izackp/webterm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bde95d3d3e65f924abb0af2674c77e8b25e74f02
webterm/.github/workflows/docker.yml
T
GitHub Copilot 5a59f054a2 Add workflow cleanup pruning
2026-01-28 22:53:17 +00:00

261 lines
8.2 KiB
YAML
Raw Blame History

name: Build and Push Docker Image
on:
push:
tags: ['v*']
workflow_dispatch:
env:
IMAGE_NAME: ghcr.io/${{ github.repository }}
jobs:
build:
runs-on: ${{ matrix.runner }}
permissions:
contents: read
packages: write
strategy:
matrix:
include:
- platform: linux/amd64
runner: ubuntu-latest
- platform: linux/arm64
runner: ubuntu-24.04-arm
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels)
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
- name: Build and push by digest
id: build
uses: docker/build-push-action@v5
with:
context: .
platforms: ${{ matrix.platform }}
labels: ${{ steps.meta.outputs.labels }}
outputs: type=image,name=${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true
cache-from: type=gha,scope=${{ matrix.platform }}
cache-to: type=gha,mode=max,scope=${{ matrix.platform }}
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ matrix.runner }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
merge:
needs: build
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels)
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.IMAGE_NAME }}@sha256:%s ' *)
prune-releases:
name: Prune old releases
runs-on: ubuntu-latest
needs: merge
permissions:
contents: write
steps:
- name: Prune releases and tags
uses: actions/github-script@v7
with:
script: |
const keep = 5;
const { owner, repo } = context.repo;
const releases = await github.paginate(github.rest.repos.listReleases, {
owner,
repo,
per_page: 100,
});
core.info(`Found ${releases.length} releases; keeping latest ${keep}.`);
const toDelete = releases.slice(keep);
for (const release of toDelete) {
core.info(`Deleting release ${release.tag_name} (id ${release.id})`);
await github.rest.repos.deleteRelease({
owner,
repo,
release_id: release.id,
});
if (!release.tag_name) {
core.info(`Release ${release.id} has no tag.`);
continue;
}
const refs = await github.rest.git.listMatchingRefs({
owner,
repo,
ref: `tags/${release.tag_name}`,
});
if (refs.data.length === 0) {
core.info(`Tag ${release.tag_name} not found; skipping.`);
continue;
}
await github.rest.git.deleteRef({
owner,
repo,
ref: `tags/${release.tag_name}`,
});
}
cleanup:
name: Cleanup old runs, tags, and artifacts
runs-on: ubuntu-latest
needs: merge
permissions:
actions: write
contents: write
steps:
- name: Cleanup old workflow runs, tags, and artifacts
uses: actions/github-script@v7
with:
script: |
const keepCount = 5;
const { owner, repo } = context.repo;
core.info('Fetching workflow runs...');
const runs = await github.paginate(
github.rest.actions.listWorkflowRunsForRepo,
{
owner,
repo,
per_page: 100,
}
);
const sortedRuns = runs.sort((a, b) =>
new Date(b.created_at) - new Date(a.created_at)
);
const runsToDelete = sortedRuns.slice(keepCount);
core.info(`Found ${runs.length} workflow runs, keeping ${keepCount} newest, deleting ${runsToDelete.length} older...`);
for (const run of runsToDelete) {
core.info(`Deleting run #${run.run_number} from ${run.created_at}`);
try {
await github.rest.actions.deleteWorkflowRun({
owner,
repo,
run_id: run.id,
});
} catch (error) {
core.warning(`Failed to delete run ${run.id}: ${error.message}`);
}
}
core.info('Fetching tags...');
const tags = await github.paginate(
github.rest.repos.listTags,
{
owner,
repo,
per_page: 100,
}
);
const currentTag = context.ref.replace('refs/tags/', '');
const otherTags = tags.filter(tag => tag.name !== currentTag);
const tagsToDelete = otherTags.slice(keepCount);
core.info(`Found ${tags.length} tags, keeping ${keepCount} newest (including current: ${currentTag}), deleting ${tagsToDelete.length} older...`);
for (const tag of tagsToDelete) {
core.info(`Deleting tag ${tag.name}`);
try {
await github.rest.git.deleteRef({
owner,
repo,
ref: `tags/${tag.name}`,
});
} catch (error) {
core.warning(`Failed to delete tag ${tag.name}: ${error.message}`);
}
}
core.info('Fetching artifacts...');
const artifacts = await github.paginate(
github.rest.actions.listArtifactsForRepo,
{
owner,
repo,
per_page: 100,
}
);
const sortedArtifacts = artifacts
.filter(artifact => !artifact.expired)
.sort((a, b) => new Date(b.created_at) - new Date(a.created_at));
const artifactsToDelete = sortedArtifacts.slice(keepCount);
core.info(`Found ${artifacts.length} artifacts, keeping ${keepCount} newest, deleting ${artifactsToDelete.length} older...`);
for (const artifact of artifactsToDelete) {
core.info(`Deleting artifact ${artifact.name} (id ${artifact.id})`);
try {
await github.rest.actions.deleteArtifact({
owner,
repo,
artifact_id: artifact.id,
});
} catch (error) {
core.warning(`Failed to delete artifact ${artifact.id}: ${error.message}`);
}
}
Reference in New Issue View Git Blame Copy Permalink