Skip to content

Image refresh

Image refresh #15461

name: Image refresh
on:
workflow_dispatch: ~
schedule:
- cron: '0 * * * *'
jobs:
latest-image:
runs-on: ubuntu-latest
container:
image: isseim/s3s:latest
options: --user root # because isseim/s3s uses the user `s3s` by default, who isn't allowed to write outputs.
outputs:
revision: ${{ steps.get-revision.outputs.revision }}
steps:
- name: Get latest image revision
id: get-revision
run: echo "revision=$(cat /opt/s3s/REVISION)" >> "$GITHUB_OUTPUT"
latest-app:
runs-on: ubuntu-latest
outputs:
revision: ${{ steps.get-revision.outputs.revision }}
steps:
- name: Get latest app revision
id: get-revision
run: |
revision=$(curl -s -H 'Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' -H 'Content-Type: application.json' https://api.github.com/repos/frozenpandaman/s3s/commits/master | jq -er '.sha')
echo "revision=$revision" >> "$GITHUB_OUTPUT"
refresh-latest-image:
needs: [latest-image, latest-app]
runs-on: ubuntu-latest
if: needs.latest-image.outputs.revision != needs.latest-app.outputs.revision
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v3
with:
build-args: |
REVISION=${{ needs.latest-app.outputs.revision }}
platforms: linux/amd64,linux/arm64
push: true
tags: isseim/s3s:latest
- name: Configure AWS Credentials for refresh notification
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-1
- name: Refresh notification
env:
AWS_PAGER: ''
run: |
aws sns publish --topic-arn ${{ secrets.AWS_NOTIFICATION_TOPIC_ARN }} \
--subject '[s3s-docker] Refreshed image' \
--message 'See: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}'
failure-notification:
needs: [latest-image, latest-app, refresh-latest-image]
runs-on: ubuntu-latest
if: ${{ failure() }}
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-1
- name: Publish SNS topic
env:
AWS_PAGER: ''
run: |
aws sns publish --topic-arn ${{ secrets.AWS_NOTIFICATION_TOPIC_ARN }} \
--subject '[ ! ] [s3s-docker] Failed to refresh image' \
--message 'See: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}'