Remove cached from SCSS compilation
#403
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - test | |
| tags: | |
| - '*' | |
| jobs: | |
| # https://github.com/marketplace/actions/skip-duplicate-actions | |
| # Some checks to determine if we need to continue with building a new docker. | |
| # We will skip this check if we are creating a tag, because that has the same hash as a previous run already. | |
| skip_check: | |
| runs-on: ubuntu-24.04 | |
| if: ${{ github.repository == 'dani-garcia/vaultwarden' }} | |
| outputs: | |
| should_skip: ${{ steps.skip_check.outputs.should_skip }} | |
| steps: | |
| - name: Skip Duplicates Actions | |
| id: skip_check | |
| uses: fkirc/skip-duplicate-actions@f75f66ce1886f00957d99748a42c724f4330bdcf # v5.3.1 | |
| with: | |
| cancel_others: 'true' | |
| # Only run this when not creating a tag | |
| if: ${{ github.ref_type == 'branch' }} | |
| docker-build: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 120 | |
| #needs: skip_check | |
| #if: ${{ needs.skip_check.outputs.should_skip != 'true' && github.repository == 'dani-garcia/vaultwarden' }} | |
| env: | |
| SOURCE_COMMIT: ${{ github.sha }} | |
| SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}" | |
| # The *_REPO variables need to be configured as repository variables | |
| # Append `/settings/variables/actions` to your repo url | |
| # DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>' | |
| # Check for Docker hub credentials in secrets | |
| HAVE_DOCKERHUB_LOGIN: ${{ vars.DOCKERHUB_REPO != '' && secrets.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != '' }} | |
| # GHCR_REPO needs to be 'ghcr.io/<user>/<repo>' | |
| # Check for Github credentials in secrets | |
| HAVE_GHCR_LOGIN: ${{ vars.GHCR_REPO != '' && github.repository_owner != '' && secrets.GITHUB_TOKEN != '' }} | |
| # QUAY_REPO needs to be 'quay.io/<user>/<repo>' | |
| # Check for Quay.io credentials in secrets | |
| HAVE_QUAY_LOGIN: ${{ vars.QUAY_REPO != '' && secrets.QUAY_USERNAME != '' && secrets.QUAY_TOKEN != '' }} | |
| PLATFORMS: "['linux/amd64', 'linux/amd64/v3', 'linux/arm64']" | |
| strategy: | |
| matrix: | |
| base_image: ["debian","alpine"] | |
| outputs: | |
| source-version: ${{ steps.determine-version.outputs.SOURCE_VERSION }} | |
| platforms: ${{ steps.extract-binaries.outputs.PLTF }} | |
| steps: | |
| # Checkout the repo | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Initialize QEMU binfmt support | |
| uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
| with: | |
| platforms: "arm64,arm" | |
| # Start Docker Buildx | |
| - name: Setup Docker Buildx | |
| uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 | |
| # https://github.com/moby/buildkit/issues/3969 | |
| # Also set max parallelism to 3, the default of 4 breaks GitHub Actions and causes OOMKills | |
| with: | |
| buildkitd-config-inline: | | |
| [worker.oci] | |
| max-parallelism = 3 | |
| driver-opts: | | |
| network=host | |
| # Determine Base Tags and Source Version | |
| - name: Determine Base Tags and Source Version | |
| id: determine-version | |
| shell: bash | |
| run: | | |
| # Check which main tag we are going to build determined by github.ref_type | |
| if [[ "${{ github.ref_type }}" == "tag" ]]; then | |
| echo "BASE_TAGS=latest,${GITHUB_REF#refs/*/}" | tee -a "${GITHUB_ENV}" | |
| elif [[ "${{ github.ref_type }}" == "branch" ]]; then | |
| if [[ "${{ github.ref_name }}" == "main" ]]; then | |
| echo "BASE_TAGS=latest" | tee -a "${GITHUB_ENV}" | |
| else | |
| echo "BASE_TAGS=testing" | tee -a "${GITHUB_ENV}" | |
| fi | |
| fi | |
| # Get the Source Version for this release | |
| GIT_EXACT_TAG="$(git describe --tags --abbrev=0 --exact-match 2>/dev/null || true)" | |
| if [[ -n "${GIT_EXACT_TAG}" ]]; then | |
| echo "SOURCE_VERSION=${GIT_EXACT_TAG}" | tee -a "${GITHUB_OUTPUT}" | |
| else | |
| GIT_LAST_TAG="$(git describe --tags --abbrev=0)" | |
| echo "SOURCE_VERSION=${GIT_LAST_TAG}-${SOURCE_COMMIT:0:8}" | tee -a "${GITHUB_OUTPUT}" | |
| fi | |
| # End Determine Base Tags | |
| # Login to Docker Hub | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }} | |
| - name: Add registry for DockerHub | |
| if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }} | |
| shell: bash | |
| run: | | |
| echo "CONTAINER_REGISTRIES=${{ vars.DOCKERHUB_REPO }}" | tee -a "${GITHUB_ENV}" | |
| # Login to GitHub Container Registry | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| if: ${{ env.HAVE_GHCR_LOGIN == 'true' }} | |
| - name: Add registry for ghcr.io | |
| if: ${{ env.HAVE_GHCR_LOGIN == 'true' }} | |
| shell: bash | |
| run: | | |
| echo "CONTAINER_REGISTRIES=${CONTAINER_REGISTRIES:+${CONTAINER_REGISTRIES},}${{ vars.GHCR_REPO }}" | tee -a "${GITHUB_ENV}" | |
| # Login to Quay.io | |
| - name: Login to Quay.io | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_TOKEN }} | |
| if: ${{ env.HAVE_QUAY_LOGIN == 'true' }} | |
| - name: Add registry for Quay.io | |
| if: ${{ env.HAVE_QUAY_LOGIN == 'true' }} | |
| shell: bash | |
| run: | | |
| echo "CONTAINER_REGISTRIES=${CONTAINER_REGISTRIES:+${CONTAINER_REGISTRIES},}${{ vars.QUAY_REPO }}" | tee -a "${GITHUB_ENV}" | |
| - name: Configure build cache from/to | |
| shell: bash | |
| run: | | |
| # | |
| # Check if there is a GitHub Container Registry Login and use it for caching | |
| if [[ -n "${HAVE_GHCR_LOGIN}" ]]; then | |
| echo "BAKE_CACHE_FROM=type=registry,ref=${{ vars.GHCR_REPO }}-buildcache:${{ matrix.base_image }}" | tee -a "${GITHUB_ENV}" | |
| echo "BAKE_CACHE_TO=type=registry,ref=${{ vars.GHCR_REPO }}-buildcache:${{ matrix.base_image }},compression=zstd,mode=max" | tee -a "${GITHUB_ENV}" | |
| else | |
| echo "BAKE_CACHE_FROM=" | |
| echo "BAKE_CACHE_TO=" | |
| fi | |
| # | |
| - name: Configure bake | |
| shell: bash | |
| run: | | |
| PLATFORMS=$(echo "${{ env.PLATFORMS }}" | tr -d "[' ]") | |
| echo "BAKE_PLATFORMS=$PLATFORMS" | tee -a "${GITHUB_ENV}" | |
| mkdir /tmp/vaultwarden | |
| - name: Bake ${{ matrix.base_image }} containers | |
| uses: docker/bake-action@3fc70e1131fee40a422dd8dd0ff22014ae20a1f3 # v5.11.0 | |
| env: | |
| BASE_TAGS: "${{ env.BASE_TAGS }}" | |
| SOURCE_COMMIT: "${{ env.SOURCE_COMMIT }}" | |
| SOURCE_VERSION: "${{ steps.determine-version.outputs.SOURCE_VERSION }}" | |
| SOURCE_REPOSITORY_URL: "${{ env.SOURCE_REPOSITORY_URL }}" | |
| CONTAINER_REGISTRIES: "${{ env.CONTAINER_REGISTRIES }}" | |
| with: | |
| pull: true | |
| files: docker/docker-bake.hcl | |
| targets: "${{ matrix.base_image }}-multi" | |
| set: | | |
| *.cache-from=${{ env.BAKE_CACHE_FROM }} | |
| *.cache-to=${{ env.BAKE_CACHE_TO }} | |
| *.platform=${{ env.BAKE_PLATFORMS }} | |
| *.output=type=local,dest=/tmp/vaultwarden | |
| *.output=type=registry | |
| # Extract the Alpine binaries from the containers | |
| - name: Extract binaries | |
| if: ${{ matrix.base_image == 'alpine' }} | |
| id: extract-binaries | |
| shell: bash | |
| run: | | |
| PLATFORMS=$(echo "${{ env.PLATFORMS }}" | tr '/' '_') | |
| echo "PLTF=$PLATFORMS" | tee -a "$GITHUB_OUTPUT" | |
| - name: Binary cache between jobs | |
| if: ${{ matrix.base_image == 'alpine' }} | |
| uses: actions/cache/save@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 | |
| with: | |
| path: /tmp/vaultwarden/ | |
| key: vaultwarden-binaries-${{ steps.determine-version.outputs.SOURCE_VERSION }} | |
| upload-binaries: | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 120 | |
| needs: docker-build | |
| strategy: | |
| matrix: | |
| platforms: ${{ fromJSON(needs.docker-build.outputs.platforms) }} | |
| steps: | |
| - name: Binary cache between jobs | |
| uses: actions/cache/restore@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 | |
| with: | |
| path: /tmp/vaultwarden/ | |
| key: vaultwarden-binaries-${{ needs.docker-build.outputs.source-version }} | |
| # Upload artifacts to Github Actions | |
| - name: "Upload artifacts" | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: vaultwarden-${{ needs.docker-build.outputs.source-version }}-${{ matrix.platforms }} | |
| path: /tmp/vaultwarden/${{ matrix.platforms }}/vaultwarden |