# This is a basic workflow to help you get started with Actions name: CI # Controls when the action will run. on: # Triggers the workflow on push or pull request events but only for the master branch push: branches: - master pull_request: # Allows you to run this workflow manually from the Actions tab workflow_dispatch: schedule: - cron: '0 0 * * *' env: BASENAME: bitnami/minideb LATEST: bullseye # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: # This workflow contains a single job called "build" shellcheck: # The type of runner that the job will run on runs-on: ubuntu-22.04 name: Shellcheck # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v3 - name: Install Dependencies run: | sudo apt-get -qq update sudo apt-get install -y shellcheck - name: Verify scripts with shellcheck run: | bash shellcheck build_multiarch: runs-on: ubuntu-22.04 needs: [ shellcheck ] strategy: matrix: dist: [buster, bullseye] arch: [amd64, arm64] name: Build ${{ matrix.dist }} on ${{ matrix.arch }} steps: - name: Check out repository uses: actions/checkout@v3 - name: Use local build action id: build uses: ./.github/actions/build with: dist: "${{ matrix.dist }}" platform: "${{ matrix.arch }}" is_latest: ${{ matrix.dist == env.LATEST }} - name: Push if: github.ref == 'refs/heads/master' env: DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} DOCKER_CONTENT_TRUST_REPOSITORY_KEY: ${{ secrets.DOCKER_CONTENT_TRUST_REPOSITORY_KEY }} DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE }} run: | bash pushone "${{ matrix.dist }}" "${{ matrix.arch }}" if ${{ matrix.dist == env.LATEST }} ; then bash pushone "latest" "${{ matrix.arch }}" fi deploy_manifests: runs-on: ubuntu-22.04 needs: [ build_multiarch ] if: github.ref == 'refs/heads/master' env: DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} DOCKER_CONTENT_TRUST_REPOSITORY_KEY: ${{ secrets.DOCKER_CONTENT_TRUST_REPOSITORY_KEY }} DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ secrets.DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE }} steps: - uses: actions/checkout@v3 - name: Push Manifests run: | DISTS="buster bullseye latest" bash pushmanifest # If the CI Pipeline does not succeed we should notify the interested agents slack-notif: runs-on: ubuntu-22.04 needs: - build_multiarch - deploy_manifests if: always() name: Notify unsuccessful CI run steps: - name: Notify in Slack channel if: ${{ needs.build_multiarch.result == 'failure' || needs.deploy_manifests.result == 'failure' }} uses: slackapi/slack-github-action@v1.23.0 with: payload: | { "text": "*Unsuccessful `bitnami/minideb` CI pipeline*", "blocks": [ { "type": "section", "text": { "type": "mrkdwn", "text": "*Unsuccessful `bitnami/minideb` CI pipeline*" } }, { "type": "section", "text": { "type": "mrkdwn", "text": "The CI pipeline for `bitnami/minideb` did not succeed. Check the related <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|action run> for more information." } } ] } env: SLACK_WEBHOOK_URL: ${{ secrets.CI_SLACK_WEBHOOK_URL }} SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK