Home Explore Help
Register Sign In
bida
/
bastodon
7
0
Fork 0
Files Issues 8 Pull Requests 0 Wiki
Browse Source

Add github action workflow for manual security builds (#29040)

Claire 3 months ago
parent
dd934ebb07
commit
812a131423
1 changed files with 62 additions and 0 deletions
Split View Show Diff Stats
  1. 62 0
      .github/workflows/build-security.yml

+ 62 - 0
.github/workflows/build-security.yml
View File 

@@ -0,0 +1,62 @@
 
+name: Build security nightly container image
 
+
 
+permissions:
 
+  contents: read
 
+  packages: write
 
+
 
+jobs:
 
+  compute-suffix:
 
+    runs-on: ubuntu-latest
 
+    if: github.repository == 'mastodon/mastodon'
 
+    steps:
 
+      - id: version_vars
 
+        env:
 
+          TZ: Etc/UTC
 
+        run: |
 
+          echo mastodon_version_prerelease=nightly.$(date --date='next day' +'%Y-%m-%d')-security>> $GITHUB_OUTPUT
 
+    outputs:
 
+      prerelease: ${{ steps.version_vars.outputs.mastodon_version_prerelease }}
 
+
 
+  build-image:
 
+    needs: compute-suffix
 
+    uses: ./.github/workflows/build-container-image.yml
 
+    with:
 
+      file_to_build: Dockerfile
 
+      platforms: linux/amd64,linux/arm64
 
+      use_native_arm64_builder: true
 
+      cache: false
 
+      push_to_images: |
 
+        tootsuite/mastodon
 
+        ghcr.io/mastodon/mastodon
 
+      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
 
+      labels: |
 
+        org.opencontainers.image.description=Nightly build image used for testing purposes
 
+      flavor: |
 
+        latest=auto
 
+      tags: |
 
+        type=raw,value=edge
 
+        type=raw,value=nightly
 
+        type=schedule,pattern=${{ needs.compute-suffix.outputs.prerelease }}
 
+    secrets: inherit
 
+
 
+  build-image-streaming:
 
+    needs: compute-suffix
 
+    uses: ./.github/workflows/build-container-image.yml
 
+    with:
 
+      file_to_build: streaming/Dockerfile
 
+      platforms: linux/amd64,linux/arm64
 
+      use_native_arm64_builder: true
 
+      cache: false
 
+      push_to_images: |
 
+        tootsuite/mastodon-streaming
 
+        ghcr.io/mastodon/mastodon-streaming
 
+      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
 
+      labels: |
 
+        org.opencontainers.image.description=Nightly build image used for testing purposes
 
+      flavor: |
 
+        latest=auto
 
+      tags: |
 
+        type=raw,value=edge
 
+        type=raw,value=nightly
 
+        type=schedule,pattern=${{ needs.compute-suffix.outputs.prerelease }}
 
+    secrets: inherit