Skip to content

Commit

Permalink
fix: permissions & simplify
Browse files Browse the repository at this point in the history
  • Loading branch information
LucaRickli committed Dec 8, 2024
1 parent 07e0ee5 commit 4e30fe9
Showing 1 changed file with 46 additions and 78 deletions.
124 changes: 46 additions & 78 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,11 @@ on:
- published

jobs:
build-static:
build-docker:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
Expand All @@ -25,31 +26,55 @@ jobs:
node-version: 22.x
registry-url: 'https://registry.npmjs.org'

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Install dependencies
run: deno install

- name: Patch version
run: npm version ${{ github.event.release.tag_name }} --no-commit-hooks --no-git-tag-version

- name: Build static app
- name: Build app
run: deno task build
env:
BUILD_TARGET: static

- name: Release build assets
shell: bash
env:
GITHUB_TOKEN: ${{ github.TOKEN }}
run: |
cd ${{github.workspace}}
cp LICENSE build/LICENSE
zip -r headnet-static-${{ github.event.release.tag_name }}.zip build
gh release upload ${{ github.event.release.tag_name }} headnet-static-${{ github.event.release.tag_name }}.zip
- name: Build versioned docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
tags: ghcr.io/rickli-cloud/headnet:${{ github.event.release.tag_name }}
push: true

- name: Build latest docker image
uses: docker/build-push-action@v5
if: '!github.event.release.prerelease'
with:
context: .
platforms: linux/amd64,linux/arm64
tags: ghcr.io/rickli-cloud/headnet:latest
push: true

build-node:
build-basic:
runs-on: ubuntu-latest
permissions:
contents: read
contents: write
strategy:
fail-fast: false
matrix:
include:
- target: node
- target: static
steps:
- name: Checkout repository
uses: actions/checkout@v4
Expand All @@ -71,8 +96,10 @@ jobs:
- name: Patch version
run: npm version ${{ github.event.release.tag_name }} --no-commit-hooks --no-git-tag-version

- name: Build node app
- name: Build app
run: deno task build
env:
BUILD_TARGET: ${{ matrix.target }}

- name: Release build assets
shell: bash
Expand All @@ -81,71 +108,12 @@ jobs:
run: |
cd ${{github.workspace}}
cp LICENSE build/LICENSE
zip -r headnet-node-${{ github.event.release.tag_name }}.zip build
gh release upload ${{ github.event.release.tag_name }} headnet-node-${{ github.event.release.tag_name }}.zip
build-docker:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Setup deno
uses: denoland/setup-deno@v2
with:
deno-version: v2.x

- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 22.x
registry-url: 'https://registry.npmjs.org'

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Install dependencies
run: deno install

- name: Patch version
run: npm version ${{ github.event.release.tag_name }} --no-commit-hooks --no-git-tag-version

- name: Build app
run: deno task build

- name: Build versioned docker image
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
tags: ghcr.io/rickli-cloud/headnet:${{ github.event.release.tag_name }}
push: true

- name: Build latest docker image
uses: docker/build-push-action@v5
if: '!github.event.release.prerelease'
with:
context: .
platforms: linux/amd64,linux/arm64
tags: ghcr.io/rickli-cloud/headnet:latest
push: true
zip -r headnet-${{ matrix.target }}-${{ github.event.release.tag_name }}.zip build
gh release upload ${{ github.event.release.tag_name }} headnet-${{ matrix.target }}-${{ github.event.release.tag_name }}.zip
build-tauri:
permissions:
contents: read
contents: write
strategy:
fail-fast: false
matrix:
Expand Down

0 comments on commit 4e30fe9

Please sign in to comment.