fix permissions #1980
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Building | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| logLevel: | |
| description: "Log level" | |
| required: true | |
| default: "warning" | |
| type: choice | |
| options: | |
| - info | |
| - warning | |
| - debug | |
| push: | |
| branches: | |
| - master | |
| - dev | |
| paths-ignore: | |
| - "**.md" | |
| - ".github/**" | |
| pull_request: | |
| branches: | |
| - "master" | |
| paths-ignore: | |
| - "**.md" | |
| - ".github/ISSUE_TEMPLATE/**" | |
| env: | |
| DOCKERHUB_SLUG: arabcoders/watchstate | |
| GHCR_SLUG: ghcr.io/arabcoders/watchstate | |
| PLATFORMS: linux/amd64,linux/arm64,linux/arm | |
| jobs: | |
| unit-tests: | |
| name: PHP ${{ matrix.php }} | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| php: [8.4] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Update Version File | |
| uses: arabcoders/write-version-to-file@master | |
| with: | |
| filename: "/config/config.php" | |
| placeholder: "$(version_via_ci)" | |
| with_date: "true" | |
| with_branch: "true" | |
| - name: Setup PHP | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| php-version: ${{ matrix.php }} | |
| extensions: pdo, mbstring, ctype, curl, sqlite3 | |
| coverage: none | |
| tools: composer:v2 | |
| - name: Get composer cache directory | |
| id: composer-cache | |
| run: echo "COMPOSER_CACHE_DIR=$(composer config cache-files-dir)" >> "$GITHUB_OUTPUT" | |
| - name: restore cached dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ steps.composer-cache.outputs.COMPOSER_CACHE_DIR }} | |
| key: "${{ matrix.php }}-composer-${{ hashFiles('**/composer.lock') }}" | |
| restore-keys: ${{ matrix.php }}-composer- | |
| - run: composer install --prefer-dist --no-interaction --no-progress | |
| - run: composer run test | |
| publish_docker_images: | |
| needs: unit-tests | |
| if: github.event_name == 'push' | |
| runs-on: "ubuntu-latest" | |
| permissions: | |
| packages: write | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - uses: bahmutov/npm-install@v1 | |
| with: | |
| working-directory: frontend | |
| install-command: yarn --production --prefer-offline --frozen-lockfile | |
| - uses: bahmutov/npm-install@v1 | |
| with: | |
| working-directory: frontend | |
| install-command: yarn run generate | |
| - name: Update Version File | |
| uses: arabcoders/write-version-to-file@master | |
| with: | |
| filename: "/config/config.php" | |
| placeholder: "$(version_via_ci)" | |
| with_date: "true" | |
| with_branch: "true" | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ env.DOCKERHUB_SLUG }} | |
| ${{ env.GHCR_SLUG }} | |
| tags: | | |
| type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }} | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| type=raw,value={{branch}}{{base_ref}}-{{date 'YYYYMMDD'}}-{{sha}} | |
| flavor: | | |
| latest=false | |
| - name: Login to github | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| platforms: ${{ env.PLATFORMS }} | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha, scope=${{ github.workflow }} | |
| cache-to: type=gha, scope=${{ github.workflow }} | |
| - name: Version tag | |
| uses: arabcoders/action-python-autotagger@master | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| repo_name: arabcoders/watchstate | |
| path: config/config.php | |
| regex: "'version'\\s\\=\\>\\s\\'(.+?)\\'\\," | |
| dockerhub-sync-readme: | |
| needs: publish_docker_images | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && endsWith(github.ref, github.event.repository.default_branch) | |
| steps: | |
| - name: Sync README | |
| uses: docker://lsiodev/readme-sync:latest | |
| env: | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_TOKEN }} | |
| GIT_REPOSITORY: ${{ github.repository }} | |
| DOCKER_REPOSITORY: ${{ env.DOCKERHUB_SLUG }} | |
| GIT_BRANCH: master | |
| with: | |
| entrypoint: node | |
| args: /opt/docker-readme-sync/sync | |
| create_release: | |
| needs: publish_docker_images | |
| runs-on: ubuntu-latest | |
| if: endsWith(github.ref, github.event.repository.default_branch) && success() | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # so we can do git log for the full history | |
| - name: Get commits between old and new | |
| id: commits | |
| run: | | |
| PREVIOUS_SHA="${{ github.event.before }}" | |
| CURRENT_SHA="${{ github.event.after }}" | |
| echo "Previous SHA: $PREVIOUS_SHA" | |
| echo "Current SHA: $CURRENT_SHA" | |
| # If "before" is empty or all zeros, log all commits | |
| if [ -z "$PREVIOUS_SHA" ] || [ "$PREVIOUS_SHA" = "0000000000000000000000000000000000000000" ]; then | |
| LOG=$(git log --pretty=format:"- %h %s by %an") | |
| else | |
| LOG=$(git log "$PREVIOUS_SHA".."$CURRENT_SHA" --pretty=format:"- %h %s by %an") | |
| fi | |
| echo "LOG<<EOF" >> "$GITHUB_ENV" | |
| echo "$LOG" >> "$GITHUB_ENV" | |
| echo "EOF" >> "$GITHUB_ENV" | |
| - name: Fetch the most recent tag | |
| id: last_tag | |
| run: | | |
| # Make sure we have all tags | |
| git fetch --tags | |
| # Get the latest tag by commit date (most recent) | |
| # If there are no tags at all, set a fallback | |
| LAST_TAG=$(git describe --tags --abbrev=0 $(git rev-list --tags --max-count=1) 2>/dev/null || echo "no-tags-found") | |
| echo "Latest tag found: $LAST_TAG" | |
| echo "LAST_TAG=$LAST_TAG" >> "$GITHUB_OUTPUT" | |
| - name: Create GitHub Release using last tag | |
| uses: softprops/action-gh-release@master | |
| with: | |
| tag_name: ${{ steps.last_tag.outputs.LAST_TAG }} | |
| name: "${{ steps.last_tag.outputs.LAST_TAG }}" | |
| body: ${{ env.LOG }} | |
| draft: false | |
| prerelease: false | |
| generate_release_notes: true | |
| append_body: true | |
| make_latest: true | |
| token: ${{ secrets.GITHUB_TOKEN }} |