Compare commits
3 Commits
master
...
feature/re
Author | SHA1 | Date | |
---|---|---|---|
5e4ce1d1f2 | |||
|
a2a09d9058 | ||
1af82f78df |
58
.github/workflows/cron-build.yml
vendored
58
.github/workflows/cron-build.yml
vendored
@ -5,53 +5,11 @@ on:
|
|||||||
- cron: '0 20 * * *'
|
- cron: '0 20 * * *'
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
|
call-cron-build:
|
||||||
select-branches:
|
uses: ONLYOFFICE/DocSpace-buildtools/.github/workflows/reusable-cron.yml@master
|
||||||
runs-on: ubuntu-latest
|
with:
|
||||||
|
organization: 'ONLYOFFICE'
|
||||||
steps:
|
repository: 'DocSpace-buildtools'
|
||||||
- name: Check out the code
|
secrets:
|
||||||
uses: actions/checkout@v2
|
git-user: ${{ secrets.USERNAME }}
|
||||||
|
git-token: ${{ secrets.TOKEN }}
|
||||||
- name: List Branches
|
|
||||||
id: list-branches
|
|
||||||
run: |
|
|
||||||
all_branches=$(git ls-remote -hq | sed -n 's/^[0-9a-f]\{40\}\s\+refs\/heads\//''/p')
|
|
||||||
matching_branches=""
|
|
||||||
|
|
||||||
for branch in $all_branches; do
|
|
||||||
if [[ $branch =~ ^release/v[0-9]+ || $branch =~ ^hotfix/v[0-9]+ || $branch == "develop" ]]; then
|
|
||||||
matching_branches="${matching_branches},\"${branch}\""
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
matching_branches=${matching_branches#,}
|
|
||||||
echo "json_output=[${matching_branches}]" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
last_branch=$(echo ${matching_branches} | awk -F, '{print $NF}' | sed 's/"//g')
|
|
||||||
echo "last_branch=${last_branch}" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
- name: Dispatch Action
|
|
||||||
run: |
|
|
||||||
echo "${{ steps.list-branches.outputs.json_output }}"
|
|
||||||
|
|
||||||
curl \
|
|
||||||
-X POST \
|
|
||||||
-u "${{ secrets.USERNAME}}:${{secrets.TOKEN}}" \
|
|
||||||
"https://api.github.com/repos/ONLYOFFICE/DocSpace-buildtools/dispatches" \
|
|
||||||
-H "Accept: application/vnd.github.everest-preview+json" \
|
|
||||||
--data '{"event_type": "cron-trigger-action", "client_payload": { "branches": ${{ steps.list-branches.outputs.json_output }}}}'
|
|
||||||
|
|
||||||
curl \
|
|
||||||
-X POST \
|
|
||||||
-u "${{ secrets.USERNAME}}:${{secrets.TOKEN}}" \
|
|
||||||
https://api.github.com/repos/ONLYOFFICE/DocSpace/actions/workflows/59268961/dispatches \
|
|
||||||
-H "Accept: application/vnd.github.everest-preview+json" \
|
|
||||||
--data '{
|
|
||||||
"ref": "${{ steps.list-branches.outputs.last_branch }}",
|
|
||||||
"inputs": {
|
|
||||||
"branch-buildtools": "${{ steps.list-branches.outputs.last_branch }}",
|
|
||||||
"branch-client": "${{ steps.list-branches.outputs.last_branch }}",
|
|
||||||
"branch-server": "${{ steps.list-branches.outputs.last_branch }}"
|
|
||||||
}
|
|
||||||
}'
|
|
||||||
|
95
.github/workflows/main-build.yml
vendored
95
.github/workflows/main-build.yml
vendored
@ -1,12 +1,6 @@
|
|||||||
name: 4testing multiarch-build
|
name: 4testing multiarch-build
|
||||||
|
|
||||||
on:
|
on:
|
||||||
workflow_dispatch:
|
|
||||||
inputs:
|
|
||||||
zap:
|
|
||||||
description: 'Run ZAP scanning after build?'
|
|
||||||
type: boolean
|
|
||||||
|
|
||||||
repository_dispatch:
|
repository_dispatch:
|
||||||
types:
|
types:
|
||||||
- cron-trigger-action
|
- cron-trigger-action
|
||||||
@ -14,77 +8,28 @@ on:
|
|||||||
- client-trigger-action
|
- client-trigger-action
|
||||||
- server-trigger-action
|
- server-trigger-action
|
||||||
|
|
||||||
env:
|
|
||||||
DOCKER_PATH: "/install/docker"
|
|
||||||
REPO: "onlyoffice"
|
|
||||||
DOCKER_IMAGE_PREFIX: "4testing-docspace"
|
|
||||||
DOCKERFILE: "Dockerfile.app"
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
|
prepare-branches:
|
||||||
build:
|
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
strategy:
|
outputs:
|
||||||
matrix:
|
branches: ${{ steps.prepare.outputs.branches }}
|
||||||
platform: [linux/amd64]
|
|
||||||
branch: ${{ github.event.client_payload.branches }}
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: prepare branches
|
||||||
uses: actions/checkout@v3
|
id: prepare
|
||||||
with:
|
|
||||||
ref: ${{ matrix.branch }}
|
|
||||||
- name: Set up QEMU
|
|
||||||
uses: docker/setup-qemu-action@v2
|
|
||||||
- name: Set up Docker Buildx
|
|
||||||
id: buildx
|
|
||||||
uses: docker/setup-buildx-action@v2
|
|
||||||
|
|
||||||
- name: Free Disk Space
|
|
||||||
run: |
|
|
||||||
sudo rm -rf /usr/local/lib/android /opt/ghc
|
|
||||||
sudo docker image prune --all --force
|
|
||||||
|
|
||||||
- name: Login to DockerHub
|
|
||||||
uses: docker/login-action@v2
|
|
||||||
with:
|
|
||||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
||||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
||||||
|
|
||||||
- name: Build 4testing
|
|
||||||
id: build
|
|
||||||
run: |
|
|
||||||
cd .${DOCKER_PATH}
|
|
||||||
if [ "${{ matrix.branch }}" = "develop" ]; then
|
|
||||||
PRODUCT_VERSION="develop"
|
|
||||||
DOCKER_TAG=${PRODUCT_VERSION}.${{ github.run_number }}
|
|
||||||
else
|
|
||||||
PRODUCT_VERSION=$(echo "${{ matrix.branch }}" | sed '/^release\b\|^hotfix\b\|^feature\b/s/release.*\/\|hotfix.*\/\|feature.*\///; s/-git-action$//; s/^v//')
|
|
||||||
DOCKER_TAG=${PRODUCT_VERSION}.${{github.run_number}}
|
|
||||||
fi
|
|
||||||
export DOCKER_TAG
|
|
||||||
docker buildx bake -f build.yml \
|
|
||||||
--set *.args.GIT_BRANCH=${{ matrix.branch }} \
|
|
||||||
--set *.args.PRODUCT_VERSION=${PRODUCT_VERSION} \
|
|
||||||
--set *.args.BUILD_NUMBER=${BUILD_NUMBER} \
|
|
||||||
--set *.platform=linux/amd64 \
|
|
||||||
--set *.args.PRODUCT_VERSION=${PRODUCT_VERSION} \
|
|
||||||
--set *.args.BUILD_NUMBER=${{github.run_number}} \
|
|
||||||
--push
|
|
||||||
|
|
||||||
echo "version=${DOCKER_TAG}" >> "$GITHUB_OUTPUT"
|
|
||||||
shell: bash
|
|
||||||
|
|
||||||
- name: Run zap action if needed
|
|
||||||
if: ${{ github.event.action == 'cron-trigger-action' || github.event_name == 'workflow_dispatch' }}
|
|
||||||
env:
|
env:
|
||||||
RUN_ZAP: ${{ github.event.inputs.zap || 'true' }}
|
branches: ${{ join(github.event.client_payload.branches) }}
|
||||||
GITHUB_TOKEN: ${{ secrets.TOKEN }}
|
|
||||||
VERSION: ${{ steps.build.outputs.version }}
|
|
||||||
shell: bash
|
|
||||||
run: |
|
run: |
|
||||||
if [[ ${{ matrix.branch }} =~ release || ${{ matrix.branch }} =~ hotfix && ${RUN_ZAP} == true ]]; then
|
echo "branches=$(echo ${branches} | sed 's!,! !g')" >> "$GITHUB_OUTPUT"
|
||||||
gh workflow run zap-scan.yaml \
|
|
||||||
--repo ONLYOFFICE/DocSpace \
|
call-reusable-build:
|
||||||
-f branch=${{ matrix.branch }} \
|
needs: 'prepare-branches'
|
||||||
-f version=${VERSION}
|
uses: ONLYOFFICE/DocSpace-buildtools/.github/workflows/reusable-build.yml@master
|
||||||
fi
|
secrets:
|
||||||
|
docker-username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||||
|
docker-usertoken: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||||
|
git-token: ${{ secrets.TOKEN }}
|
||||||
|
with:
|
||||||
|
payload-branches: "${{ needs.prepare-branches.outputs.branches }}"
|
||||||
|
dispatch-type: "${{ github.event.action }}"
|
||||||
|
dockerhub-repo: "onlyoffice"
|
||||||
|
|
||||||
|
127
.github/workflows/reusable-build.yml
vendored
Normal file
127
.github/workflows/reusable-build.yml
vendored
Normal file
@ -0,0 +1,127 @@
|
|||||||
|
name: "<reusable> DocSpace build action"
|
||||||
|
|
||||||
|
on:
|
||||||
|
workflow_call:
|
||||||
|
inputs:
|
||||||
|
payload-branches:
|
||||||
|
description: "Branches for build in json format"
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
dispatch-type:
|
||||||
|
description: "Dispatch-type, that trigger workflow"
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
custom-build-commands:
|
||||||
|
description: "Add custom commands for RUN in Dockerfile"
|
||||||
|
required: false
|
||||||
|
type: string
|
||||||
|
default: "echo placeholder"
|
||||||
|
dockerhub-repo:
|
||||||
|
description: "Set hub.docker repo owner that will be used for push images"
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
default: onlyoffice
|
||||||
|
secrets:
|
||||||
|
docker-username:
|
||||||
|
required: true
|
||||||
|
description: "hub.docker username"
|
||||||
|
docker-usertoken:
|
||||||
|
description: "hub.docker user token"
|
||||||
|
required: true
|
||||||
|
git-token:
|
||||||
|
description: "git token for zap scanner"
|
||||||
|
required: false
|
||||||
|
|
||||||
|
env:
|
||||||
|
DOCKER_PATH: "install/docker"
|
||||||
|
REPO: "${{ inputs.dockerhub-repo }}"
|
||||||
|
DOCKER_IMAGE_PREFIX: "4testing-docspace"
|
||||||
|
DOCKERFILE: "Dockerfile.app"
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
prepare:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
outputs:
|
||||||
|
branches: ${{ steps.prepare.outputs.branches }}
|
||||||
|
steps:
|
||||||
|
- name: prepare branches
|
||||||
|
id: prepare
|
||||||
|
run: |
|
||||||
|
branches_array=(${{ inputs.payload-branches }})
|
||||||
|
echo "branches=$(jq -c -n '$ARGS.positional' --args "${branches_array[@]}")" >> "$GITHUB_OUTPUT"
|
||||||
|
|
||||||
|
build:
|
||||||
|
needs: 'prepare'
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
strategy:
|
||||||
|
fail-fast: false
|
||||||
|
matrix:
|
||||||
|
platform: [linux/amd64]
|
||||||
|
branch: ${{ fromJSON(needs.prepare.outputs.branches) }}
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
ref: ${{ matrix.branch }}
|
||||||
|
repository: 'ONLYOFFICE/DocSpace-buildtools'
|
||||||
|
|
||||||
|
- name: Set up QEMU
|
||||||
|
uses: docker/setup-qemu-action@v2
|
||||||
|
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
id: buildx
|
||||||
|
uses: docker/setup-buildx-action@v3
|
||||||
|
|
||||||
|
- name: Free Disk Space
|
||||||
|
run: |
|
||||||
|
sudo rm -rf /usr/local/lib/android /opt/ghc
|
||||||
|
sudo docker image prune --all --force
|
||||||
|
|
||||||
|
- name: Login to DockerHub
|
||||||
|
uses: docker/login-action@v3
|
||||||
|
with:
|
||||||
|
username: ${{ secrets.docker-username }}
|
||||||
|
password: ${{ secrets.docker-usertoken }}
|
||||||
|
|
||||||
|
- name: Build 4testing
|
||||||
|
id: build
|
||||||
|
working-directory: ${{ env.DOCKER_PATH }}
|
||||||
|
env:
|
||||||
|
BUILD_NUMBER: ${{ github.run_number }}
|
||||||
|
PLATFORM: ${{ matrix.platform }}
|
||||||
|
BRANCH: ${{ matrix.branch }}
|
||||||
|
run: |
|
||||||
|
if [ "${{ matrix.branch }}" = "develop" ]; then
|
||||||
|
PRODUCT_VERSION="develop"
|
||||||
|
DOCKER_TAG=${PRODUCT_VERSION}.${BUILD_NUMBER}
|
||||||
|
else
|
||||||
|
PRODUCT_VERSION=$(echo "${{ matrix.branch }}" | sed '/^release\b\|^hotfix\b\|^feature\b/s/release.*\/\|hotfix.*\/\|feature.*\///; s/-git-action$//; s/^v//')
|
||||||
|
DOCKER_TAG=${PRODUCT_VERSION}.${BUILD_NUMBER}
|
||||||
|
fi
|
||||||
|
export DOCKER_TAG
|
||||||
|
docker buildx bake -f build.yml \
|
||||||
|
--set *.args.CUSTOM_BUILD_COMMANDS='${{ inputs.custom-build-commands }}' \
|
||||||
|
--set *.args.GIT_BRANCH=${BRANCH} \
|
||||||
|
--set *.args.PRODUCT_VERSION=${PRODUCT_VERSION} \
|
||||||
|
--set *.args.BUILD_NUMBER=${BUILD_NUMBER} \
|
||||||
|
--set *.platform=${PLATFORM} \
|
||||||
|
--push
|
||||||
|
|
||||||
|
echo "version=${DOCKER_TAG}" >> "$GITHUB_OUTPUT"
|
||||||
|
shell: bash
|
||||||
|
|
||||||
|
- name: Run zap action if needed
|
||||||
|
if: >
|
||||||
|
inputs.dispatch-type == 'cron-trigger-action' &&
|
||||||
|
github.repository == 'ONLYOFFICE/DocSpace-buildtools'
|
||||||
|
env:
|
||||||
|
GITHUB_TOKEN: ${{ secrets.git-token }}
|
||||||
|
VERSION: ${{ steps.build.outputs.version }}
|
||||||
|
shell: bash
|
||||||
|
run: |
|
||||||
|
if [[ ${{ matrix.branch }} =~ release || ${{ matrix.branch }} =~ hotfix ]]; then
|
||||||
|
gh workflow run zap-scan.yaml \
|
||||||
|
--repo ONLYOFFICE/DocSpace \
|
||||||
|
-f branch=${{ matrix.branch }} \
|
||||||
|
-f version=${VERSION}
|
||||||
|
fi
|
79
.github/workflows/reusable-cron.yml
vendored
Normal file
79
.github/workflows/reusable-cron.yml
vendored
Normal file
@ -0,0 +1,79 @@
|
|||||||
|
name: "<reusable> DocSpace cron trigger"
|
||||||
|
|
||||||
|
on:
|
||||||
|
workflow_call:
|
||||||
|
inputs:
|
||||||
|
organization:
|
||||||
|
description: "Organization name"
|
||||||
|
required: false
|
||||||
|
type: string
|
||||||
|
default: 'ONLYOFFICE'
|
||||||
|
repository:
|
||||||
|
description: "Repo where reusable cron is stored"
|
||||||
|
required: false
|
||||||
|
type: string
|
||||||
|
default: 'DocSpace-buildtools'
|
||||||
|
secrets:
|
||||||
|
git-user:
|
||||||
|
required: true
|
||||||
|
description: "User that will trigger job from curl"
|
||||||
|
git-token:
|
||||||
|
description: "User token"
|
||||||
|
required: true
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
|
||||||
|
select-branches:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Check out the code
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
repository: 'ONLYOFFICE/DocSpace-buildtools'
|
||||||
|
|
||||||
|
- name: List Branches
|
||||||
|
id: list-branches
|
||||||
|
run: |
|
||||||
|
all_branches=$(git ls-remote -hq | sed -n 's/^[0-9a-f]\{40\}\s\+refs\/heads\//''/p')
|
||||||
|
matching_branches=""
|
||||||
|
|
||||||
|
for branch in $all_branches; do
|
||||||
|
if [[ $branch =~ ^release/v[0-9]+ || $branch =~ ^hotfix/v[0-9]+ || $branch == "develop" ]]; then
|
||||||
|
matching_branches="${matching_branches},\"${branch}\""
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
matching_branches=${matching_branches#,}
|
||||||
|
echo "json_output=[${matching_branches}]" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
|
last_branch=$(echo ${matching_branches} | awk -F, '{print $NF}' | sed 's/"//g')
|
||||||
|
echo "last_branch=${last_branch}" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
|
- name: Dispatch Action
|
||||||
|
run: |
|
||||||
|
echo "${{ steps.list-branches.outputs.json_output }}"
|
||||||
|
|
||||||
|
curl \
|
||||||
|
-X POST \
|
||||||
|
-u "${{ secrets.git-user }}:${{ secrets.git-token }}" \
|
||||||
|
"https://api.github.com/repos/${{ inputs.organization }}/${{ inputs.repository }}/dispatches" \
|
||||||
|
-H "Accept: application/vnd.github.everest-preview+json" \
|
||||||
|
--data '{"event_type": "cron-trigger-action", "client_payload": { "branches": ${{ steps.list-branches.outputs.json_output }}}}'
|
||||||
|
|
||||||
|
- name: Dispatch package build
|
||||||
|
if: github.repository == 'ONLYOFFICE/DocSpace-buildtools'
|
||||||
|
run: |
|
||||||
|
curl \
|
||||||
|
-X POST \
|
||||||
|
-u "${{ secrets.git-user }}:${{ secrets.git-token }}" \
|
||||||
|
https://api.github.com/repos/ONLYOFFICE/DocSpace/actions/workflows/59268961/dispatches \
|
||||||
|
-H "Accept: application/vnd.github.everest-preview+json" \
|
||||||
|
--data '{
|
||||||
|
"ref": "${{ steps.list-branches.outputs.last_branch }}",
|
||||||
|
"inputs": {
|
||||||
|
"branch-buildtools": "${{ steps.list-branches.outputs.last_branch }}",
|
||||||
|
"branch-client": "${{ steps.list-branches.outputs.last_branch }}",
|
||||||
|
"branch-server": "${{ steps.list-branches.outputs.last_branch }}"
|
||||||
|
}
|
||||||
|
}'
|
Loading…
Reference in New Issue
Block a user