mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-05-02 19:51:49 +02:00
630083bdea
Previously, the actions were duplicated, due to the fact when developing we often create feature branches and open pull requests. This new setup requires us to open pull requests to trigger the CI.
102 lines
3 KiB
YAML
102 lines
3 KiB
YAML
name: Build dev environments
|
|
on:
|
|
pull_request:
|
|
push:
|
|
branches:
|
|
- main
|
|
- "test/**"
|
|
schedule:
|
|
- cron: "0 0 * * *" # Run every day at 00:00 UTC.
|
|
|
|
permissions:
|
|
packages: write
|
|
|
|
env:
|
|
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
|
|
REGISTRY_USER: ${{ github.actor }}
|
|
REGISTRY_PASSWORD: ${{ github.token }}
|
|
|
|
# Each day, build and publish to ghcr.io:
|
|
#
|
|
# - the dangerzone/dangerzone container image
|
|
# - the dangerzone/build/{debian,ubuntu,fedora}:version
|
|
# dev environments used to run the tests
|
|
#
|
|
# End-user environments are not published to the GHCR because
|
|
# they need .rpm or .deb files to be built, which is what we
|
|
# want to test.
|
|
|
|
jobs:
|
|
build-dev-environment:
|
|
name: "Build dev-env (${{ matrix.distro }}-${{ matrix.version }})"
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
include:
|
|
- distro: ubuntu
|
|
version: "20.04"
|
|
- distro: ubuntu
|
|
version: "22.04"
|
|
- distro: ubuntu
|
|
version: "24.04"
|
|
- distro: ubuntu
|
|
version: "24.10"
|
|
- distro: debian
|
|
version: bullseye
|
|
- distro: debian
|
|
version: bookworm
|
|
- distro: debian
|
|
version: trixie
|
|
- distro: fedora
|
|
version: "39"
|
|
- distro: fedora
|
|
version: "40"
|
|
- distro: fedora
|
|
version: "41"
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: "3.10"
|
|
|
|
- name: Login to GHCR
|
|
run: |
|
|
echo ${{ github.token }} | podman login ghcr.io -u USERNAME --password-stdin
|
|
|
|
- name: Build dev environment
|
|
run: |
|
|
./dev_scripts/env.py --distro ${{ matrix.distro }} \
|
|
--version ${{ matrix.version }} \
|
|
build-dev --sync
|
|
|
|
build-container-image:
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Get current date
|
|
id: date
|
|
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
|
|
|
|
- name: Cache container image
|
|
id: cache-container-image
|
|
uses: actions/cache@v4
|
|
with:
|
|
key: v2-${{ steps.date.outputs.date }}-${{ hashFiles('Dockerfile', 'dangerzone/conversion/common.py', 'dangerzone/conversion/doc_to_pixels.py', 'dangerzone/conversion/pixels_to_pdf.py', 'poetry.lock', 'gvisor_wrapper/entrypoint.py') }}
|
|
path: |
|
|
share/container.tar.gz
|
|
share/image-id.txt
|
|
|
|
- name: Build and push Dangerzone image
|
|
if: ${{ steps.cache-container-image.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
sudo apt-get install -y python3-poetry
|
|
python3 ./install/common/build-image.py
|
|
echo ${{ github.token }} | podman login ghcr.io -u USERNAME --password-stdin
|
|
gunzip -c share/container.tar.gz | podman load
|
|
podman push \
|
|
dangerzone.rocks/dangerzone \
|
|
${{ env.IMAGE_REGISTRY }}/dangerzone/dangerzone
|