name: Build docker images # Controls when the workflow will run on: # Triggers the workflow on push or pull request events but only for the master branch push: branches: [ master ] pull_request: branches: [ master ] # Allows you to run this workflow manually from the Actions tab workflow_dispatch: # set token permissions for job so we can push to ghcr.io permissions: contents: read packages: write # build components using a job matrix, so they can run in parallel jobs: build: runs-on: ubuntu-24.04 # run jobs in buildah containers, since ubuntu is bad at keeping packages updated container: image: quay.io/buildah/stable:latest strategy: fail-fast: false matrix: component: - backfiller - bus_analyzer - buscribe - buscribe_api - chat_archiver - cutter - downloader - nginx - playlist_manager - postgres - restreamer - segment_coverage - sheetsync - thrimshim - zulip_bots steps: - name: Install git & podman # the buildah/stable image doesn't include git # actions/checkout works without git, but not if you do submodules # thus, we install git # we need podman for the podman-login action unfortunately run: | sudo dnf install -y git podman - name: Check out repo uses: actions/checkout@v3 with: submodules: recursive # By default, for PR builds, Actions will check out a merge commit between the actual # PR branch and the base branch (normally master). This isn't what we want as it means # the actually pushed commit isn't getting built, so it can't then be used without being # merged first. This makes testing much more difficult. # This option makes it actually check out the PR's commit instead. ref: ${{ github.event.pull_request.head.sha }} - name: Install QEMU # qemu-user-static is used by buildah to do multiplatform builds # the buildah image is fedora-based, hence we use dnf run: | sudo dnf install -y qemu-user-static - name: Log into ghcr.io uses: redhat-actions/podman-login@v1 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build ${{ matrix.component }} # always push # if not a pull request and a push to master, also push "latest" tag # try to cache from previous build and then build component using build script # set the multiarch flag so we also build arm64 images and not just amd64 run: | export PUSH=true CACHE=true MULTIPLATFORM=true # Only push latest when pushing to master if [ "$GITHUB_EVENT_NAME" != "pull_request" ] && [ "$GITHUB_REF" == "refs/heads/master" ]; then export PUSH=latest; fi # PRs from forked repositories can't have package write permissions, so use cache in readonly mode in those cases. if [ '${{ github.event.pull_request.head.repo.full_name }}' != "dbvideostriketeam/wubloader" ]; then export CACHE=readonly; fi ./build ${{ matrix.component }}