Target Sync zlmediakit/zlmediakit-pro:feature_all by @liujinge #7512
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Target Sync Image | |
| run-name: Target Sync ${{ github.event.issue.title }} by @${{ github.actor }} | |
| on: | |
| issues: | |
| types: | |
| - opened | |
| # https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token | |
| permissions: | |
| issues: write | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| if: contains(github.event.issue.labels.*.name, 'sync image') | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| outputs: | |
| image: ${{ steps.get-image.outputs.image }} | |
| link: ${{ steps.get-image.outputs.link }} | |
| platforms: ${{ steps.get-image.outputs.platforms }} | |
| arch: ${{ steps.get-image.outputs.arch }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Check Issue | |
| id: get-image | |
| env: | |
| IMAGE: "${{ github.event.issue.title }}" | |
| ISSUE_BODY: "${{ github.event.issue.body }}" | |
| run: | | |
| ORIGIN_IMAGE="${IMAGE}" | |
| CORRECT_IMAGE="$(./hack/correct-image.sh "${ORIGIN_IMAGE}")" | |
| if [[ "${CORRECT_IMAGE}" == "" ]]; then | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 '${ORIGIN_IMAGE}' 不是一个镜像" | |
| gh issue close ${{ github.event.issue.number }} --reason "not planned" | |
| exit 1 | |
| fi | |
| if [[ "${CORRECT_IMAGE}" != "${ORIGIN_IMAGE}" ]]; then | |
| if ! ./hack/verify-allows.sh ./allows.txt "${CORRECT_IMAGE}"; then | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 '${ORIGIN_IMAGE}' 不存在呢, 也许应该是 '${CORRECT_IMAGE}', 并且不在白名单列表里, 不支持同步和访问<br>可以将其添加到[白名单](https://github.com/${{ github.repository }}/issues/2328)" | |
| else | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 '${ORIGIN_IMAGE}' 不存在呢, 也许应该是 '${CORRECT_IMAGE}'" | |
| fi | |
| gh issue close ${{ github.event.issue.number }} --reason "not planned" | |
| exit 1 | |
| fi | |
| if ! ./hack/verify-allows.sh ./allows.txt "${ORIGIN_IMAGE}"; then | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 ${ORIGIN_IMAGE} 不在白名单列表里, 不支持同步和访问<br>可以将其添加到[白名单](https://github.com/${{ github.repository }}/issues/2328)" | |
| gh issue close ${{ github.event.issue.number }} --reason "not planned" | |
| exit 1 | |
| fi | |
| IMAGE="${ORIGIN_IMAGE}" | |
| echo "image=${IMAGE}" >> $GITHUB_OUTPUT | |
| GROUP="${IMAGE%%:*}" | |
| GROUP="${GROUP%%@*}" | |
| LINK="https://queue.m.daocloud.io/status/#group:${GROUP}" | |
| echo "link=${LINK}" >> $GITHUB_OUTPUT | |
| BODY="${ISSUE_BODY:-}" | |
| ARCH="" | |
| if [ -z "${ARCH}" ]; then | |
| ARCH=$(printf "%s" "$BODY" | grep -oE 'linux/[a-z0-9/._+-]+' | head -n1 || true) | |
| fi | |
| if [ -z "${ARCH}" ]; then | |
| ARCH="linux/amd64" | |
| fi | |
| echo "arch=${ARCH}" >> $GITHUB_OUTPUT | |
| PLATFORM_FLAG="--platform=${ARCH}" | |
| echo "platforms=${PLATFORM_FLAG}" >> $GITHUB_OUTPUT | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 ${IMAGE}, 平台 ${ARCH} 将添加到同步队列...<br>[同步队列](${LINK})<br>[详细信息](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})" | |
| sync: | |
| runs-on: ubuntu-latest | |
| needs: check | |
| if: needs.check.result == 'success' | |
| container: ghcr.io/opencidn/ocimirror/sync:v0.0.40 | |
| steps: | |
| - shell: sh | |
| run: sync ${{ needs.check.outputs.image }} ${{ needs.check.outputs.platforms }} ${{ secrets.ARGS_CIDN }} ${{ secrets.ARGS_R2_IMAGE }} | |
| runner: | |
| runs-on: ubuntu-latest | |
| needs: check | |
| if: needs.check.result == 'success' | |
| container: ghcr.io/opencidn/cidn/runner:v0.0.108 | |
| steps: | |
| - shell: sh | |
| run: runner --handler-name=dc-${{ github.run_number }}-${{ github.event.issue.number }} --update-duration=10s --duration=5m --concurrency=2 ${{ secrets.ARGS_CIDN }} | |
| failure: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - sync | |
| - check | |
| if: always() && needs.sync.result == 'failure' | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - name: Sync Failure Status | |
| run: | | |
| gh -R "${{ github.repository }}" issue edit ${{ github.event.issue.number }} --add-label "sync image failure" -b "镜像同步失败" | |
| gh -R "${{ github.repository }}" issue close ${{ github.event.issue.number }} --reason "not planned" --comment "镜像 ${{ needs.check.outputs.image }}, 平台 ${{ needs.check.outputs.arch }} 同步失败<br>请去同步队列查看详细信息。" | |
| success: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - sync | |
| - check | |
| if: needs.sync.result == 'success' | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - name: Sync Success Status | |
| run: | | |
| gh -R "${{ github.repository }}" issue edit ${{ github.event.issue.number }} --add-label "sync image succeeded" -b "镜像同步完成" | |
| gh -R "${{ github.repository }}" issue close ${{ github.event.issue.number }} --reason "completed" --comment "镜像 ${{ needs.check.outputs.image }}, 平台 ${{ needs.check.outputs.arch }} 同步完成<br>请使用 m.daocloud.io/${{ needs.check.outputs.image }} 进行访问。" |