mastodon/.github/workflows/build-releases.yml at ebdc265008eb04792f444f0eb9ccdddc6ddee788 · highemerly/mastodon · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
name: Build container release images
on:
  push:
    tags:
      - '*'

permissions:
  contents: read
  packages: write

jobs:
  check-latest-stable:
    runs-on: ubuntu-latest
    if: github.repository == 'mastodon/mastodon'
    outputs:
      latest: ${{ steps.check.outputs.is_latest_stable }}
    steps:
      # Repository needs to be cloned to list branches
      - name: Clone repository
        uses: actions/checkout@v6
        with:
          fetch-depth: 0

      - name: Check latest stable
        shell: bash
        id: check
        run: |
          ref="${GITHUB_REF#refs/tags/}"

          if [[ "$ref" =~ ^v([0-9]+)\.([0-9]+)(\.[0-9]+)?$ ]]; then
            current="${BASH_REMATCH[1]}.${BASH_REMATCH[2]}"
          else
            echo "tag $ref is not semver"
            echo "is_latest_stable=false" >> "$GITHUB_OUTPUT"
            exit 0
          fi

          latest=$(git for-each-ref --format='%(refname:short)' "refs/remotes/origin/stable-*.*" \
            | sed -E 's#^origin/stable-##' \
            | sort -Vr \
            | head -n1)

          if [[ "$current" == "$latest" ]]; then
            echo "is_latest_stable=true" >> "$GITHUB_OUTPUT"
          else
            echo "is_latest_stable=false" >> "$GITHUB_OUTPUT"
          fi

  build-image:
    needs: check-latest-stable
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: Dockerfile
      push_to_images: |
        tootsuite/mastodon
        ghcr.io/mastodon/mastodon
      # Do not use cache when building releases, so apt update is always ran and the release always contain the latest packages
      cache: false
      # Only tag with latest when ran against the latest stable branch
      # This needs to be updated after each minor version release
      flavor: |
        latest=${{ needs.check-latest-stable.outputs.latest }}
      tags: |
        type=pep440,pattern={{raw}}
        type=pep440,pattern=v{{major}}.{{minor}}
    secrets: inherit

  build-image-streaming:
    needs: check-latest-stable
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: streaming/Dockerfile
      push_to_images: |
        tootsuite/mastodon-streaming
        ghcr.io/mastodon/mastodon-streaming
      # Do not use cache when building releases, so apt update is always ran and the release always contain the latest packages
      cache: false
      # Only tag with latest when ran against the latest stable branch
      # This needs to be updated after each minor version release
      flavor: |
        latest=${{ needs.check-latest-stable.outputs.latest }}
      tags: |
        type=pep440,pattern={{raw}}
        type=pep440,pattern=v{{major}}.{{minor}}
    secrets: inherit