Publish #191
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish | |
on: | |
push: | |
tags: | |
- "*" # Keeps the original trigger | |
workflow_dispatch: # Allows manual dispatch with parameters | |
inputs: | |
tag_name: | |
description: "The tag to be published" | |
required: true | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
jobs: | |
publish: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
attestations: write | |
id-token: write | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Publish package | |
run: npx jsr publish | |
- name: Publish script package | |
run: cd scripts/ && npx jsr publish | |
- name: Publish dev package | |
run: cd dev/ && npx jsr publish | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
install: true | |
- name: Create a new builder instance | |
run: docker buildx create --name mybuilder --use | |
- name: Log in to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build, tag, and push the builder image to Github ghcr | |
id: build-builder-image | |
env: | |
REGISTRY: ${{ env.REGISTRY }} | |
REPOSITORY: ${{ env.IMAGE_NAME }} | |
IMAGE_TAG_LATEST: latest | |
IMAGE_TAG_COMMIT: ${{ github.event.inputs.tag_name || github.ref_name }} | |
run: | | |
#!/bin/bash | |
# Function to check if the tag is a prerelease | |
hasPrerelease() { | |
[[ "$1" == *"-"* ]] | |
} | |
LATEST="" | |
# Check if the tag is a prerelease | |
if ! hasPrerelease "$IMAGE_TAG_COMMIT"; then | |
LATEST="-t $REGISTRY/$REPOSITORY:$IMAGE_TAG_LATEST" | |
fi | |
# Get the current tag and create the Dockerfile | |
cat <<EOF > Dockerfile | |
FROM denoland/deno:alpine-1.44.4 | |
# The port that your application listens to. | |
EXPOSE 8000 | |
WORKDIR /app | |
# Maybe add deno lsp? | |
RUN apk add git openssh | |
RUN DENO_DIR=/daemon-deno-dir deno cache jsr:@deco/deco@$IMAGE_TAG_COMMIT/scripts/run | |
RUN mkdir -p /home/deno && chown -R deno:deno /home/deno && mkdir /app/deco && chown -R deno:deno /app && mkdir -p /deno-dir && chown -R deno:deno /deno-dir && chown -R deno:deno /daemon-deno-dir | |
# Prefer not to run as root. | |
USER deno | |
WORKDIR /app/deco | |
EOF | |
# Build and push the Docker image | |
docker buildx build --platform linux/amd64,linux/arm64 $LATEST -t $REGISTRY/$REPOSITORY:$IMAGE_TAG_COMMIT --push . | |
# Set the GitHub Actions outputs | |
if [ -n "$LATEST" ]; then | |
echo "::set-output name=image_builder_latest::$REGISTRY/$REPOSITORY:$IMAGE_TAG_LATEST" | |
fi | |
echo "::set-output name=image_builder_commit::$REGISTRY/$REPOSITORY:$IMAGE_TAG_COMMIT" |