208 lines
6.0 KiB
YAML
208 lines
6.0 KiB
YAML
name: Docker Image CI
|
|
|
|
on:
|
|
push:
|
|
# Publish `master` as Docker `latest` image.
|
|
branches:
|
|
- master
|
|
|
|
# Publish `v1.2.3` tags as releases.
|
|
tags:
|
|
- v*
|
|
|
|
# Run tests for PRs to `master` branch.
|
|
pull_request:
|
|
branches:
|
|
- "master"
|
|
|
|
env:
|
|
TEST_TAG: b4tman/squid:test
|
|
|
|
jobs:
|
|
test:
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v2
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
|
|
- name: Login to DockerHub
|
|
if: github.event_name != 'pull_request'
|
|
uses: docker/login-action@v2
|
|
with:
|
|
username: b4tman
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
- name: Cache Docker layers
|
|
uses: actions/cache@v3.3.1
|
|
with:
|
|
path: /tmp/.buildx-cache
|
|
key: ${{ runner.os }}-buildx-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-buildx-
|
|
|
|
- name: Build squid image
|
|
uses: docker/build-push-action@v4
|
|
with:
|
|
context: .
|
|
push: false
|
|
load: true # automatically load the single-platform build result to docker images
|
|
tags: ${{ env.TEST_TAG }}
|
|
cache-from: type=local,src=/tmp/.buildx-cache
|
|
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
|
|
|
|
# Temp fix
|
|
# https://github.com/docker/build-push-action/issues/252
|
|
# https://github.com/moby/buildkit/issues/1896
|
|
- name: Move cache
|
|
run: |
|
|
rm -rf /tmp/.buildx-cache
|
|
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
|
|
|
- name: Test image
|
|
run: docker compose -f docker-compose.test.yml up --pull never sut
|
|
|
|
- name: Build 'ssl-bump' image
|
|
run: |
|
|
sed -i "s%FROM b4tman/squid%FROM $TEST_TAG%" ssl-bump/Dockerfile
|
|
docker build ssl-bump
|
|
|
|
push:
|
|
needs: test
|
|
runs-on: ubuntu-20.04
|
|
if: github.event_name != 'pull_request'
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Docker meta
|
|
id: meta
|
|
uses: docker/metadata-action@v4
|
|
with:
|
|
images: |
|
|
b4tman/squid
|
|
ghcr.io/b4tman/squid
|
|
flavor: |
|
|
latest=${{ github.ref == 'refs/heads/master' }}
|
|
tags: |
|
|
type=ref,event=branch
|
|
type=semver,pattern={{version}}
|
|
type=semver,pattern={{major}}.{{minor}}
|
|
|
|
- name: Docker meta (ssl-bump)
|
|
id: meta_ssl_bump
|
|
uses: docker/metadata-action@v4
|
|
with:
|
|
images: |
|
|
b4tman/squid
|
|
ghcr.io/b4tman/squid
|
|
flavor: |
|
|
latest=false
|
|
suffix=-ssl-bump
|
|
tags: |
|
|
type=ref,event=branch
|
|
type=semver,pattern={{version}}
|
|
type=semver,pattern={{major}}.{{minor}}
|
|
|
|
- name: Docker meta (ssl-bump ghcr)
|
|
id: meta_ssl_bump_ghcr
|
|
uses: docker/metadata-action@v4
|
|
with:
|
|
images: |
|
|
ghcr.io/b4tman/squid-ssl-bump
|
|
flavor: |
|
|
latest=${{ github.ref == 'refs/heads/master' }}
|
|
tags: |
|
|
type=ref,event=branch
|
|
type=semver,pattern={{version}}
|
|
type=semver,pattern={{major}}.{{minor}}
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v2
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
|
|
- name: Cache Docker layers
|
|
uses: actions/cache@v3.3.1
|
|
with:
|
|
path: /tmp/.buildx-cache
|
|
key: ${{ runner.os }}-buildx-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-buildx-
|
|
|
|
- name: Login to DockerHub
|
|
uses: docker/login-action@v2
|
|
with:
|
|
username: b4tman
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v2
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.CR_PAT }}
|
|
|
|
- name: Build squid image
|
|
uses: docker/build-push-action@v4
|
|
with:
|
|
context: .
|
|
push: true
|
|
platforms: linux/amd64,linux/arm/v7
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
labels: ${{ steps.meta.outputs.labels }}
|
|
cache-from: type=local,src=/tmp/.buildx-cache
|
|
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
|
|
|
|
# Temp fix
|
|
# https://github.com/docker/build-push-action/issues/252
|
|
# https://github.com/moby/buildkit/issues/1896
|
|
- name: Move cache
|
|
run: |
|
|
rm -rf /tmp/.buildx-cache
|
|
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
|
|
|
- name: Build 'ssl-bump' image
|
|
uses: docker/build-push-action@v4
|
|
with:
|
|
context: ssl-bump
|
|
push: true
|
|
file: ssl-bump/Dockerfile
|
|
platforms: linux/amd64,linux/arm/v7
|
|
tags: ${{ steps.meta_ssl_bump.outputs.tags }}
|
|
labels: ${{ steps.meta_ssl_bump.outputs.labels }}
|
|
cache-from: type=local,src=/tmp/.buildx-cache
|
|
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
|
|
|
# Temp fix
|
|
# https://github.com/docker/build-push-action/issues/252
|
|
# https://github.com/moby/buildkit/issues/1896
|
|
- name: Move cache
|
|
run: |
|
|
rm -rf /tmp/.buildx-cache
|
|
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
|
|
|
- name: Build 'ssl-bump' image for ghcr
|
|
uses: docker/build-push-action@v4
|
|
with:
|
|
context: ssl-bump
|
|
push: true
|
|
file: ssl-bump/Dockerfile
|
|
platforms: linux/amd64,linux/arm/v7
|
|
tags: ${{ steps.meta_ssl_bump_ghcr.outputs.tags }}
|
|
labels: ${{ steps.meta_ssl_bump_ghcr.outputs.labels }}
|
|
cache-from: type=local,src=/tmp/.buildx-cache
|
|
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
|
|
|
|
# Temp fix
|
|
# https://github.com/docker/build-push-action/issues/252
|
|
# https://github.com/moby/buildkit/issues/1896
|
|
- name: Move cache
|
|
run: |
|
|
rm -rf /tmp/.buildx-cache
|
|
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|