name: Build and Push Teamspeak Images on Base Image Update on: push: branches: - main paths-ignore: - '**/CHANGES.md' - '**/build-info.json' schedule: - cron: '0 1 * * 0' env: IMAGE_REGISTRY: gitea.fithwum.tech IMAGE_ORG: ${{ secrets.GIT_USERNAME }} IMAGE_REPO_TS: teamspeak-server CACHE_DIR: .cache jobs: check-for-changes: runs-on: vm-docker-build2 outputs: should_build_alpine: ${{ steps.check.outputs.should_build_alpine }} should_build_debian: ${{ steps.check.outputs.should_build_debian }} should_build_basic: ${{ steps.check.outputs.should_build_basic }} alpine_digest: ${{ steps.get_digest.outputs.alpine_digest }} debian_digest: ${{ steps.get_digest.outputs.debian_digest }} basic_digest: ${{ steps.get_digest.outputs.basic_digest }} steps: - name: Checkout code uses: actions/checkout@v3 with: fetch-depth: 0 - name: Pull latest base images run: | docker pull alpine:latest docker pull gitea.fithwum.tech/${{ secrets.GIT_USERNAME }}/debian-base:bookworm - name: Get base image digests id: get_digest run: | alpine_digest=$(docker inspect --format='{{index .RepoDigests 0}}' alpine:latest || echo "unknown") debian_digest=$(docker inspect --format='{{index .RepoDigests 0}}' gitea.fithwum.tech/${{ secrets.GIT_USERNAME }}/debian-base:bookworm || echo "unknown") basic_digest=$(docker inspect --format='{{index .RepoDigests 0}}' gitea.fithwum.tech/${{ secrets.GIT_USERNAME }}/debian-base:bookworm || echo "unknown") echo "alpine_digest=$alpine_digest" >> $GITHUB_OUTPUT echo "debian_digest=$debian_digest" >> $GITHUB_OUTPUT echo "basic_digest=$basic_digest" >> $GITHUB_OUTPUT - name: Compare digests and detect changes id: check run: | check_variant() { variant=$1 new_digest=$2 infofile="$variant/build-info.json" last_digest="" base_changed=false code_changed=false if [ -f "$infofile" ]; then last_digest=$(jq -r '.base_digest // empty' "$infofile") fi if [ "$last_digest" != "$new_digest" ]; then base_changed=true fi # Detect changes in variant folder code_changed=$(git diff --name-only origin/main | grep "^$variant/" || true) if [[ -n "$code_changed" ]]; then code_changed=true else code_changed=false fi should_build=false if [ "$base_changed" = true ] || [ "$code_changed" = true ]; then should_build=true fi echo "should_build_${variant}=$should_build" >> $GITHUB_OUTPUT } check_variant "alpine" "${{ steps.get_digest.outputs.alpine_digest }}" check_variant "debian" "${{ steps.get_digest.outputs.debian_digest }}" check_variant "basic" "${{ steps.get_digest.outputs.basic_digest }}" build-alpine: needs: check-for-changes if: needs.check-for-changes.outputs.should_build_alpine == 'true' runs-on: vm-docker-build2 outputs: built: 'true' steps: - name: Checkout uses: actions/checkout@v3 - name: Login to Docker registry run: | echo "${{ secrets.GIT_TOKEN }}" | docker login gitea.fithwum.tech -u "${{ secrets.GIT_USERNAME }}" --password-stdin - name: Build and Push Alpine Image run: | mkdir -p "${{ env.CACHE_DIR }}" IMAGE="${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_ORG }}/${{ env.IMAGE_REPO_TS }}:alpine" METAFILE="${{ env.CACHE_DIR }}/metadata-alpine.json" echo "[INFO] Building $IMAGE" docker buildx build --platform linux/amd64 --push -t "$IMAGE" --metadata-file "$METAFILE" ./alpine build-debian: needs: check-for-changes if: needs.check-for-changes.outputs.should_build_debian == 'true' runs-on: vm-docker-build2 outputs: built: 'true' steps: - name: Checkout uses: actions/checkout@v3 - name: Login to Docker registry run: | echo "${{ secrets.GIT_TOKEN }}" | docker login gitea.fithwum.tech -u "${{ secrets.GIT_USERNAME }}" --password-stdin - name: Build and Push Debian Image run: | mkdir -p "${{ env.CACHE_DIR }}" IMAGE="${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_ORG }}/${{ env.IMAGE_REPO_TS }}:debian" METAFILE="${{ env.CACHE_DIR }}/metadata-debian.json" echo "[INFO] Building $IMAGE" docker buildx build --platform linux/amd64 --push -t "$IMAGE" --metadata-file "$METAFILE" ./debian build-basic: needs: check-for-changes if: needs.check-for-changes.outputs.should_build_basic == 'true' runs-on: vm-docker-build2 outputs: built: 'true' steps: - name: Checkout uses: actions/checkout@v3 - name: Login to Docker registry run: | echo "${{ secrets.GIT_TOKEN }}" | docker login gitea.fithwum.tech -u "${{ secrets.GIT_USERNAME }}" --password-stdin - name: Build and Push Basic Image run: | mkdir -p "${{ env.CACHE_DIR }}" IMAGE="${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_ORG }}/${{ env.IMAGE_REPO_TS }}:basic" METAFILE2="${{ env.CACHE_DIR }}/metadata-basic.json" echo "[INFO] Building $IMAGE" docker buildx build --platform linux/amd64 --push -t "$IMAGE" --metadata-file "$METAFILE2" ./basic generate-build-info: needs: - build-alpine - build-debian - build-basic if: | needs.build-alpine.outputs.built == 'true' || needs.build-debian.outputs.built == 'true' || needs.build-basic.outputs.built == 'true' runs-on: vm-docker-build2 steps: - name: Checkout source uses: actions/checkout@v3 with: fetch-depth: 0 - name: Get base image digests id: get_digest run: | alpine_digest=$(docker inspect --format='{{index .RepoDigests 0}}' alpine:latest || echo "unknown") debian_digest=$(docker inspect --format='{{index .RepoDigests 0}}' gitea.fithwum.tech/${{ secrets.GIT_USERNAME }}/debian-base:bookworm || echo "unknown") basic_digest=$(docker inspect --format='{{index .RepoDigests 0}}' gitea.fithwum.tech/${{ secrets.GIT_USERNAME }}/debian-base:bookworm || echo "unknown") echo "alpine_digest=$alpine_digest" echo "debian_digest=$debian_digest" echo "basic_digest=$basic_digest" - name: Generate build-info.json only for updated variants env: IMAGE_REGISTRY: ${{ env.IMAGE_REGISTRY }} IMAGE_ORG: ${{ env.IMAGE_ORG }} IMAGE_REPO_TS: ${{ env.IMAGE_REPO_TS }} ALPINE_DIGEST: ${{ needs.check-for-changes.outputs.alpine_digest }} DEBIAN_DIGEST: ${{ needs.check-for-changes.outputs.debian_digest }} BASIC_DIGEST: ${{ needs.check-for-changes.outputs.basic_digest }} CACHE_DIR: ${{ env.CACHE_DIR }} run: | human_size() { local b=$1 local d='' local s=0 local S=(B KB MB GB TB) while ((b >= 1024 && s < ${#S[@]}-1)); do d=$((b % 1024)) b=$((b / 1024)) s=$((s + 1)) done printf "%s%s\n" "$b" "${S[$s]}" } versions=() if [[ "${{ needs.check-for-changes.outputs.should_build_alpine }}" == "true" ]]; then versions+=("alpine") fi if [[ "${{ needs.check-for-changes.outputs.should_build_debian }}" == "true" ]]; then versions+=("debian") fi if [[ "${{ needs.check-for-changes.outputs.should_build_basic }}" == "true" ]]; then versions+=("basic") fi for version in "${versions[@]}"; do echo "[INFO] Generating build-info.json for $version" mkdir -p "$version" infofile="$version/build-info.json" image="${IMAGE_REGISTRY}/${IMAGE_ORG}/${IMAGE_REPO_TS}:$version" alpine_digest=$(docker inspect --format='{{index .RepoDigests 0}}' alpine:latest || echo "unknown") debian_digest=$(docker inspect --format='{{index .RepoDigests 0}}' gitea.fithwum.tech/${{ secrets.GIT_USERNAME }}/debian-base:bookworm || echo "unknown") basic_digest=$(docker inspect --format='{{index .RepoDigests 0}}' gitea.fithwum.tech/${{ secrets.GIT_USERNAME }}/debian-base:bookworm || echo "unknown") size_human=$(human_size "$size_bytes") base_digest="unknown" if [ "$version" = "alpine" ]; then base_digest="${alpine_digest:-unknown}" elif [ "$version" = "debian" ]; then base_digest="${debian_digest:-unknown}" elif [ "$version" = "basic" ]; then base_digest="${basic_digest:-unknown}" fi echo "[DEBUG] base_digest for $version = $base_digest" jq -n \ --arg version "$version" \ --arg commit "$(git rev-parse HEAD)" \ --arg build_time "$(date -u +'%Y-%m-%dT%H:%M:%SZ')" \ --arg image_tag "$image" \ --arg digest "$digest" \ --arg image_size "$size_human" \ --argjson image_size_bytes "$size_bytes" \ --arg base_digest "$base_digest" \ '{ version: $version, commit: $commit, build_time: $build_time, image_tag: $image_tag, digest: $digest, image_size: $image_size, image_size_bytes: $image_size_bytes, base_digest: $base_digest }' > "$infofile" done - name: Commit and push build-info if changed run: | git config user.name "${{ secrets.GIT_USERNAME }}" git config user.email "${{ secrets.GIT_EMAIL }}" if git status --porcelain | grep .; then git add */build-info.json git commit -m "Update build-info on $(date -u +'%Y-%m-%dT%H:%M:%SZ')" git push for version in alpine debian basic; do TAG="build-$version" git tag -d "$TAG" 2>/dev/null || true git tag "$TAG" git push origin "$TAG" --force done else echo "[INFO] No build-info changes to commit." fi ls -l basic/build-info.json || echo "❌ build-info not written" cat basic/build-info.json || echo "❌ empty build-info" generate-changelogs: needs: generate-build-info if: | needs.check-for-changes.outputs.should_build_alpine == 'true' || needs.check-for-changes.outputs.should_build_debian == 'true' || needs.check-for-changes.outputs.should_build_basic == 'true' runs-on: vm-docker-build2 steps: - name: Checkout source uses: actions/checkout@v3 with: fetch-depth: 0 - name: Generate changelogs only for updated variants run: | versions=() if [[ "${{ needs.check-for-changes.outputs.should_build_alpine }}" == "true" ]]; then versions+=("alpine") fi if [[ "${{ needs.check-for-changes.outputs.should_build_debian }}" == "true" ]]; then versions+=("debian") fi if [[ "${{ needs.check-for-changes.outputs.should_build_basic }}" == "true" ]]; then versions+=("basic") fi for version in "${versions[@]}"; do echo "[INFO] Updating changelog for $version" changelog="$version/CHANGES.md" mkdir -p "$(dirname "$changelog")" touch "$changelog" infofile="$version/build-info.json" last_commit="" if [ -f "$infofile" ]; then last_commit=$(jq -r '.commit' "$infofile") fi # Check if last_commit exists in history, fallback to last 10 commits if not if ! git cat-file -e "${last_commit}^{commit}" 2>/dev/null; then echo "[WARN] Last commit from build-info.json not found, using last 10 commits" last_commit="" fi echo -e "\n## $(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "$changelog" if [ -n "$last_commit" ]; then git log "${last_commit}..HEAD" --pretty=format:"- %s (%an)" --no-merges --invert-grep --grep="Update changelogs on" | head -n 10 >> "$changelog" else git log -n 10 --pretty=format:"- %s (%an)" --no-merges --invert-grep --grep="Update changelogs on" >> "$changelog" fi done - name: Commit and push changelogs run: | git config user.name "${{ secrets.GIT_USERNAME }}" git config user.email "${{ secrets.GIT_EMAIL }}" if git status --porcelain | grep .; then git add */CHANGES.md git commit -m "Update changelogs on $(date -u +'%Y-%m-%dT%H:%M:%SZ')" --no-verify git push else echo "[INFO] No changelog changes to commit." fi