refactor: refactor build workflow, add dependabot

2021-04-04 19:56:12 +00:00
parent bdcc8235a5
commit 7cf55a7620
2 changed files with 107 additions and 135 deletions
@@ -0,0 +1,7 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'monthly'
@@ -1,135 +1,100 @@
-name: Build Docker image
-
-on:
-  schedule:
-    - cron: 0 12 */7 * *
-  push:
-    paths:
-      - '.github/workflows/build-images.yml'
-      - 'linux/**'
-  pull_request:
-    paths:
-      - '.github/workflows/build-images.yml'
-      - 'linux/**'
-  workflow_dispatch:
-
-jobs:
-  print-date:
-    name: Provides current date
-    runs-on: ubuntu-latest
-    outputs:
-      date: ${{ steps.print-date.outputs.date }}
-    steps:
-      - name: Print date in UTC format
-        id: print-date
-        run: echo "::set-output name=date::$(date +%Y%m%d)"
-  act-base:
-    name: Build
-    runs-on: ubuntu-${{ matrix.DISTRIB_RELEASE }}
-    needs:
-      - print-date
-    strategy:
-      fail-fast: true
-      max-parallel: 6
-      matrix:
-        DISTRIB_ID: [ubuntu]
-        DISTRIB_RELEASE: [latest, 20.04, 18.04, 16.04]
-        IMAGE_TYPE: [act, runner]
-        NODE_VERSION: ['12']
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-
-      - name: Login to GitHub Container Registry
-        id: ghcr
-        if: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GHCR_TOKEN }}
-
-      - name: Login to Quay
-        id: quay
-        if: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
-        uses: docker/login-action@v1
-        with:
-          registry: quay.io
-          username: catthehacker+docker_images
-          password: ${{ secrets.QUAY_TOKEN }}
-
-      - name: Login to Docker Hub
-        id: dckr
-        if: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
-        uses: docker/login-action@v1
-        with:
-          username: catthehacker
-          password: ${{ secrets.DCKR_TOKEN }}
-
-      - name: Set Ubuntu version to RELEASE
-        id: release
-        run: echo "::set-output name=RELEASE::$(lsb_release -sr)"
-
-      - name: Build and push catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ needs.print-date.outputs.date }}
-        id: docker_build
-        uses: docker/build-push-action@v2
-        with:
-          context: .
-          push: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
-          file: ./linux/${{ matrix.DISTRIB_ID }}/${{ matrix.IMAGE_TYPE }}/Dockerfile
-          platforms: linux/amd64,linux/arm64
-          tags: |
-            ghcr.io/catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}
-            ghcr.io/catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ needs.print-date.outputs.date }}
-            quay.io/catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}
-            quay.io/catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ needs.print-date.outputs.date }}
-            docker.io/catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}
-            docker.io/catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ needs.print-date.outputs.date }}
-          build-args: |
-            DISTRIB_ID=${{ matrix.DISTRIB_ID }}
-            DISTRIB_RELEASE=${{ steps.release.outputs.RELEASE }}
-            NODE_VERSION=${{ matrix.NODE_VERSION }}
-  scan:
-    if: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
-    name: Scan
-    runs-on: ubuntu-latest
-    needs:
-      - print-date
-      - act-base
-    strategy:
-      max-parallel: 4
-      fail-fast: false
-      matrix:
-        DISTRIB_ID: [ubuntu]
-        DISTRIB_RELEASE: [latest, 20.04, 18.04, 16.04]
-        IMAGE_TYPE: [act, runner]
-    steps:
-      - uses: azure/container-scan@v0
-        with:
-          image-name: ghcr.io/catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ needs.print-date.outputs.date }}
-  measure:
-    if: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
-    name: Measure
-    runs-on: ubuntu-latest
-    needs:
-      - print-date
-      - act-base
-    strategy:
-      max-parallel: 4
-      fail-fast: false
-      matrix:
-        DISTRIB_ID: [ubuntu]
-        DISTRIB_RELEASE: [latest, 20.04, 18.04, 16.04]
-        IMAGE_TYPE: [act, runner]
-    steps:
-      - name: Install `dive`
-        run: |
-          wget https://github.com/wagoodman/dive/releases/download/v0.9.2/dive_0.9.2_linux_amd64.deb
-          sudo dpkg -i dive_0.9.2_linux_amd64.deb
-      - name: Scan images size
-        run: dive --lowestEfficiency 0 --highestUserWastedPercent 1 ghcr.io/catthehacker/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ needs.print-date.outputs.date }}
+name: Build Docker image
+
+on:
+  schedule:
+    - cron: 0 12 */7 * *
+  push:
+    paths:
+      - '.github/workflows/build-images.yml'
+      - 'linux/**'
+  pull_request:
+    paths:
+      - '.github/workflows/build-images.yml'
+      - 'linux/**'
+  workflow_dispatch:
+
+env:
+  NODE: '12'
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-20.04
+    if: ${{ github.actor == github.repository_owner && github.event_name != 'pull_request' }}
+    strategy:
+      fail-fast: true
+      max-parallel: 4
+      matrix:
+        DISTRIB_ID: [ubuntu]
+        DISTRIB_RELEASE: [latest, 20.04, 18.04, 16.04]
+        IMAGE_TYPE: [act, runner]
+    steps:
+      - name: Login to GitHub Container Registry
+        id: ghcr
+        if: ${{ github.actor == github.repository_owner }}
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Login to Quay
+        id: quay
+        if: ${{ github.actor == github.repository_owner }}
+        uses: docker/login-action@v1
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USER }}
+          password: ${{ secrets.QUAY_TOKEN }}
+
+      - name: Login to Docker Hub
+        id: dckr
+        if: ${{ github.actor == github.repository_owner }}
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USER }}
+          password: ${{ secrets.DOCKER_TOKEN }}
+
+      - name: Print date in UTC format
+        id: print-date
+        run: echo "::set-output name=date::$(date +%Y%m%d)"
+
+      - name: Set Ubuntu version to RELEASE
+        id: release
+        run: |
+          if [ "latest" = "${{ matrix.DISTRIB_RELEASE }}" ]; then
+            echo "::set-output name=RELEASE::20.04"
+          else
+            echo "::set-output name=RELEASE::${{ matrix.DISTRIB_RELEASE }}"
+          fi
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - uses: actions/checkout@v2
+
+      - name: Build and push ${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ steps.print-date.outputs.date }}
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
+          file: ./linux/${{ matrix.DISTRIB_ID }}/${{ matrix.IMAGE_TYPE }}/Dockerfile
+          platforms: linux/amd64,linux/arm64
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}
+            ghcr.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ steps.print-date.outputs.date }}
+            quay.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}
+            quay.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ steps.print-date.outputs.date }}
+            docker.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}
+            docker.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ steps.print-date.outputs.date }}
+          build-args: |
+            DISTRIB_ID=${{ matrix.DISTRIB_ID }}
+            DISTRIB_RELEASE=${{ steps.release.outputs.RELEASE }}
+            NODE_VERSION=${{ env.NODE }}
+            BUILD_TAG_VERSION=${{ steps.print-date.outputs.date }}
+            BUILD_TAG=${{ matrix.IMAGE_TYPE }}
+            BUILD_REF=${{ github.sha }}