$(cat src/VERSION | tr -d '\n' | sed 's/-/_/g')" >> "$GITHUB_OUTPUT"
+
+  # Push Docker images
+  push-images:
+    permissions:
+      contents: read
+      packages: write
+    needs: [create-arm, wait-builds]
+    strategy:
+      matrix:
+        image:
+          [bunkerweb, bunkerweb-scheduler, bunkerweb-autoconf, bunkerweb-ui]
+        include:
+          - release: rc
+          - image: bunkerweb
+            cache_from: bunkerweb
+            dockerfile: src/bw/Dockerfile
+          - image: bunkerweb-scheduler
+            cache_from: scheduler
+            dockerfile: src/scheduler/Dockerfile
+          - image: bunkerweb-autoconf
+            cache_from: autoconf
+            dockerfile: src/autoconf/Dockerfile
+          - image: bunkerweb-ui
+            cache_from: ui
+            dockerfile: src/ui/Dockerfile
+    uses: ./.github/workflows/push-docker.yml
+    with:
+      IMAGE: ${{ matrix.image }}
+      TAGS: bunkerity/${{ matrix.image }}:${{ matrix.release }},bunkerity/${{ matrix.image }}:${{ needs.wait-builds.outputs.version }},ghcr.io/bunkerity/${{ matrix.image }}:${{ matrix.release }},ghcr.io/bunkerity/${{ matrix.image }}:${{ needs.wait-builds.outputs.version }}
+      CACHE_FROM: ${{ matrix.cache_from }}-${{ matrix.release }}
+      DOCKERFILE: ${{ matrix.dockerfile }}
+    secrets:
+      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+      DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
+      ARM_SSH_KEY: ${{ secrets.ARM_SSH_KEY }}
+      ARM_SSH_IP: ${{ needs.create-arm.outputs.ip }}
+      ARM_SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }}
+
+  # Push Linux packages
+  push-packages:
+    needs: [wait-builds]
+    strategy:
+      matrix:
+        linux: [ubuntu, debian, fedora, el, el9]
+        arch: [amd64, arm64]
+        include:
+          - release: rc
+            repo: bunkerweb
+          - linux: ubuntu
+            separator: _
+            suffix: ""
+            version: noble
+            package: deb
+          - linux: debian
+            separator: _
+            suffix: ""
+            version: bookworm
+            package: deb
+          - linux: fedora
+            separator: "-"
+            suffix: "1."
+            version: 41
+            package: rpm
+          - linux: el
+            separator: "-"
+            suffix: "1."
+            version: 8
+            package: rpm
+          - linux: el9
+            separator: "-"
+            suffix: "1."
+            version: 9
+            package: rpm
+          - linux: ubuntu
+            arch: amd64
+            package_arch: amd64
+          - linux: debian
+            arch: amd64
+            package_arch: amd64
+          - linux: fedora
+            arch: amd64
+            package_arch: x86_64
+          - linux: el
+            arch: amd64
+            package_arch: x86_64
+          - linux: el9
+            arch: amd64
+            package_arch: x86_64
+          - linux: ubuntu
+            arch: arm64
+            package_arch: arm64
+          - linux: debian
+            arch: arm64
+            package_arch: arm64
+          - linux: fedora
+            arch: arm64
+            package_arch: aarch64
+          - linux: el
+            arch: arm64
+            package_arch: aarch64
+          - linux: el9
+            arch: arm64
+            package_arch: aarch64
+    uses: ./.github/workflows/push-packagecloud.yml
+    with:
+      SEPARATOR: ${{ matrix.separator }}
+      SUFFIX: ${{ matrix.suffix }}
+      REPO: ${{ matrix.repo }}
+      LINUX: ${{ matrix.linux }}
+      VERSION: ${{ matrix.version }}
+      PACKAGE: ${{ matrix.package }}
+      BW_VERSION: ${{ matrix.package == 'rpm' && needs.wait-builds.outputs.versionrpm || needs.wait-builds.outputs.version }}
+      PACKAGE_ARCH: ${{ matrix.package_arch }}
+      ARCH: ${{ matrix.arch }}
+    secrets:
+      PACKAGECLOUD_TOKEN: ${{ secrets.PACKAGECLOUD_TOKEN }}
+
+  # Create doc PDF
+  doc-pdf:
+    needs: [wait-builds, push-images, push-packages]
+    uses: ./.github/workflows/doc-to-pdf.yml
+    with:
+      VERSION: ${{ needs.wait-builds.outputs.version }}
+
+  # Push on GH
+  push-gh:
+    needs: [wait-builds, doc-pdf]
+    permissions:
+      contents: write
+      discussions: write
+    uses: ./.github/workflows/push-github.yml
+    with:
+      VERSION: ${{ needs.wait-builds.outputs.version }}
+      PRERELEASE: true
+
+  # Remove ARM VM
+  rm-arm:
+    if: ${{ always() }}
+    needs: [create-arm, push-images, build-packages]
+    uses: ./.github/workflows/rm-arm.yml
+    secrets:
+      ARM_ID: ${{ needs.create-arm.outputs.id }}
+      SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
+      SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }}
+      SCW_DEFAULT_PROJECT_ID: ${{ secrets.SCW_DEFAULT_PROJECT_ID }}
+      SCW_DEFAULT_ORGANIZATION_ID: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }}