Nightly Release #317
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Nightly Release | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "0 0 * * *" | |
| permissions: | |
| contents: write | |
| packages: write | |
| jobs: | |
| create-release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Delete old release | |
| run: gh release delete --cleanup-tag --yes nightly || echo release not found | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| OWNER: ${{ github.repository_owner }} | |
| REPO: ${{ github.event.repository.name }} | |
| - name: Create release | |
| uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3 | |
| with: | |
| prerelease: true | |
| tag_name: nightly | |
| generate-metadata: | |
| runs-on: ubuntu-latest | |
| needs: create-release | |
| outputs: | |
| VERSION: ${{ steps.metadata.outputs.VERSION }} | |
| COMMIT_HASH: ${{ steps.metadata.outputs.COMMIT_HASH }} | |
| BUILD_TIMESTAMP: ${{ steps.metadata.outputs.BUILD_TIMESTAMP }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: nightly | |
| - name: Generate metadata | |
| id: metadata | |
| run: | | |
| echo "VERSION=nightly" >> "$GITHUB_OUTPUT" | |
| echo "COMMIT_HASH=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT" | |
| echo "BUILD_TIMESTAMP=$(date '+%Y-%m-%dT%H:%M:%S')" >> "$GITHUB_OUTPUT" | |
| binary-build: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - create-release | |
| - generate-metadata | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: nightly | |
| - name: Install bun | |
| uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2 | |
| - name: Install go | |
| uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 | |
| with: | |
| go-version: "^1.26.0" | |
| - name: Install frontend dependencies | |
| run: | | |
| cd frontend | |
| bun install --frozen-lockfile | |
| - name: Install backend dependencies | |
| run: | | |
| go mod download | |
| - name: Build frontend | |
| run: | | |
| cd frontend | |
| bun run build | |
| - name: Build | |
| run: | | |
| cp -r frontend/dist internal/assets/dist | |
| go build -ldflags "-s -w -X github.com/tinyauthapp/tinyauth/internal/config.Version=${{ needs.generate-metadata.outputs.VERSION }} -X github.com/tinyauthapp/tinyauth/internal/config.CommitHash=${{ needs.generate-metadata.outputs.COMMIT_HASH }} -X github.com/tinyauthapp/tinyauth/internal/config.BuildTimestamp=${{ needs.generate-metadata.outputs.BUILD_TIMESTAMP }}" -o tinyauth-amd64 ./cmd/tinyauth | |
| env: | |
| CGO_ENABLED: 0 | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: tinyauth-amd64 | |
| path: tinyauth-amd64 | |
| binary-build-arm: | |
| runs-on: ubuntu-24.04-arm | |
| needs: | |
| - create-release | |
| - generate-metadata | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: nightly | |
| - name: Install bun | |
| uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2 | |
| - name: Install go | |
| uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 | |
| with: | |
| go-version: "^1.26.0" | |
| - name: Install frontend dependencies | |
| run: | | |
| cd frontend | |
| bun install --frozen-lockfile | |
| - name: Install backend dependencies | |
| run: | | |
| go mod download | |
| - name: Build frontend | |
| run: | | |
| cd frontend | |
| bun run build | |
| - name: Build | |
| run: | | |
| cp -r frontend/dist internal/assets/dist | |
| go build -ldflags "-s -w -X github.com/tinyauthapp/tinyauth/internal/config.Version=${{ needs.generate-metadata.outputs.VERSION }} -X github.com/tinyauthapp/tinyauth/internal/config.CommitHash=${{ needs.generate-metadata.outputs.COMMIT_HASH }} -X github.com/tinyauthapp/tinyauth/internal/config.BuildTimestamp=${{ needs.generate-metadata.outputs.BUILD_TIMESTAMP }}" -o tinyauth-arm64 ./cmd/tinyauth | |
| env: | |
| CGO_ENABLED: 0 | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: tinyauth-arm64 | |
| path: tinyauth-arm64 | |
| image-build: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - create-release | |
| - generate-metadata | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: nightly | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 | |
| with: | |
| images: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| - name: Build and push | |
| uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7 | |
| id: build | |
| with: | |
| platforms: linux/amd64 | |
| labels: ${{ steps.meta.outputs.labels }} | |
| tags: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| outputs: type=image,push-by-digest=true,name-canonical=true,push=true | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| build-args: | | |
| VERSION=${{ needs.generate-metadata.outputs.VERSION }} | |
| COMMIT_HASH=${{ needs.generate-metadata.outputs.COMMIT_HASH }} | |
| BUILD_TIMESTAMP=${{ needs.generate-metadata.outputs.BUILD_TIMESTAMP }} | |
| - name: Export digest | |
| run: | | |
| mkdir -p ${{ runner.temp }}/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "${{ runner.temp }}/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: digests-linux-amd64 | |
| path: ${{ runner.temp }}/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| image-build-distroless: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - create-release | |
| - generate-metadata | |
| - image-build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: nightly | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 | |
| with: | |
| images: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| - name: Build and push | |
| uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7 | |
| id: build | |
| with: | |
| platforms: linux/amd64 | |
| labels: ${{ steps.meta.outputs.labels }} | |
| tags: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| outputs: type=image,push-by-digest=true,name-canonical=true,push=true | |
| file: Dockerfile.distroless | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| build-args: | | |
| VERSION=${{ needs.generate-metadata.outputs.VERSION }} | |
| COMMIT_HASH=${{ needs.generate-metadata.outputs.COMMIT_HASH }} | |
| BUILD_TIMESTAMP=${{ needs.generate-metadata.outputs.BUILD_TIMESTAMP }} | |
| - name: Export digest | |
| run: | | |
| mkdir -p ${{ runner.temp }}/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "${{ runner.temp }}/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: digests-distroless-linux-amd64 | |
| path: ${{ runner.temp }}/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| image-build-arm: | |
| runs-on: ubuntu-24.04-arm | |
| needs: | |
| - create-release | |
| - generate-metadata | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: nightly | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 | |
| with: | |
| images: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| - name: Build and push | |
| uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7 | |
| id: build | |
| with: | |
| platforms: linux/arm64 | |
| labels: ${{ steps.meta.outputs.labels }} | |
| tags: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| outputs: type=image,push-by-digest=true,name-canonical=true,push=true | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| build-args: | | |
| VERSION=${{ needs.generate-metadata.outputs.VERSION }} | |
| COMMIT_HASH=${{ needs.generate-metadata.outputs.COMMIT_HASH }} | |
| BUILD_TIMESTAMP=${{ needs.generate-metadata.outputs.BUILD_TIMESTAMP }} | |
| - name: Export digest | |
| run: | | |
| mkdir -p ${{ runner.temp }}/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "${{ runner.temp }}/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: digests-linux-arm64 | |
| path: ${{ runner.temp }}/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| image-build-arm-distroless: | |
| runs-on: ubuntu-24.04-arm | |
| needs: | |
| - create-release | |
| - generate-metadata | |
| - image-build-arm | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: nightly | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 | |
| with: | |
| images: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| - name: Build and push | |
| uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7 | |
| id: build | |
| with: | |
| platforms: linux/arm64 | |
| labels: ${{ steps.meta.outputs.labels }} | |
| tags: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| outputs: type=image,push-by-digest=true,name-canonical=true,push=true | |
| file: Dockerfile.distroless | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| build-args: | | |
| VERSION=${{ needs.generate-metadata.outputs.VERSION }} | |
| COMMIT_HASH=${{ needs.generate-metadata.outputs.COMMIT_HASH }} | |
| BUILD_TIMESTAMP=${{ needs.generate-metadata.outputs.BUILD_TIMESTAMP }} | |
| - name: Export digest | |
| run: | | |
| mkdir -p ${{ runner.temp }}/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "${{ runner.temp }}/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: digests-distroless-linux-arm64 | |
| path: ${{ runner.temp }}/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| image-merge: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - image-build | |
| - image-build-arm | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 | |
| with: | |
| path: ${{ runner.temp }}/digests | |
| pattern: digests-* | |
| merge-multiple: true | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 | |
| with: | |
| images: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=raw,nightly | |
| - name: Create manifest list and push | |
| working-directory: ${{ runner.temp }}/digests | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf 'ghcr.io/${{ github.repository_owner }}/tinyauth@sha256:%s ' *) | |
| image-merge-distroless: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - image-build-distroless | |
| - image-build-arm-distroless | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 | |
| with: | |
| path: ${{ runner.temp }}/digests | |
| pattern: digests-distroless-* | |
| merge-multiple: true | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 | |
| with: | |
| images: ghcr.io/${{ github.repository_owner }}/tinyauth | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=raw,nightly-distroless | |
| - name: Create manifest list and push | |
| working-directory: ${{ runner.temp }}/digests | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf 'ghcr.io/${{ github.repository_owner }}/tinyauth@sha256:%s ' *) | |
| update-release: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - binary-build | |
| - binary-build-arm | |
| steps: | |
| - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 | |
| with: | |
| pattern: tinyauth-* | |
| path: binaries | |
| merge-multiple: true | |
| - name: Release | |
| uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3 | |
| with: | |
| files: binaries/* | |
| tag_name: nightly |