From 165cc3bdcae37a40c84ed0da692245f297d78654 Mon Sep 17 00:00:00 2001 From: Anshul Sharma Date: Sat, 12 Apr 2025 20:25:03 +0530 Subject: [PATCH 01/10] adding workflow --- .github/workflows/docker_build.yaml | 43 +++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 .github/workflows/docker_build.yaml diff --git a/.github/workflows/docker_build.yaml b/.github/workflows/docker_build.yaml new file mode 100644 index 000000000..8ed3d5447 --- /dev/null +++ b/.github/workflows/docker_build.yaml @@ -0,0 +1,43 @@ +name: Build and Push Docker Image + +on: + push: + branches: + - main + - anshulss/* + +jobs: + build: + runs-on: ubuntu-latest + permissions: + packages: write + contents: read + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Extract metadata (tags, labels) for Docker build + id: meta + uses: docker/metadata-action@v5 + with: + flavor: latest + from_path: ./surfsense_backend + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: ./surfsense_backend + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} From 3ded17d3255ae19a3888bb46cc03e3c3baa850c3 Mon Sep 17 00:00:00 2001 From: Anshul Sharma Date: Sat, 12 Apr 2025 20:39:15 +0530 Subject: [PATCH 02/10] updated tags --- .github/workflows/docker_build.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker_build.yaml b/.github/workflows/docker_build.yaml index 8ed3d5447..3300041c1 100644 --- a/.github/workflows/docker_build.yaml +++ b/.github/workflows/docker_build.yaml @@ -31,8 +31,8 @@ jobs: id: meta uses: docker/metadata-action@v5 with: - flavor: latest - from_path: ./surfsense_backend + tags: | + type=semver,pattern={{major}}.{{minor}} - name: Build and push Docker image uses: docker/build-push-action@v5 From 4e36cb44e7d291bd3dcfe1e76f63ffa73e55b00e Mon Sep 17 00:00:00 2001 From: Anshul Sharma Date: Sat, 12 Apr 2025 20:45:41 +0530 Subject: [PATCH 03/10] Updated versioning --- .github/workflows/docker_build.yaml | 3 ++- VERSION | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 VERSION diff --git a/.github/workflows/docker_build.yaml b/.github/workflows/docker_build.yaml index 3300041c1..5dce26ceb 100644 --- a/.github/workflows/docker_build.yaml +++ b/.github/workflows/docker_build.yaml @@ -31,8 +31,9 @@ jobs: id: meta uses: docker/metadata-action@v5 with: + images: ghcr.io/${{ github.repository_owner }}/surfsense_backend tags: | - type=semver,pattern={{major}}.{{minor}} + type=raw,value=./surfsense_backend/VERSION - name: Build and push Docker image uses: docker/build-push-action@v5 diff --git a/VERSION b/VERSION new file mode 100644 index 000000000..8a9ecc2ea --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +0.0.1 \ No newline at end of file From 2b92c317bd2973eceb42f23d8177f0049967aecc Mon Sep 17 00:00:00 2001 From: Anshul Sharma Date: Sun, 13 Apr 2025 00:30:12 +0530 Subject: [PATCH 04/10] hardcoded version --- .github/workflows/docker_build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker_build.yaml b/.github/workflows/docker_build.yaml index 5dce26ceb..9b2ead72d 100644 --- a/.github/workflows/docker_build.yaml +++ b/.github/workflows/docker_build.yaml @@ -33,7 +33,7 @@ jobs: with: images: ghcr.io/${{ github.repository_owner }}/surfsense_backend tags: | - type=raw,value=./surfsense_backend/VERSION + type=raw,value=0.0.1 - name: Build and push Docker image uses: docker/build-push-action@v5 From 2aa876972432b5f98f32b3fbc496cdd4df74ca12 Mon Sep 17 00:00:00 2001 From: Anshul Sharma Date: Wed, 23 Apr 2025 20:47:30 +0530 Subject: [PATCH 05/10] added tagging for version --- .github/workflows/docker_build.yaml | 111 ++++++++++++++++++++++++++-- 1 file changed, 105 insertions(+), 6 deletions(-) diff --git a/.github/workflows/docker_build.yaml b/.github/workflows/docker_build.yaml index 9b2ead72d..c2cdf64b6 100644 --- a/.github/workflows/docker_build.yaml +++ b/.github/workflows/docker_build.yaml @@ -1,13 +1,112 @@ name: Build and Push Docker Image on: - push: - branches: - - main - - anshulss/* + workflow_dispatch: + inputs: + bump_type: + description: 'Version bump type (patch, minor, major)' + required: true + default: 'patch' + type: choice + options: + - patch + - minor + - major +permissions: + contents: write jobs: - build: + tag_release: + needs: tag_release + runs-on: ubuntu-latest + env: + IMAGE_TAG: ${{ needs.tag_release.outputs.new_tag }} + outputs: + # Define output to pass the tag to the next job + new_tag: ${{ steps.tag_version.outputs.next_version }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + # Fetch all history and tags to find the latest SemVer tag + fetch-depth: 0 + # Checkout the specific branch if provided, otherwise default + ref: ${{ github.event.inputs.branch }} + + - name: Get latest SemVer tag and calculate next version + id: tag_version + run: | + # Fetch all tags from remote just in case + git fetch --tags + + # Get the latest SemVer tag (handles vX.Y.Z pattern) + # Filters tags, sorts them version-aware, takes the last one + LATEST_TAG=$(git tag --list 'v[0-9]*.[0-9]*.[0-9]*' --sort='v:refname' | tail -n 1) + + if [ -z "$LATEST_TAG" ]; then + echo "No previous SemVer tag found. Starting with v0.1.0" + NEXT_VERSION="v0.1.0" + # Optionally adjust starting version based on bump_type, but v0.1.0 is common start + if [ "${{ github.event.inputs.bump_type }}" == "minor" ]; then + NEXT_VERSION="v0.1.0" # Or maybe v0.1.0 ? Depends on convention + elif [ "${{ github.event.inputs.bump_type }}" == "major" ]; then + NEXT_VERSION="v1.0.0" # Or maybe v1.0.0 ? Depends on convention + fi + else + echo "Latest tag found: $LATEST_TAG" + # Remove 'v' prefix for calculation + VERSION=${LATEST_TAG#v} + + # Split into parts + MAJOR=$(echo $VERSION | cut -d. -f1) + MINOR=$(echo $VERSION | cut -d. -f2) + PATCH=$(echo $VERSION | cut -d. -f3) + + # Bump version based on input + case "${{ github.event.inputs.bump_type }}" in + patch) + PATCH=$((PATCH + 1)) + ;; + minor) + MINOR=$((MINOR + 1)) + PATCH=0 + ;; + major) + MAJOR=$((MAJOR + 1)) + MINOR=0 + PATCH=0 + ;; + *) + echo "Invalid bump type: ${{ github.event.inputs.bump_type }}" + exit 1 + ;; + esac + NEXT_VERSION="v${MAJOR}.${MINOR}.${PATCH}" + fi + + echo "Calculated next version: $NEXT_VERSION" + # Set output for subsequent steps + echo "next_version=$NEXT_VERSION" >> $GITHUB_OUTPUT + + - name: Create and Push Tag + run: | + NEXT_TAG="${{ steps.tag_version.outputs.next_version }}" + COMMIT_SHA=$(git rev-parse HEAD) + echo "Tagging commit $COMMIT_SHA with $NEXT_TAG" + + # Create an annotated tag (recommended) + git tag -a "$NEXT_TAG" -m "Release $NEXT_TAG" + + # Push the tag to the remote repository + git push origin "$NEXT_TAG" + + - name: Verify Tag Push + run: | + echo "Checking if tag ${{ steps.tag_version.outputs.next_version }} exists remotely..." + git ls-remote --tags origin | grep "refs/tags/${{ steps.tag_version.outputs.next_version }}" || (echo "Tag push verification failed!" && exit 1) + echo "Tag successfully pushed." + + build__and_push_docker_image: runs-on: ubuntu-latest permissions: packages: write @@ -40,5 +139,5 @@ jobs: with: context: ./surfsense_backend push: true - tags: ${{ steps.meta.outputs.tags }} + tags: $IMAGE_TAG labels: ${{ steps.meta.outputs.labels }} From a9b7b6dd7792c97cc1359b61495c1d389284c2cc Mon Sep 17 00:00:00 2001 From: Anshul Sharma Date: Wed, 23 Apr 2025 20:53:37 +0530 Subject: [PATCH 06/10] fixed job dependency --- .github/workflows/docker_build.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker_build.yaml b/.github/workflows/docker_build.yaml index c2cdf64b6..0da34ad6c 100644 --- a/.github/workflows/docker_build.yaml +++ b/.github/workflows/docker_build.yaml @@ -12,12 +12,16 @@ on: - patch - minor - major + branch: + description: 'Branch to tag (leave empty for default branch)' + required: false + default: '' + permissions: contents: write jobs: tag_release: - needs: tag_release runs-on: ubuntu-latest env: IMAGE_TAG: ${{ needs.tag_release.outputs.new_tag }} @@ -108,6 +112,7 @@ jobs: build__and_push_docker_image: runs-on: ubuntu-latest + needs: tag_release permissions: packages: write contents: read From fb6e83951ccbe9515b80e725c8dab576b3389200 Mon Sep 17 00:00:00 2001 From: Anshul Sharma Date: Wed, 23 Apr 2025 21:00:42 +0530 Subject: [PATCH 07/10] fix --- .github/workflows/docker_build.yaml | 58 ++++++++++++++++++++--------- 1 file changed, 41 insertions(+), 17 deletions(-) diff --git a/.github/workflows/docker_build.yaml b/.github/workflows/docker_build.yaml index 0da34ad6c..517715d9b 100644 --- a/.github/workflows/docker_build.yaml +++ b/.github/workflows/docker_build.yaml @@ -18,13 +18,13 @@ on: default: '' permissions: - contents: write + contents: write # Needed for pushing tags + packages: write # Needed for pushing docker images to GHCR jobs: tag_release: runs-on: ubuntu-latest - env: - IMAGE_TAG: ${{ needs.tag_release.outputs.new_tag }} + # Removed env: IMAGE_TAG here, it's not used correctly across jobs outputs: # Define output to pass the tag to the next job new_tag: ${{ steps.tag_version.outputs.next_version }} @@ -36,6 +36,8 @@ jobs: fetch-depth: 0 # Checkout the specific branch if provided, otherwise default ref: ${{ github.event.inputs.branch }} + # Token needed to push tags back + token: ${{ secrets.GITHUB_TOKEN }} - name: Get latest SemVer tag and calculate next version id: tag_version @@ -49,13 +51,19 @@ jobs: if [ -z "$LATEST_TAG" ]; then echo "No previous SemVer tag found. Starting with v0.1.0" - NEXT_VERSION="v0.1.0" - # Optionally adjust starting version based on bump_type, but v0.1.0 is common start - if [ "${{ github.event.inputs.bump_type }}" == "minor" ]; then - NEXT_VERSION="v0.1.0" # Or maybe v0.1.0 ? Depends on convention - elif [ "${{ github.event.inputs.bump_type }}" == "major" ]; then - NEXT_VERSION="v1.0.0" # Or maybe v1.0.0 ? Depends on convention - fi + # Determine initial version based on bump type (optional, v0.1.0 is often fine) + case "${{ github.event.inputs.bump_type }}" in + patch|minor) + NEXT_VERSION="v0.1.0" + ;; + major) + NEXT_VERSION="v1.0.0" + ;; + *) # Should not happen due to 'choice' input, but good practice + echo "Invalid bump type: ${{ github.event.inputs.bump_type }}" + exit 1 + ;; + esac else echo "Latest tag found: $LATEST_TAG" # Remove 'v' prefix for calculation @@ -94,32 +102,41 @@ jobs: - name: Create and Push Tag run: | + # Configure Git user identity for annotated tag (FIX) + git config --global user.name 'github-actions[bot]' + git config --global user.email 'github-actions[bot]@users.noreply.github.com' + NEXT_TAG="${{ steps.tag_version.outputs.next_version }}" COMMIT_SHA=$(git rev-parse HEAD) echo "Tagging commit $COMMIT_SHA with $NEXT_TAG" - # Create an annotated tag (recommended) + # Create an annotated tag (recommended) - this requires user.name/email git tag -a "$NEXT_TAG" -m "Release $NEXT_TAG" # Push the tag to the remote repository + echo "Pushing tag $NEXT_TAG to origin" git push origin "$NEXT_TAG" - name: Verify Tag Push run: | echo "Checking if tag ${{ steps.tag_version.outputs.next_version }} exists remotely..." + # Give remote a second to update + sleep 5 git ls-remote --tags origin | grep "refs/tags/${{ steps.tag_version.outputs.next_version }}" || (echo "Tag push verification failed!" && exit 1) echo "Tag successfully pushed." - build__and_push_docker_image: + build_and_push_docker_image: # Renamed job slightly for clarity runs-on: ubuntu-latest - needs: tag_release + needs: tag_release # Depends on the tag being created successfully permissions: - packages: write - contents: read + packages: write # Need permission to write to GHCR + contents: read # Need permission to read repo contents (checkout) steps: - name: Checkout code uses: actions/checkout@v4 + # No need to checkout specific ref here, use default branch code + # The tag is just metadata for the Docker image version - name: Login to GitHub Container Registry uses: docker/login-action@v3 @@ -137,12 +154,19 @@ jobs: with: images: ghcr.io/${{ github.repository_owner }}/surfsense_backend tags: | - type=raw,value=0.0.1 + # Use the tag generated in the previous job (FIX) + type=raw,value=${{ needs.tag_release.outputs.new_tag }} + # Optionally add 'latest' tag if building from the default branch + type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || github.event.inputs.branch == github.event.repository.default_branch }} - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: ./surfsense_backend push: true - tags: $IMAGE_TAG + # Use the tags generated by the metadata action (FIX) + tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + # Optional: Add build cache for faster builds + cache-from: type=gha + cache-to: type=gha,mode=max From ff78dde5e5244c48a2e9fbd5bb02f5aff92d0839 Mon Sep 17 00:00:00 2001 From: Anshul Sharma Date: Wed, 23 Apr 2025 21:59:03 +0530 Subject: [PATCH 08/10] remove comments --- .github/workflows/docker_build.yaml | 168 ++++++++++++++++++++++++++++ 1 file changed, 168 insertions(+) diff --git a/.github/workflows/docker_build.yaml b/.github/workflows/docker_build.yaml index 517715d9b..bc2e24df6 100644 --- a/.github/workflows/docker_build.yaml +++ b/.github/workflows/docker_build.yaml @@ -170,3 +170,171 @@ jobs: # Optional: Add build cache for faster builds cache-from: type=gha cache-to: type=gha,mode=max +name: Build and Push Docker Image + +on: + workflow_dispatch: + inputs: + bump_type: + description: 'Version bump type (patch, minor, major)' + required: true + default: 'patch' + type: choice + options: + - patch + - minor + - major + branch: + description: 'Branch to tag (leave empty for default branch)' + required: false + default: '' + +permissions: + contents: write # Needed for pushing tags + packages: write # Needed for pushing docker images to GHCR + +jobs: + tag_release: + runs-on: ubuntu-latest + outputs: + # Define output to pass the tag to the next job + new_tag: ${{ steps.tag_version.outputs.next_version }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + # Fetch all history and tags to find the latest SemVer tag + fetch-depth: 0 + # Checkout the specific branch if provided, otherwise default + ref: ${{ github.event.inputs.branch }} + # Token needed to push tags back + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Get latest SemVer tag and calculate next version + id: tag_version + run: | + # Fetch all tags from remote just in case + git fetch --tags + + # Get the latest SemVer tag (handles vX.Y.Z pattern) + # Filters tags, sorts them version-aware, takes the last one + LATEST_TAG=$(git tag --list 'v[0-9]*.[0-9]*.[0-9]*' --sort='v:refname' | tail -n 1) + + if [ -z "$LATEST_TAG" ]; then + echo "No previous SemVer tag found. Starting with v0.1.0" + # Determine initial version based on bump type (optional, v0.1.0 is often fine) + case "${{ github.event.inputs.bump_type }}" in + patch|minor) + NEXT_VERSION="v0.1.0" + ;; + major) + NEXT_VERSION="v1.0.0" + ;; + *) # Should not happen due to 'choice' input, but good practice + echo "Invalid bump type: ${{ github.event.inputs.bump_type }}" + exit 1 + ;; + esac + else + echo "Latest tag found: $LATEST_TAG" + # Remove 'v' prefix for calculation + VERSION=${LATEST_TAG#v} + + # Split into parts + MAJOR=$(echo $VERSION | cut -d. -f1) + MINOR=$(echo $VERSION | cut -d. -f2) + PATCH=$(echo $VERSION | cut -d. -f3) + + # Bump version based on input + case "${{ github.event.inputs.bump_type }}" in + patch) + PATCH=$((PATCH + 1)) + ;; + minor) + MINOR=$((MINOR + 1)) + PATCH=0 + ;; + major) + MAJOR=$((MAJOR + 1)) + MINOR=0 + PATCH=0 + ;; + *) + echo "Invalid bump type: ${{ github.event.inputs.bump_type }}" + exit 1 + ;; + esac + NEXT_VERSION="v${MAJOR}.${MINOR}.${PATCH}" + fi + + echo "Calculated next version: $NEXT_VERSION" + # Set output for subsequent steps + echo "next_version=$NEXT_VERSION" >> $GITHUB_OUTPUT + + - name: Create and Push Tag + run: | + # Configure Git user identity for annotated tag (FIX) + git config --global user.name 'github-actions[bot]' + git config --global user.email 'github-actions[bot]@users.noreply.github.com' + + NEXT_TAG="${{ steps.tag_version.outputs.next_version }}" + COMMIT_SHA=$(git rev-parse HEAD) + echo "Tagging commit $COMMIT_SHA with $NEXT_TAG" + + # Create an annotated tag (recommended) - this requires user.name/email + git tag -a "$NEXT_TAG" -m "Release $NEXT_TAG" + + # Push the tag to the remote repository + echo "Pushing tag $NEXT_TAG to origin" + git push origin "$NEXT_TAG" + + - name: Verify Tag Push + run: | + echo "Checking if tag ${{ steps.tag_version.outputs.next_version }} exists remotely..." + # Give remote a second to update + sleep 5 + git ls-remote --tags origin | grep "refs/tags/${{ steps.tag_version.outputs.next_version }}" || (echo "Tag push verification failed!" && exit 1) + echo "Tag successfully pushed." + + build_and_push_docker_image: + runs-on: ubuntu-latest + needs: tag_release # Depends on the tag being created successfully + permissions: + packages: write # Need permission to write to GHCR + contents: read # Need permission to read repo contents (checkout) + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Extract metadata (tags, labels) for Docker build + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository_owner }}/surfsense_backend + tags: | + # Use the tag generated in the previous job + type=raw,value=${{ needs.tag_release.outputs.new_tag }} + # Optionally add 'latest' tag if building from the default branch + type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || github.event.inputs.branch == github.event.repository.default_branch }} + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: ./surfsense_backend + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + # Optional: Add build cache for faster builds + cache-from: type=gha + cache-to: type=gha,mode=max From 7e5dd5c146d0dfc5cedfa4b1d9a05b249de81353 Mon Sep 17 00:00:00 2001 From: Anshul Sharma Date: Wed, 23 Apr 2025 22:00:11 +0530 Subject: [PATCH 09/10] fixed yaml --- .github/workflows/docker_build.yaml | 172 ---------------------------- 1 file changed, 172 deletions(-) diff --git a/.github/workflows/docker_build.yaml b/.github/workflows/docker_build.yaml index bc2e24df6..4253ec84f 100644 --- a/.github/workflows/docker_build.yaml +++ b/.github/workflows/docker_build.yaml @@ -1,177 +1,5 @@ name: Build and Push Docker Image -on: - workflow_dispatch: - inputs: - bump_type: - description: 'Version bump type (patch, minor, major)' - required: true - default: 'patch' - type: choice - options: - - patch - - minor - - major - branch: - description: 'Branch to tag (leave empty for default branch)' - required: false - default: '' - -permissions: - contents: write # Needed for pushing tags - packages: write # Needed for pushing docker images to GHCR - -jobs: - tag_release: - runs-on: ubuntu-latest - # Removed env: IMAGE_TAG here, it's not used correctly across jobs - outputs: - # Define output to pass the tag to the next job - new_tag: ${{ steps.tag_version.outputs.next_version }} - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - # Fetch all history and tags to find the latest SemVer tag - fetch-depth: 0 - # Checkout the specific branch if provided, otherwise default - ref: ${{ github.event.inputs.branch }} - # Token needed to push tags back - token: ${{ secrets.GITHUB_TOKEN }} - - - name: Get latest SemVer tag and calculate next version - id: tag_version - run: | - # Fetch all tags from remote just in case - git fetch --tags - - # Get the latest SemVer tag (handles vX.Y.Z pattern) - # Filters tags, sorts them version-aware, takes the last one - LATEST_TAG=$(git tag --list 'v[0-9]*.[0-9]*.[0-9]*' --sort='v:refname' | tail -n 1) - - if [ -z "$LATEST_TAG" ]; then - echo "No previous SemVer tag found. Starting with v0.1.0" - # Determine initial version based on bump type (optional, v0.1.0 is often fine) - case "${{ github.event.inputs.bump_type }}" in - patch|minor) - NEXT_VERSION="v0.1.0" - ;; - major) - NEXT_VERSION="v1.0.0" - ;; - *) # Should not happen due to 'choice' input, but good practice - echo "Invalid bump type: ${{ github.event.inputs.bump_type }}" - exit 1 - ;; - esac - else - echo "Latest tag found: $LATEST_TAG" - # Remove 'v' prefix for calculation - VERSION=${LATEST_TAG#v} - - # Split into parts - MAJOR=$(echo $VERSION | cut -d. -f1) - MINOR=$(echo $VERSION | cut -d. -f2) - PATCH=$(echo $VERSION | cut -d. -f3) - - # Bump version based on input - case "${{ github.event.inputs.bump_type }}" in - patch) - PATCH=$((PATCH + 1)) - ;; - minor) - MINOR=$((MINOR + 1)) - PATCH=0 - ;; - major) - MAJOR=$((MAJOR + 1)) - MINOR=0 - PATCH=0 - ;; - *) - echo "Invalid bump type: ${{ github.event.inputs.bump_type }}" - exit 1 - ;; - esac - NEXT_VERSION="v${MAJOR}.${MINOR}.${PATCH}" - fi - - echo "Calculated next version: $NEXT_VERSION" - # Set output for subsequent steps - echo "next_version=$NEXT_VERSION" >> $GITHUB_OUTPUT - - - name: Create and Push Tag - run: | - # Configure Git user identity for annotated tag (FIX) - git config --global user.name 'github-actions[bot]' - git config --global user.email 'github-actions[bot]@users.noreply.github.com' - - NEXT_TAG="${{ steps.tag_version.outputs.next_version }}" - COMMIT_SHA=$(git rev-parse HEAD) - echo "Tagging commit $COMMIT_SHA with $NEXT_TAG" - - # Create an annotated tag (recommended) - this requires user.name/email - git tag -a "$NEXT_TAG" -m "Release $NEXT_TAG" - - # Push the tag to the remote repository - echo "Pushing tag $NEXT_TAG to origin" - git push origin "$NEXT_TAG" - - - name: Verify Tag Push - run: | - echo "Checking if tag ${{ steps.tag_version.outputs.next_version }} exists remotely..." - # Give remote a second to update - sleep 5 - git ls-remote --tags origin | grep "refs/tags/${{ steps.tag_version.outputs.next_version }}" || (echo "Tag push verification failed!" && exit 1) - echo "Tag successfully pushed." - - build_and_push_docker_image: # Renamed job slightly for clarity - runs-on: ubuntu-latest - needs: tag_release # Depends on the tag being created successfully - permissions: - packages: write # Need permission to write to GHCR - contents: read # Need permission to read repo contents (checkout) - - steps: - - name: Checkout code - uses: actions/checkout@v4 - # No need to checkout specific ref here, use default branch code - # The tag is just metadata for the Docker image version - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Extract metadata (tags, labels) for Docker build - id: meta - uses: docker/metadata-action@v5 - with: - images: ghcr.io/${{ github.repository_owner }}/surfsense_backend - tags: | - # Use the tag generated in the previous job (FIX) - type=raw,value=${{ needs.tag_release.outputs.new_tag }} - # Optionally add 'latest' tag if building from the default branch - type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || github.event.inputs.branch == github.event.repository.default_branch }} - - - name: Build and push Docker image - uses: docker/build-push-action@v5 - with: - context: ./surfsense_backend - push: true - # Use the tags generated by the metadata action (FIX) - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - # Optional: Add build cache for faster builds - cache-from: type=gha - cache-to: type=gha,mode=max -name: Build and Push Docker Image - on: workflow_dispatch: inputs: From 0c70064f2f95d3d85c53f9d231a485f5f11c2336 Mon Sep 17 00:00:00 2001 From: Anshul Sharma <153057617+anshul7665@users.noreply.github.com> Date: Sun, 1 Jun 2025 09:46:56 +0530 Subject: [PATCH 10/10] Update docker-publish.yml --- .github/workflows/docker-publish.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 9b7ecc6a0..a90d39203 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -1,8 +1,7 @@ name: Docker Publish on: - push: - branches: [ "main" ] + workflow_dispatch: jobs: build_and_push_backend: