Build neurodesktop-test #52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build neurodesktop-test | |
| # Scheduled production builds at 17:00 UTC every day. | |
| # Build manually from here: https://github.com/NeuroDesk/neurodesktop/actions/workflows/build-neurodesktop.yml | |
| # DockerHub: https://hub.docker.com/r/vnmd/neurodesktop | |
| # Github Packages: https://github.com/NeuroDesk/neurodesktop/pkgs/container/neurodesktop%2Fneurodesktop | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 17 * * *' | |
| env: | |
| DOCKERHUB_ORG: ${{ vars.DOCKERHUB_ORG }} | |
| OCIR_REPO: ${{ vars.OCIR_REPO }} | |
| jobs: | |
| build-image: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Fetch github api rate limit | |
| run: | | |
| GITHUB_RATE_REMAINING=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/rate_limit | jq '.rate.remaining') | |
| echo "GITHUB_RATE_REMAINING=${GITHUB_RATE_REMAINING}" | |
| echo "GITHUB_RATE_REMAINING=$GITHUB_RATE_REMAINING" >> $GITHUB_ENV | |
| - name: Maximize build space | |
| uses: easimon/maximize-build-space@master | |
| with: | |
| root-reserve-mb: 40000 | |
| swap-size-mb: 1024 | |
| overprovision-lvm: 'true' | |
| remove-dotnet: 'true' | |
| remove-android: 'true' | |
| remove-haskell: 'true' | |
| remove-codeql: 'true' | |
| remove-docker-images: 'true' | |
| - name: Checkout repository | |
| if: ${{ env.GITHUB_RATE_REMAINING > 0 }} | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.ref }} | |
| - name: Set environment variables | |
| if: ${{ env.GITHUB_RATE_REMAINING > 0 }} | |
| run: | | |
| IMAGENAME="neurodesktop-test" | |
| BUILDDATE=`date +%Y-%m-%d-%H%M` | |
| IMAGEID=ghcr.io/$GITHUB_REPOSITORY/$IMAGENAME | |
| IMAGEID=$(echo $IMAGEID | tr '[A-Z]' '[a-z]') | |
| echo "BUILDDATE=$BUILDDATE" | |
| echo "IMAGEID=$IMAGEID" | |
| echo "IMAGENAME=$IMAGENAME" | |
| echo "BUILDDATE=$BUILDDATE" >> $GITHUB_ENV | |
| echo "IMAGEID=$IMAGEID" >> $GITHUB_ENV | |
| echo "IMAGENAME=$IMAGENAME" >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build new image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| load: true | |
| platforms: linux/amd64 | |
| # platforms: linux/amd64,linux/arm64 | |
| provenance: false # fixes unknown/unknown arch builds | |
| tags: ${{ env.IMAGEID }}:${{ env.BUILDDATE }} | |
| - name: Container image scan | |
| if: ${{ env.GITHUB_RATE_REMAINING > 0 }} | |
| uses: aquasecurity/[email protected] | |
| with: | |
| image-ref: ${{ env.IMAGEID }}:${{ env.BUILDDATE }} | |
| format: table | |
| exit-code: '1' | |
| severity: CRITICAL | |
| timeout: 25m0s | |
| skip-files: /opt/rclone-v1.60.1-linux-amd64/README.txt, /opt/rclone-v1.60.1-linux-amd64/README.html, /opt/rclone-v1.60.1-linux-amd64/rclone.1 | |
| # - name: Generate issue on job failure | |
| # if: always() && failure() | |
| # uses: JasonEtco/[email protected] | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # GITHUB_WORKFLOW: ${{ env.GITHUB_WORKFLOW }} | |
| # GITHUB_SERVER_URL: ${{ env.GITHUB_SERVER_URL }} | |
| # GITHUB_REPOSITORY: ${{ env.GITHUB_REPOSITORY }} | |
| # GITHUB_RUN_ID: ${{ env.GITHUB_RUN_ID }} | |
| # with: | |
| # filename: .github/job_failure_issue_template.md | |
| # update_existing: true | |
| # search_existing: open |