diff options
| -rw-r--r-- | .gitea/workflows/release.yaml | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/.gitea/workflows/release.yaml b/.gitea/workflows/release.yaml new file mode 100644 index 0000000..5690b7a --- /dev/null +++ b/.gitea/workflows/release.yaml @@ -0,0 +1,88 @@ +name: release + +on: + schedule: + - cron: '0 0 * * *' + push: + branches: + - master + +jobs: + release-default: + runs-on: ubuntu-latest + container: + image: gitea/runner-images:ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker BuildX + uses: docker/setup-buildx-action@v3 + + - name: Login to DockerHub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_REGISTRY_USER }} + password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }} + + - name: Check syntax docker + uses: hadolint/hadolint-action@v3.1.0 + with: + dockerfile: core/Dockerfile + ignore: DL3013,DL3018 + + - name: Build Docker image + id: build-image + uses: docker/build-push-action@v6 + with: + context: core + file: core/Dockerfile + platforms: | + linux/amd64 + linux/386 + push: false + no-cache: true + tags: | + ${{ secrets.DOCKER_REGISTRY_USER}}/yt-local:latest + ${{ secrets.DOCKER_REGISTRY_USER}}/yt-local:v0.2.18 + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: ${{ secrets.DOCKER_REGISTRY_USER}}/yt-local:latest + format: 'table' + exit-code: '1' + ignore-unfixed: true + vuln-type: 'os' + severity: 'CRITICAL,HIGH' + + - name: Run Docker container + id: run_container + run: | + docker run --rm -d --name yt_local_${{ gitea.sha }} ${{ secrets.DOCKER_REGISTRY_USER }}/yt-local:latest + + - name: Test Docker container + run: | + sleep 15 + docker exec yt_local_${{ gitea.sha }} curl -o /dev/null -s -w "%{http_code}\n" http://127.0.0.1:8080/youtube.com || exit 1 + + - name: Clean up + if: always() + run: docker stop yt_local_${{ gitea.sha }} + + - name: Push Docker image + uses: docker/build-push-action@v6 + with: + context: core + file: core/Dockerfile + platforms: | + linux/amd64 + linux/386 + push: true + no-cache: false + tags: | + ${{ secrets.DOCKER_REGISTRY_USER}}/yt-local:latest + ${{ secrets.DOCKER_REGISTRY_USER}}/yt-local:v0.2.18 |