Skip to content

[UPD] added good badges and secruity scans; #30

[UPD] added good badges and secruity scans;

[UPD] added good badges and secruity scans; #30

name: ci-builds-and-releases
on:
push:
branches:
- main
release:
types:
- created
schedule:
- cron: "0 0 * * *"
jobs:
docker_build:
name: Build and Push Docker Image
runs-on: ubuntu-20.04
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Get short SHA
id: vars
run: echo "SHORT_SHA=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_ENV
- name: Get repo name
id: repo_vars
run: echo "GH_REPO_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV
- name: Build and Push Docker Image
uses: docker/build-push-action@v6
with:
context: .
tags: ${{ secrets.DOCKER_USERNAME }}/${{ env.GH_REPO_NAME }}:${{ env.SHORT_SHA }}, ${{ secrets.DOCKER_USERNAME }}/${{ env.GH_REPO_NAME }}:latest
push: true
platforms: 'linux/amd64,linux/arm64'
labels: ${{ github.github_repository }}
release:
name: Create GitHub Release
runs-on: ubuntu-20.04
needs: docker_build
permissions:
contents: write
actions: read
discussions: write
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get last 4 commits
id: last_commits
run: |
git log -4 --pretty=format:"- %s (%h)" > last_commits.txt
- name: Determine next tag
id: tag_version
run: |
latest_tag=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.0.0")
echo "Latest tag: $latest_tag"
IFS='.' read -r major minor patch <<< "${latest_tag#v}"
patch=$((patch + 1))
new_tag="v$major.$minor.$patch"
while git rev-parse "$new_tag" >/dev/null 2>&1; do
patch=$((patch + 1))
new_tag="v$major.$minor.$patch"
done
echo "New tag: $new_tag"
echo "TAG_NAME=$new_tag" >> $GITHUB_ENV
- name: Create and push new tag
run: |
git tag ${{ env.TAG_NAME }}
git push origin ${{ env.TAG_NAME }}
- name: Upload source code to GitHub Release
uses: softprops/action-gh-release@v2
with:
body_path: last_commits.txt
tag_name: ${{ env.TAG_NAME }}