Build Docker Hub images via Github Actions

Since docker hub stopped Autobuild, we need to switch to something else. This will trigger building of images on Github Actions and pushes them to Docker Hub. You only need to add 3 secrets before you merge this PR to have it working directly. - DOCKERHUB_USERNAME : The username of the account you are going to push the builds to - DOCKERHUB_TOKEN : The token needed to login and push builds - DOCKERHUB_REPO : The repo name in the following form `index.docker.io/<user>/<repo>` So for vaultwarden that would be `index.docker.io/vaultwarden/server` Also some small modifications to the other workflows.
author: BlackDex <[email protected]> 2021-08-28 17:29:13 +0200
committer: BlackDex <[email protected]> 2021-08-28 17:29:13 +0200
commit: 20535065d752300104f2831dfa88c2ec3e6edb82 (patch)
tree: 996f1c45f0edb010174bf26874838c3ca3be7204 /.github
parent: a23f4a704b4bebf8fa20aa79d6aa7671685e254d (diff)
download: vaultwarden-20535065d752300104f2831dfa88c2ec3e6edb82.tar.gz
vaultwarden-20535065d752300104f2831dfa88c2ec3e6edb82.zip
3 files changed, 123 insertions, 32 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 26fcb663..0f80b950 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -2,36 +2,23 @@ name: Build
 
 on:
   push:
-    paths-ignore:
-      - "*.md"
-      - "*.txt"
-      - ".dockerignore"
-      - ".env.template"
-      - ".gitattributes"
-      - ".gitignore"
-      - "azure-pipelines.yml"
-      - "docker/**"
-      - "hooks/**"
-      - "tools/**"
-      - ".github/FUNDING.yml"
-      - ".github/ISSUE_TEMPLATE/**"
-      - ".github/security-contact.gif"
+    paths:
+      - ".github/workflows/build.yml"
+      - "src/**"
+      - "migrations/**"
+      - "Cargo.*"
+      - "build.rs"
+      - "diesel.toml"
+      - "rust-toolchain"
   pull_request:
-    # Ignore when there are only changes done too one of these paths
-    paths-ignore:
-      - "*.md"
-      - "*.txt"
-      - ".dockerignore"
-      - ".env.template"
-      - ".gitattributes"
-      - ".gitignore"
-      - "azure-pipelines.yml"
-      - "docker/**"
-      - "hooks/**"
-      - "tools/**"
-      - ".github/FUNDING.yml"
-      - ".github/ISSUE_TEMPLATE/**"
-      - ".github/security-contact.gif"
+    paths:
+      - ".github/workflows/build.yml"
+      - "src/**"
+      - "migrations/**"
+      - "Cargo.*"
+      - "build.rs"
+      - "diesel.toml"
+      - "rust-toolchain"
 
 jobs:
   build:
diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml
index 36406cb8..3a766c89 100644
--- a/.github/workflows/hadolint.yml
+++ b/.github/workflows/hadolint.yml
@@ -2,11 +2,10 @@ name: Hadolint
 
 on:
   push:
-    # Ignore when there are only changes done too one of these paths
     paths:
       - "docker/**"
+
   pull_request:
-    # Ignore when there are only changes done too one of these paths
     paths:
       - "docker/**"
 
@@ -28,7 +27,7 @@ jobs:
           sudo curl -L https://github.com/hadolint/hadolint/releases/download/v${HADOLINT_VERSION}/hadolint-$(uname -s)-$(uname -m) -o /usr/local/bin/hadolint && \
           sudo chmod +x /usr/local/bin/hadolint
         env:
-          HADOLINT_VERSION: 2.6.1
+          HADOLINT_VERSION: 2.7.0
       # End Download hadolint
 
       # Test Dockerfiles
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 00000000..3e8b9607
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,105 @@
+name: Release
+
+on:
+  push:
+    paths:
+      - ".github/workflows/release.yml"
+      - "src/**"
+      - "migrations/**"
+      - "hooks/**"
+      - "docker/**"
+      - "Cargo.*"
+      - "build.rs"
+      - "diesel.toml"
+      - "rust-toolchain"
+
+    branches: # Only on paths above
+      - main
+
+    tags: # Always, regardless of paths above
+      - '*'
+
+jobs:
+  # https://github.com/marketplace/actions/skip-duplicate-actions
+  # Some checks to determine if we need to continue with building a new docker.
+  # We will skip this check if we are creating a tag, because that has the same hash as a previous run already.
+  skip_check:
+    runs-on: ubuntu-latest
+    if: ${{ github.repository == 'dani-garcia/vaultwarden' }}
+    outputs:
+      should_skip: ${{ steps.skip_check.outputs.should_skip }}
+    steps:
+      - name: Skip Duplicates Actions
+        id: skip_check
+        uses: fkirc/skip-duplicate-actions@master
+        with:
+          cancel_others: 'true'
+        # Only run this when not creating a tag
+        if: ${{ startsWith(github.ref, 'refs/heads/') }}
+
+  docker-build:
+    runs-on: ubuntu-latest
+    needs: skip_check
+    if: ${{ needs.skip_check.outputs.should_skip != 'true' }}
+    env:
+      # DOCKER_BUILDKIT: 1 # Disabled for now, but we should look at this because it will speedup building!
+      # DOCKER_REPO/secrets.DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>'
+      DOCKER_REPO: ${{ secrets.DOCKERHUB_REPO }}
+      SOURCE_COMMIT: ${{ github.sha }}
+      SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}"
+    steps:
+      # Checkout the repo
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      # Login to Docker Hub
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      # Determine Docker Tag
+      - name: Init Variables
+        id: vars
+        shell: bash
+        run: |
+          # Check which main tag we are going to build determined by github.ref
+          if [[ "${{ github.ref }}" == refs/tags/* ]]; then
+            echo "set-output name=DOCKER_TAG::${GITHUB_REF#refs/*/}"
+            echo "::set-output name=DOCKER_TAG::${GITHUB_REF#refs/*/}"
+          elif [[ "${{ github.ref }}" == refs/heads/* ]]; then
+            echo "set-output name=DOCKER_TAG::testing"
+            echo "::set-output name=DOCKER_TAG::testing"
+          fi
+      # End Determine Docker Tag
+
+      - name: Build Debian based images
+        shell: bash
+        env:
+          DOCKER_TAG: ${{steps.vars.outputs.DOCKER_TAG}}
+        run: |
+          ./hooks/build
+
+      - name: Push Debian based images
+        shell: bash
+        env:
+          DOCKER_TAG: ${{steps.vars.outputs.DOCKER_TAG}}
+        run: |
+          ./hooks/push
+
+      - name: Build Alpine based images
+        shell: bash
+        env:
+          DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+        run: |
+          ./hooks/build
+
+      - name: Push Alpine based images
+        shell: bash
+        env:
+          DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+        run: |
+          ./hooks/push
author	BlackDex <[email protected]>	2021-08-28 17:29:13 +0200
committer	BlackDex <[email protected]>	2021-08-28 17:29:13 +0200
commit	20535065d752300104f2831dfa88c2ec3e6edb82 (patch)
tree	996f1c45f0edb010174bf26874838c3ca3be7204 /.github
parent	a23f4a704b4bebf8fa20aa79d6aa7671685e254d (diff)
download	vaultwarden-20535065d752300104f2831dfa88c2ec3e6edb82.tar.gz vaultwarden-20535065d752300104f2831dfa88c2ec3e6edb82.zip