@ -4,6 +4,10 @@
# Username of docker login for logging in docker for pulling images (higher pull rate limit)
# Username of docker login for logging in docker for pulling images (higher pull rate limit)
# ${{ secrets.Docker_Password }}
# ${{ secrets.Docker_Password }}
# Password of docker login for logging in docker for pulling images (higher pull rate limit)
# Password of docker login for logging in docker for pulling images (higher pull rate limit)
# ${{ secrets.Docker_Login2 }}
# Second Username of docker login for logging in docker for pulling images (higher pull rate limit)
# ${{ secrets.Docker_Password2 }}
# Second Password of docker login for logging in docker for pulling images (higher pull rate limit)
################################################
################################################
name : build-test-deploy
name : build-test-deploy
@ -11,9 +15,9 @@ on:
workflow_call:
workflow_call:
inputs:
inputs:
architecture:
architecture:
description : 'The architecture of the images that will be build.'
description : 'The architecture (s) of the images that will be build. linux/amd64 or linux/arm64/v8,linux/arm/v7 or linux/amd64,linux/arm64/v8,linux/arm/v7 '
required : false
required : false
default : 'linux/amd64 '
default : 'linux/amd64 ,linux/arm64/v8,linux/arm/v7 '
type : string
type : string
mailu_version:
mailu_version:
description : 'The main version that is build. E.g. master or x.y.'
description : 'The main version that is build. E.g. master or x.y.'
@ -45,9 +49,9 @@ on:
workflow_dispatch:
workflow_dispatch:
inputs:
inputs:
architecture:
architecture:
description : 'The architecture of the images that will be build.'
description : 'The architecture (s) of the images that will be build. linux/amd64 or linux/arm64/v8,linux/arm/v7 or linux/amd64,linux/arm64/v8,linux/arm/v7 '
required : false
required : false
default : 'linux/amd64 '
default : 'linux/amd64 ,linux/arm64/v8,linux/arm/v7 '
type : string
type : string
mailu_version:
mailu_version:
description : 'The main version that is build. E.g. master or x.y.'
description : 'The main version that is build. E.g. master or x.y.'
@ -100,7 +104,7 @@ jobs:
## This job builds the base image. The base image is used by all other images.
## This job builds the base image. The base image is used by all other images.
build-base-image-x64:
build-base-image-x64:
name : Build base image x64
name : Build base image x64
if : inputs.architecture == 'linux/amd64'
if : contains(inputs.architecture, 'linux/amd64')
needs:
needs:
- targets
- targets
runs-on : ubuntu-latest
runs-on : ubuntu-latest
@ -121,44 +125,53 @@ jobs:
- uses : crazy-max/ghaction-github-runtime@v2
- uses : crazy-max/ghaction-github-runtime@v2
- name : Set up Docker Buildx
- name : Set up Docker Buildx
uses : docker/setup-buildx-action@v2
uses : docker/setup-buildx-action@v2
- name : Login to GitHub Container Registry
uses : docker/login-action@v2
with:
registry : ghcr.io
username : ${{ github.repository_owner }}
password : ${{ secrets.GITHUB_TOKEN }}
- name : Login to Docker Hub
uses : docker/login-action@v2
with:
username : ${{ secrets.Docker_Login }}
password : ${{ secrets.Docker_Password }}
- name : Helper to convert docker org to lowercase
- name : Helper to convert docker org to lowercase
id : string
id : string
uses : ASzc/change-string-case-action@v5
uses : ASzc/change-string-case-action@v5
with:
with:
string : ${{ github.repository_owner }}
string : ${{ github.repository_owner }}
- name : Build all docker images
- name : Get uuid
id : uuid
run : |
echo uuid=$RANDOM >> $GITHUB_OUTPUT
- name : Build docker base image with retry
env:
env:
DOCKER_ORG : ghcr.io/${{ steps.string.outputs.lowercase }}
DOCKER_ORG : ghcr.io/${{ steps.string.outputs.lowercase }}
MAILU_VERSION : ${{ env.MAILU_VERSION }}
MAILU_VERSION : ${{ env.MAILU_VERSION }}
PINNED_MAILU_VERSION : ${{ env.PINNED_MAILU_VERSION }}
PINNED_MAILU_VERSION : ${{ env.PINNED_MAILU_VERSION }}
LABEL_VERSION : ${{ env.MAILU_VERSION }}
LABEL_VERSION : ${{ env.MAILU_VERSION }}
PINNED_LABEL_VERSION : ${{ env.PINNED_MAILU_VERSION }}
PINNED_LABEL_VERSION : ${{ env.PINNED_MAILU_VERSION }}
uses : docker/bake-action@v2
ARCH : 'linux/amd64'
BUILDER : ${{ steps.uuid.outputs.uuid }}
DOCKER_LOGIN : ${{ secrets.Docker_Login }}
DOCKER_PASSW : ${{ secrets.Docker_Password }}
uses : nick-fields/retry@v2
with:
with:
files : ${{env.HCL_FILE}}
timeout_minutes : 5
targets : base
retry_wait_seconds : 30
load : false
max_attempts : 3
push : false
shell : bash
set : |
command : |
*.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }}
set -euxo pipefail \
*.cache-to=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }},mode=max
; echo "${{ github.token }}" | docker login --username "${{ github.repository_owner }}" --password-stdin ghcr.io \
*.platform=${{ inputs.architecture }}
; echo "$DOCKER_PASSW" | docker login --username "$DOCKER_LOGIN" --password-stdin \
; /usr/bin/docker buildx rm builder-${{ env.BUILDER }} \
|| echo "builder does not exist" \
; /usr/bin/docker buildx create --name builder-${{ env.BUILDER }} --driver docker-container --use \
; /usr/bin/docker buildx bake --file ./tests/build.hcl --set *.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }} --set *.cache-to=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }},mode=max --set *.platform=${{ env.ARCH }} base \
; /usr/bin/docker buildx rm builder-${{ env.BUILDER }}
- name : cleanup docker buildx instance after failure of build step
if : ${{ failure() }}
shell : bash
env:
BUILDER : ${{ steps.uuid.outputs.uuid }}
run : |
/usr/bin/docker buildx rm builder-${{ env.BUILDER }}
## This job builds the base image. The base image is used by all other images.
## This job builds the base image. The base image is used by all other images.
build-base-image-arm:
build-base-image-arm:
name : Build base image arm
name : Build base image arm
if : inputs.architecture != 'linux/amd64'
if : contains(inputs.architecture, 'linux/arm64/v8,linux/arm/v7')
needs:
needs:
- targets
- targets
runs-on : self-hosted
runs-on : self-hosted
@ -177,47 +190,55 @@ jobs:
- name : Set up QEMU
- name : Set up QEMU
uses : docker/setup-qemu-action@v2
uses : docker/setup-qemu-action@v2
- uses : crazy-max/ghaction-github-runtime@v2
- uses : crazy-max/ghaction-github-runtime@v2
- name : Set up Docker Buildx
uses : docker/setup-buildx-action@v2
- name : Login to GitHub Container Registry
uses : docker/login-action@v2
with:
registry : ghcr.io
username : ${{ github.repository_owner }}
password : ${{ secrets.GITHUB_TOKEN }}
- name : Login to Docker Hub
uses : docker/login-action@v2
with:
username : ${{ secrets.Docker_Login }}
password : ${{ secrets.Docker_Password }}
- name : Helper to convert docker org to lowercase
- name : Helper to convert docker org to lowercase
id : string
id : string
uses : ASzc/change-string-case-action@v5
uses : ASzc/change-string-case-action@v5
with:
with:
string : ${{ github.repository_owner }}
string : ${{ github.repository_owner }}
- name : Build all docker images
- name : Get uuid
id : uuid
run : |
echo uuid=$RANDOM >> $GITHUB_OUTPUT
- name : Build docker base image with retry
env:
env:
DOCKER_ORG : ghcr.io/${{ steps.string.outputs.lowercase }}
DOCKER_ORG : ghcr.io/${{ steps.string.outputs.lowercase }}
MAILU_VERSION : ${{ env.MAILU_VERSION }}
MAILU_VERSION : ${{ env.MAILU_VERSION }}-arm
PINNED_MAILU_VERSION : ${{ env.PINNED_MAILU_VERSION }}
PINNED_MAILU_VERSION : ${{ env.PINNED_MAILU_VERSION }} -arm
LABEL_VERSION : ${{ env.MAILU_VERSION }}
LABEL_VERSION : ${{ env.MAILU_VERSION }}
PINNED_LABEL_VERSION : ${{ env.PINNED_MAILU_VERSION }}
PINNED_LABEL_VERSION : ${{ env.PINNED_MAILU_VERSION }}
uses : docker/bake-action@v2
ARCH : linux/arm64/v8,linux/arm/v7
BUILDER : ${{ steps.uuid.outputs.uuid }}
DOCKER_LOGIN2 : ${{ secrets.Docker_Login2 }}
DOCKER_PASSW2 : ${{ secrets.Docker_Password2 }}
uses : nick-fields/retry@v2
with:
with:
files : ${{env.HCL_FILE}}
timeout_minutes : 10
targets : base
retry_wait_seconds : 30
load : false
max_attempts : 10
push : false
shell : bash
set : |
command : |
*.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }}-arm
set -euxo pipefail \
*.cache-to=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }}-arm,mode=max
; echo "${{ github.token }}" | docker login --username "${{ github.repository_owner }}" --password-stdin ghcr.io \
*.platform=${{ inputs.architecture }}
; echo "$DOCKER_PASSW2" | docker login --username "$DOCKER_LOGIN2" --password-stdin \
; /usr/bin/docker buildx rm builder-${{ env.BUILDER }} \
|| echo "builder does not exist" \
; /usr/bin/docker buildx create --name builder-${{ env.BUILDER }} --driver docker-container --use \
; /usr/bin/docker buildx bake --file ./tests/build.hcl --set *.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }}-arm --set *.cache-to=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }}-arm,mode=max --set *.platform=${{ env.ARCH }} base \
; /usr/bin/docker buildx rm builder-${{ env.BUILDER }}
- name : cleanup docker buildx instance after failure of build step
if : ${{ failure() }}
shell : bash
env:
BUILDER : ${{ steps.uuid.outputs.uuid }}
run : |
/usr/bin/docker buildx rm builder-${{ env.BUILDER }}
# This job builds all the images. The build cache is stored in the github actions cache.
# This job builds all the images. The build cache is stored in the github actions cache.
# In further jobs, this cache is used to quickly rebuild the images.
# In further jobs, this cache is used to quickly rebuild the images.
build:
build:
name : Build images for linux/amd64
name : Build images for linux/amd64
if : inputs.architecture == 'linux/amd64'
if : contains(inputs.architecture, 'linux/amd64')
needs:
needs:
- targets
- targets
- build-base-image-x64
- build-base-image-x64
@ -243,46 +264,54 @@ jobs:
- uses : crazy-max/ghaction-github-runtime@v2
- uses : crazy-max/ghaction-github-runtime@v2
- name : Set up Docker Buildx
- name : Set up Docker Buildx
uses : docker/setup-buildx-action@v2
uses : docker/setup-buildx-action@v2
- name : Login to GitHub Container Registry
uses : docker/login-action@v2
with:
registry : ghcr.io
username : ${{ github.repository_owner }}
password : ${{ secrets.GITHUB_TOKEN }}
- name : Login to Docker Hub
uses : docker/login-action@v2
with:
username : ${{ secrets.Docker_Login }}
password : ${{ secrets.Docker_Password }}
- name : Helper to convert docker org to lowercase
- name : Helper to convert docker org to lowercase
id : string
id : string
uses : ASzc/change-string-case-action@v5
uses : ASzc/change-string-case-action@v5
with:
with:
string : ${{ github.repository_owner }}
string : ${{ github.repository_owner }}
- name : Build all docker images
- name : Get uuid
id : uuid
run : |
echo uuid=$RANDOM >> $GITHUB_OUTPUT
- name : Build docker image with retry
env:
env:
DOCKER_ORG : ghcr.io/${{ steps.string.outputs.lowercase }}
DOCKER_ORG : ghcr.io/${{ steps.string.outputs.lowercase }}
MAILU_VERSION : ${{ env.MAILU_VERSION }}-build
MAILU_VERSION : ${{ env.MAILU_VERSION }}-build
PINNED_MAILU_VERSION : ${{ env.PINNED_MAILU_VERSION }}-build
PINNED_MAILU_VERSION : ${{ env.PINNED_MAILU_VERSION }}-build
LABEL_VERSION : ${{ env.MAILU_VERSION }}
LABEL_VERSION : ${{ env.MAILU_VERSION }}
PINNED_LABEL_VERSION : ${{ env.PINNED_MAILU_VERSION }}
PINNED_LABEL_VERSION : ${{ env.PINNED_MAILU_VERSION }}
uses : docker/bake-action@v2
ARCH : 'linux/amd64'
BUILDER : ${{ steps.uuid.outputs.uuid }}
DOCKER_LOGIN : ${{ secrets.Docker_Login }}
DOCKER_PASSW : ${{ secrets.Docker_Password }}
uses : nick-fields/retry@v2
with:
with:
files : ${{env.HCL_FILE}}
timeout_minutes : 5
targets : ${{ matrix.target }}
retry_wait_seconds : 30
load : false
max_attempts : 3
push : true
shell : bash
set : |
command : |
*.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:buildcache
set -euxo pipefail \
*.cache-to=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:buildcache,mode=max
; echo "${{ github.token }}" | docker login --username "${{ github.repository_owner }}" --password-stdin ghcr.io \
*.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }}
; echo "$DOCKER_PASSW" | docker login --username "$DOCKER_LOGIN" --password-stdin \
*.platform=${{ inputs.architecture }}
; /usr/bin/docker buildx rm builder-${{ env.BUILDER }} \
|| echo "builder does not exist" \
; /usr/bin/docker buildx create --name builder-${{ env.BUILDER }} --driver docker-container --use \
; /usr/bin/docker buildx bake --push --file ./tests/build.hcl --set *.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:buildcache --set *.cache-to=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:buildcache,mode=max --set *.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }} --set *.platform=${{ env.ARCH }} ${{ matrix.target }} \
; /usr/bin/docker buildx rm builder-${{ env.BUILDER }}
- name : cleanup docker buildx instance after failure of build step
if : ${{ failure() }}
shell : bash
env:
BUILDER : ${{ steps.uuid.outputs.uuid }}
run : |
/usr/bin/docker buildx rm builder-${{ env.BUILDER }}
# This job builds all the images. The build cache is stored in the github actions cache.
# This job builds all the images. The build cache is stored in the github actions cache.
# In further jobs, this cache is used to quickly rebuild the images.
# In further jobs, this cache is used to quickly rebuild the images.
build-arm:
build-arm:
name : Build images for ARM64 & ARM/V7
name : Build images for ARM64 & ARM/V7
if : inputs.architecture != 'linux/amd64'
if : contains(inputs.architecture, 'linux/arm64/v8,linux/arm/v7')
needs:
needs:
- targets
- targets
- build-base-image-arm
- build-base-image-arm
@ -306,47 +335,54 @@ jobs:
- name : Set up QEMU
- name : Set up QEMU
uses : docker/setup-qemu-action@v2
uses : docker/setup-qemu-action@v2
- uses : crazy-max/ghaction-github-runtime@v2
- uses : crazy-max/ghaction-github-runtime@v2
- name : Set up Docker Buildx
uses : docker/setup-buildx-action@v2
- name : Login to GitHub Container Registry
uses : docker/login-action@v2
with:
registry : ghcr.io
username : ${{ github.repository_owner }}
password : ${{ secrets.GITHUB_TOKEN }}
- name : Login to Docker Hub
uses : docker/login-action@v2
with:
username : ${{ secrets.Docker_Login }}
password : ${{ secrets.Docker_Password }}
- name : Helper to convert docker org to lowercase
- name : Helper to convert docker org to lowercase
id : string
id : string
uses : ASzc/change-string-case-action@v5
uses : ASzc/change-string-case-action@v5
with:
with:
string : ${{ github.repository_owner }}
string : ${{ github.repository_owner }}
- name : Build all docker images
#This is to prevent to shared runners from generating the same uuid
- name : Get unique random number
id : uuid
run : |
echo uuid=$RANDOM >> $GITHUB_OUTPUT
- name : Build docker image with retry
env:
env:
DOCKER_ORG : ghcr.io/${{ steps.string.outputs.lowercase }}
DOCKER_ORG : ghcr.io/${{ steps.string.outputs.lowercase }}
MAILU_VERSION : ${{ env.MAILU_VERSION }}-build
MAILU_VERSION : ${{ env.MAILU_VERSION }}- arm- build
PINNED_MAILU_VERSION : ${{ env.PINNED_MAILU_VERSION }}-build
PINNED_MAILU_VERSION : ${{ env.PINNED_MAILU_VERSION }}- arm- build
LABEL_VERSION : ${{ env.MAILU_VERSION }}
LABEL_VERSION : ${{ env.MAILU_VERSION }}
PINNED_LABEL_VERSION : ${{ env.PINNED_MAILU_VERSION }}
PINNED_LABEL_VERSION : ${{ env.PINNED_MAILU_VERSION }}
uses : docker/bake-action@v2
ARCH : linux/arm64/v8,linux/arm/v7
BUILDER : ${{ steps.uuid.outputs.uuid }}
DOCKER_LOGIN2 : ${{ secrets.Docker_Login2 }}
DOCKER_PASSW2 : ${{ secrets.Docker_Password2 }}
uses : nick-fields/retry@v2
with:
with:
files : ${{env.HCL_FILE}}
timeout_minutes : 10
targets : ${{ matrix.target }}
retry_wait_seconds : 30
load : false
max_attempts : 10
push : true
shell : bash
set : |
command : |
*.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:buildcache-arm
set -euxo pipefail \
*.cache-to=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:buildcache-arm,mode=max
; echo "${{ github.token }}" | docker login --username "${{ github.repository_owner }}" --password-stdin ghcr.io \
*.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }}-arm
; echo "$DOCKER_PASSW2" | docker login --username "$DOCKER_LOGIN2" --password-stdin \
*.platform=${{ inputs.architecture }}
; /usr/bin/docker buildx rm builder-${{ env.BUILDER }} \
|| echo "builder does not exist" \
; /usr/bin/docker buildx create --name builder-${{ env.BUILDER }} --driver docker-container --use \
; /usr/bin/docker buildx bake --file ./tests/build.hcl --set *.cache-from=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }}-arm --set *.cache-to=type=registry,ref=ghcr.io/${{ steps.string.outputs.lowercase }}/base:${{ hashFiles('core/base/Dockerfile','core/base/requirements-prod.txt') }}-arm,mode=max --set *.platform=${{ env.ARCH }} base \
; /usr/bin/docker buildx rm builder-${{ env.BUILDER }}
- name : cleanup docker buildx instance after failure of build step
if : ${{ failure() }}
shell : bash
env:
BUILDER : ${{ steps.uuid.outputs.uuid }}
run : |
/usr/bin/docker buildx rm builder-${{ env.BUILDER }}
# This job runs all the tests.
# This job runs all the tests.
tests:
tests:
name : tests
name : tests
if : inputs.architecture == 'linux/amd64'
if : contains(inputs.architecture, 'linux/amd64')
runs-on : ubuntu-latest
runs-on : ubuntu-latest
permissions:
permissions:
contents : read
contents : read
@ -406,6 +442,8 @@ jobs:
if : inputs.deploy == 'true'
if : inputs.deploy == 'true'
runs-on : ubuntu-latest
runs-on : ubuntu-latest
needs:
needs:
- build
- build-arm
- tests
- tests
strategy:
strategy:
fail-fast : false
fail-fast : false
@ -436,7 +474,19 @@ jobs:
uses : ASzc/change-string-case-action@v5
uses : ASzc/change-string-case-action@v5
with:
with:
string : ${{ github.repository_owner }}
string : ${{ github.repository_owner }}
- name : Push image to Github (ghcr.io)
- name : Push multiarch image to Github (ghcr.io)
if : contains(inputs.architecture, 'linux/amd64') && contains(inputs.architecture, 'linux/arm64/v8,linux/arm/v7')
shell : bash
run : |
if [ '${{ env.MAILU_VERSION }}' == 'master' ]; then pinned_mailu_version='master'; else pinned_mailu_version=${{ env.PINNED_MAILU_VERSION}}; fi;
docker buildx imagetools create \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:${{ env.MAILU_VERSION }} \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:$pinned_mailu_version \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:latest \
ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:${{ env.MAILU_VERSION }}-build \
ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:${{ env.MAILU_VERSION }}-arm-build
- name : Push x64 image to Github (ghcr.io)
if : contains(inputs.architecture, 'linux/amd64') && !contains(inputs.architecture, 'linux/arm64/v8,linux/arm/v7')
shell : bash
shell : bash
run : |
run : |
if [ '${{ env.MAILU_VERSION }}' == 'master' ]; then pinned_mailu_version='master'; else pinned_mailu_version=${{ env.PINNED_MAILU_VERSION}}; fi;
if [ '${{ env.MAILU_VERSION }}' == 'master' ]; then pinned_mailu_version='master'; else pinned_mailu_version=${{ env.PINNED_MAILU_VERSION}}; fi;
@ -445,52 +495,16 @@ jobs:
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:$pinned_mailu_version \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:$pinned_mailu_version \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:latest \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:latest \
ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:${{ env.MAILU_VERSION }}-build
ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:${{ env.MAILU_VERSION }}-build
- name : Push arm image to Github (ghcr.io)
deploy-arm:
if : contains(inputs.architecture, 'linux/arm64/v8,linux/arm/v7') && !contains(inputs.architecture, 'linux/amd64')
name : Deploy images for arm
# Deploying is not required for staging
if : inputs.deploy == 'true' && inputs.architecture != 'linux/amd64'
runs-on : self-hosted
needs:
- build-arm
strategy:
fail-fast : false
matrix:
target : [ "setup" , "docs" , "fetchmail" , "webmail" , "admin" , "traefik-certdumper" , "radicale" , "clamav" , "rspamd" , "oletools" , "postfix" , "dovecot" , "unbound" , "nginx" ]
steps:
- uses : actions/checkout@v3
- name : Retrieve global variables
shell : bash
shell : bash
run : |
run : |
echo "BRANCH=${{ inputs.branch }}" >> $GITHUB_ENV
if [ '${{ env.MAILU_VERSION }}' == 'master' ]; then pinned_mailu_version='master'; else pinned_mailu_version=${{ env.PINNED_MAILU_VERSION}}; fi;
echo "MAILU_VERSION=${{ inputs.mailu_version }}" >> $GITHUB_ENV
echo "PINNED_MAILU_VERSION=${{ inputs.pinned_mailu_version }}" >> $GITHUB_ENV
echo "DOCKER_ORG=${{ inputs.docker_org }}" >> $GITHUB_ENV
- name : Set up QEMU
uses : docker/setup-qemu-action@v2
- uses : crazy-max/ghaction-github-runtime@v2
- name : Set up Docker Buildx
uses : docker/setup-buildx-action@v2
- name : Login to GitHub Container Registry
uses : docker/login-action@v2
with:
registry : ghcr.io
username : ${{ github.repository_owner }}
password : ${{ secrets.GITHUB_TOKEN }}
- name : Helper to convert docker org to lowercase
id : string
uses : ASzc/change-string-case-action@v5
with:
string : ${{ github.repository_owner }}
- name : Push image to Github (ghcr.io)
shell : bash
run : |
if [ '${{ env.MAILU_VERSION }}' == 'master-arm' ]; then pinned_mailu_version='master-arm'; else pinned_mailu_version=${{ env.PINNED_MAILU_VERSION}}; fi;
docker buildx imagetools create \
docker buildx imagetools create \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:${{ env.MAILU_VERSION }} \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:${{ env.MAILU_VERSION }} \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:$pinned_mailu_version \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:$pinned_mailu_version \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:latest \
--tag ${{ inputs.docker_org }}/${{ matrix.target }}:latest \
ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:${{ env.MAILU_VERSION }}- build
ghcr.io/${{ steps.string.outputs.lowercase }}/${{ matrix.target }}:${{ env.MAILU_VERSION }}-arm-build
#This job creates a tagged release. A tag is created for the pinned version x.y.z. The GH release refers to this tag.
#This job creates a tagged release. A tag is created for the pinned version x.y.z. The GH release refers to this tag.
tag-release:
tag-release:
@ -503,22 +517,57 @@ jobs:
with:
with:
# fetch-depth 0 is required to also retrieve all tags.
# fetch-depth 0 is required to also retrieve all tags.
fetch-depth : 0
fetch-depth : 0
# A bug in actions/checkout@v3 results in all files having mtime of the job running.
- name : Restore Timestamps
uses : chetan/git-restore-mtime-action@v1
- name : Retrieve global variables
- name : Retrieve global variables
shell : bash
shell : bash
run : |
run : |
echo "BRANCH=${{ inputs.branch }}" >> $GITHUB_ENV
echo "MAILU_VERSION=${{ inputs.mailu_version }}" >> $GITHUB_ENV
echo "MAILU_VERSION=${{ inputs.mailu_version }}" >> $GITHUB_ENV
echo "PINNED_MAILU_VERSION=${{ inputs.pinned_mailu_version }}" >> $GITHUB_ENV
echo "PINNED_MAILU_VERSION=${{ inputs.pinned_mailu_version }}" >> $GITHUB_ENV
echo "DOCKER_ORG=${{ inputs.docker_org }}" >> $GITHUB_ENV
- name : Create tag for branch x.y.
- name : Create tag for branch x.y.
shell : bash
shell : bash
run : |
run : |
echo git tag ${{ env.PINNED_MAILU_VERSION }} $(/usr/bin/git rev-parse HEAD)
echo git tag ${{ env.PINNED_MAILU_VERSION }} $(/usr/bin/git rev-parse HEAD)
git tag ${{ env.PINNED_MAILU_VERSION }} $(/usr/bin/git rev-parse HEAD)
git tag ${{ env.PINNED_MAILU_VERSION }} $(/usr/bin/git rev-parse HEAD)
git push origin ${{ env.PINNED_MAILU_VERSION }}
git push origin ${{ env.PINNED_MAILU_VERSION }}
- name : Show list of changelog files (we pick the newest)
shell : bash
run : |
ls -Artl towncrier/newsfragments
- name : Get latest changelog
id : changelog
shell : bash
run : |
pushd . && cd towncrier/newsfragments && ls -Art | tail -n 1 | cut -d. -f1 | xargs -0I % echo "issue=%" >> $GITHUB_OUTPUT && popd
pushd . && cd towncrier/newsfragments && ls -Art | tail -n 1 | xargs cat | xargs -0I % echo "content=%" >> $GITHUB_OUTPUT && popd
- name : Construct message for release
shell : bash
env:
issue : "${{ steps.changelog.outputs.issue }}"
changelog : "${{ steps.changelog.outputs.content }}"
run : |
message="Changelog :mailbox:
---------
+ ${{ env.changelog }}
+ This release was triggered by PR/Issue [${{ env.issue }}](https://github.com/Mailu/Mailu/issues/${{ env.issue }}).
+ The release notes of the original main release can be accessed via menu item 'Release notes' on [mailu.io](https://mailu.io/).
Update
------
The main version X.Y (e.g. 1.9) will always reflect the latest version of the branch. To update your Mailu installation simply pull the latest images \`docker compose pull && docker compose up -d\`.
The pinned version X.Y.Z (e.g. 1.9.1) is not updated. It is pinned to the commit that was used for creating this release. You can use a pinned version to make sure your Mailu installation is not suddenly updated when recreating containers. The pinned version allows the user to manually update. It also allows to go back to a previous pinned version.
" && echo " $message" >> release_note.md
- name : Show release note
shell : bash
run : |
cat release_note.md
- name : Create release for tag x.y.z.
- name : Create release for tag x.y.z.
uses : ncipollo/release-action@v1
uses : ncipollo/release-action@v1
with:
with:
bodyFile : "RELEASE_TEMPLATE.md"
bodyFile : " release_note .md"
tag : ${{ env.PINNED_MAILU_VERSION }}
tag : ${{ env.PINNED_MAILU_VERSION }}
token : ${{ secrets.GITHUB_TOKEN }}
token : ${{ secrets.GITHUB_TOKEN }}