-
Notifications
You must be signed in to change notification settings - Fork 0
167 lines (148 loc) · 6.17 KB
/
publish_image_in_GHCR.yaml
File metadata and controls
167 lines (148 loc) · 6.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
name: Build and Publish Docker Images
on:
push:
branches: [ "main", "develop" ]
pull_request:
branches: [ "main", "develop" ]
jobs:
build-and-publish:
runs-on: ubuntu-latest
permissions:
contents: write # needed to create the release
packages: write # needed to publish the image
# Skip building images for draft PRs
if: |
github.event_name == 'push' ||
(github.event_name == 'pull_request' &&
github.event.pull_request.draft == false)
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Extract version from pyproject.toml
id: project_version
run: |
VERSION=$(grep '^version =' pyproject.toml | sed -E 's/version = "([^"]+)"/\1/')
echo "version=${VERSION}" >> $GITHUB_OUTPUT
- name: Extract changelog section for version
id: changelog
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: |
VERSION="${{ steps.project_version.outputs.version }}"
# Extract the section for this version from CHANGELOG.md
# This awk script finds the section between [VERSION] and the next [VERSION] or end of file
CHANGELOG_SECTION=$(awk -v version="[$VERSION]" '
BEGIN { found=0; content="" }
$0 ~ "^## \\[" {
if (found) exit
if ($0 ~ version) {
found=1
content = $0 "\n"
next
}
}
found { content = content $0 "\n" }
END { print content }
' CHANGELOG.md)
# If no section found, use a default message
if [ -z "$CHANGELOG_SECTION" ]; then
CHANGELOG_SECTION="## Release v${VERSION}\n\nNo changelog entry found for this version."
fi
# Save to file and output
echo "$CHANGELOG_SECTION" > release_notes.md
echo "changelog_file=release_notes.md" >> $GITHUB_OUTPUT
# Also output as multiline string for debugging
{
echo 'content<<EOF'
echo "$CHANGELOG_SECTION"
echo 'EOF'
} >> $GITHUB_OUTPUT
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
tags: |
# For main branch: latest and version tags
type=raw,value=latest,enable={{is_default_branch}}
type=raw,value=${{ steps.project_version.outputs.version }},enable={{is_default_branch}}
# For develop branch: develop tag
type=raw,value=develop,enable=${{ github.ref == 'refs/heads/develop' }}
# For PRs only: pr-{number} tag
type=ref,event=pr,prefix=pr-
labels: |
org.opencontainers.image.title=${{ github.repository }}
org.opencontainers.image.description=${{ github.event.repository.description }}
org.opencontainers.image.url=${{ github.event.repository.html_url }}
org.opencontainers.image.source=${{ github.event.repository.clone_url }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.licenses=${{ github.event.repository.license.spdx_id }}
# Add cleanup hint for PR images
io.github.pr-image=${{ github.event_name == 'pull_request' && 'true' || 'false' }}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
file: tools/image/Dockerfile
platforms: linux/amd64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Create GitHub Release
# Only create releases for main branch pushes
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
uses: softprops/action-gh-release@v2
with:
tag_name: v${{ steps.project_version.outputs.version }}
name: Release v${{ steps.project_version.outputs.version }}
body_path: ${{ steps.changelog.outputs.changelog_file }}
fail_on_unmatched_files: false
# Clean up PR images when PR is closed
cleanup-pr-image:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request' && github.event.action == 'closed'
permissions:
packages: write
steps:
- name: Delete PR image
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const owner = context.repo.owner;
const repo = context.repo.repo;
const packageName = `${owner}/${repo}`;
const prNumber = context.payload.pull_request.number;
const prTag = `pr-${prNumber}`;
try {
// Get all package versions
const { data: versions } = await github.rest.packages.getAllPackageVersionsForPackageOwnedByOrg({
package_type: 'container',
package_name: packageName,
org: owner,
per_page: 100
});
// Find the PR image version
const prVersion = versions.find(version =>
version.metadata.container.tags.includes(prTag)
);
if (prVersion) {
console.log(`Deleting PR image: ${prTag} (version ID: ${prVersion.id})`);
await github.rest.packages.deletePackageVersionForOrg({
package_type: 'container',
package_name: packageName,
org: owner,
package_version_id: prVersion.id
});
console.log(`Successfully deleted PR image: ${prTag}`);
} else {
console.log(`No image found for PR: ${prTag}`);
}
} catch (error) {
console.log(`Error cleaning up PR image (this is normal if no image was built): ${error.message}`);
}