name: Docker Image CI on: push: # Publish `master` as Docker `latest` image. branches: - master - v5 # Publish `v1.2.3` tags as releases. tags: - v* # Run tests for PRs to `master` branch. pull_request: branches: - "master" env: TEST_TAG: b4tman/squid:test jobs: test: runs-on: ubuntu-20.04 steps: - uses: actions/checkout@v4 - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to DockerHub if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: username: b4tman password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Cache Docker layers uses: actions/cache@v4.0.2 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - name: Build squid image uses: docker/build-push-action@v5 with: context: . push: false load: true # automatically load the single-platform build result to docker images tags: ${{ env.TEST_TAG }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 - name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - name: Test image run: | set -ex docker compose -f docker-compose.test.yml up --pull never sut --exit-code-from sut docker compose -f docker-compose.test.yml down - name: set base image for 'ssl-bump' run: | sed -i "s%FROM b4tman/squid%FROM $TEST_TAG%" ssl-bump/Dockerfile - name: Build 'ssl-bump' image uses: docker/build-push-action@v5 with: context: . push: false load: true tags: ${{ env.TEST_TAG }}-ssl-bump cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 - name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - name: Test 'ssl-bump' image run: | set -ex TEST_TAG="${TEST_TAG}-ssl-bump" docker compose -f docker-compose.test.yml up --pull never sut --exit-code-from sut docker compose -f docker-compose.test.yml down push: needs: test runs-on: ubuntu-20.04 if: github.event_name != 'pull_request' steps: - uses: actions/checkout@v4 - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: | b4tman/squid ghcr.io/b4tman/squid flavor: | latest=${{ github.ref == 'refs/heads/master' }} tags: | type=ref,event=branch type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - name: Docker meta (ssl-bump) id: meta_ssl_bump uses: docker/metadata-action@v5 with: images: | b4tman/squid ghcr.io/b4tman/squid flavor: | latest=false suffix=-ssl-bump tags: | type=ref,event=branch type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - name: Docker meta (ssl-bump ghcr) id: meta_ssl_bump_ghcr uses: docker/metadata-action@v5 with: images: | ghcr.io/b4tman/squid-ssl-bump flavor: | latest=${{ github.ref == 'refs/heads/master' }} tags: | type=ref,event=branch type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Cache Docker layers uses: actions/cache@v4.0.2 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - name: Login to DockerHub uses: docker/login-action@v3 with: username: b4tman password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GHCR uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.CR_PAT }} - name: Build squid image uses: docker/build-push-action@v5 with: context: . push: true platforms: linux/amd64,linux/arm/v7 tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 - name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - name: Build 'ssl-bump' image uses: docker/build-push-action@v5 with: context: ssl-bump push: true file: ssl-bump/Dockerfile platforms: linux/amd64,linux/arm/v7 tags: ${{ steps.meta_ssl_bump.outputs.tags }} labels: ${{ steps.meta_ssl_bump.outputs.labels }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 - name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - name: Build 'ssl-bump' image for ghcr uses: docker/build-push-action@v5 with: context: ssl-bump push: true file: ssl-bump/Dockerfile platforms: linux/amd64,linux/arm/v7 tags: ${{ steps.meta_ssl_bump_ghcr.outputs.tags }} labels: ${{ steps.meta_ssl_bump_ghcr.outputs.labels }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 - name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache