Skip to content

Dev-v6 Build & Push #27

Dev-v6 Build & Push

Dev-v6 Build & Push #27

name: Dev-v6 Build & Push
on:
workflow_dispatch:
schedule:
- cron: '0 11 * * *'
jobs:
job01:
name: Base update check
runs-on: ubuntu-latest
outputs:
base_update_available: ${{ steps.base_update_check.outputs.build_image }}
unbound_update_available: ${{ steps.unbound_update_check.outputs.build_image }}
steps:
-
name: Checkout
uses: actions/checkout@v4
with:
ref: main
-
name: Base image update check
id: base_update_check
run: |
function validate_digest() {
local digest="$1"
if [[ ! "$digest" =~ ^sha256:[a-f0-9]{64}$ ]]; then
echo "Error invalid digest format: $digest"
exit 1
fi
}
BASE_IMAGE_DIGEST=$(curl -s https://registry.hub.docker.com/v2/repositories/pihole/pihole/tags/development | grep -oP '"digest":"\K[^"]+' | tail -1)
validate_digest "$BASE_IMAGE_DIGEST"
PREVIOUS_DIGEST=$(cat ./digest/digest_base_development)
validate_digest "$PREVIOUS_DIGEST"
if [ "$BASE_IMAGE_DIGEST" == "$PREVIOUS_DIGEST" ]; then
echo "Base image has not been updated. Exiting..."
echo "build_image=false" >> $GITHUB_OUTPUT
else
echo "Base image has been updated. Continuing with the build..."
echo "build_image=true" >> $GITHUB_OUTPUT
fi
-
name: Unbound update check
id: unbound_update_check
run: |
function validate_digest() {
local digest="$1"
if [[ ! "$digest" =~ ^[a-f0-9]{64}$ ]]; then
echo "Error invalid digest format: $digest"
exit 1
fi
}
curl -O --silent https://nlnetlabs.nl/downloads/unbound/unbound-latest.tar.gz
LATEST_UNBOUND_DIGEST=$(sha256sum unbound-latest.tar.gz | cut -d ' ' -f 1)
validate_digest "$LATEST_UNBOUND_DIGEST"
PREVIOUS_UNBOUND_DIGEST=$(cat ./digest/digest_unbound_development)
validate_digest "$PREVIOUS_UNBOUND_DIGEST"
if [ "$LATEST_UNBOUND_DIGEST" == "$PREVIOUS_UNBOUND_DIGEST" ]; then
echo "Unbound has not been updated. Exiting..."
echo "build_image=false" >> $GITHUB_OUTPUT
else
echo "Unbound has been updated. Continuing with the build..."
echo "build_image=true" >> $GITHUB_OUTPUT
fi
job02:
name: Build and publish
needs: [job01]
if: needs.job01.outputs.base_update_available == 'true' || needs.job01.outputs.unbound_update_available == 'true'
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
with:
ref: main
-
name: Pi-hole version code
id: pihole_version_code_check
run: |
CHECK_VERSION_CODE=$(curl -s https://registry.hub.docker.com/v2/repositories/pihole/pihole/tags/development | grep -oP '"tag_last_pushed":"\K[^"]+' | tail -1 | cut -c 1-9 | sed 's/-/./g')
echo "New Version: $CHECK_VERSION_CODE"
echo VERSION_CODE=$CHECK_VERSION_CODE >> $GITHUB_OUTPUT
-
name: Unbound version code
id: unbound_version_code_check
run: |
function validate_version() {
local version="$1"
if [[ ! "$version" =~ ^[0-9]{1}\.[0-9]{2}\.[0-9]{1}$ ]]; then
echo "Error invalid version format: $version"
exit 1
fi
}
CHECK_VERSION_CODE=$(curl -s https://api.github.com/repos/NLnetLabs/unbound/releases/latest | grep '"name"' | awk -F'"' '{print $4}' | cut -d' ' -f 2)
echo "Unbound Version: $CHECK_VERSION_CODE"
validate_version "$CHECK_VERSION_CODE"
echo VERSION_CODE=$CHECK_VERSION_CODE >> $GITHUB_OUTPUT
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ secrets.DOCKERHUB_NAMESPACE }}/pihole-unbound
flavor: |
latest=false
tags: |
type=raw,value=development
-
name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v6
with:
context: ./
file: ./Dockerfile-Dev-V6
platforms: linux/amd64, linux/arm64, linux/arm/v7, linux/arm/v6
build-args: |
BASE_IMG_TAG=development
UNBOUND_VERSION_CODE=${{ steps.unbound_version_code_check.outputs.VERSION_CODE }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: |
type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.development
cache-to: |
type=registry,ref=${{ secrets.DOCKERHUB_NAMESPACE }}/docker-cache:buildcache.pihole-unbound.development,mode=max
-
name: Create release
uses: svenstaro/upload-release-action@v2
env:
UNBOUND_RELEASE_URL: https://github.com/NLnetLabs/unbound/releases/tag/release
with:
body: |
## Versions
Pi-hole: `development-${{ steps.pihole_version_code_check.outputs.VERSION_CODE }}`
Unbound: `${{ steps.unbound_version_code_check.outputs.VERSION_CODE }}`
## What's Changed (Docker Image development-${{ steps.pihole_version_code_check.outputs.VERSION_CODE }})
* Check Pi-hole Docker detailed changelog [here.](https://github.com/pi-hole/docker-pi-hole/commits/development)
* Check Unbound detailed changelog [here.](${{ env.UNBOUND_RELEASE_URL }}-${{ steps.unbound_version_code_check.outputs.VERSION_CODE }})
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ./digest/digest_base_development
release_name: development-${{ steps.pihole_version_code_check.outputs.VERSION_CODE }}
tag: development-${{ steps.pihole_version_code_check.outputs.VERSION_CODE }}
prerelease: true
overwrite: true
-
name: Update digest to file
run: |
BASE_IMAGE_DIGEST=$(curl -s https://registry.hub.docker.com/v2/repositories/pihole/pihole/tags/development | grep -oP '"digest":"\K[^"]+' | tail -1)
echo "New Base Digest: $BASE_IMAGE_DIGEST"
echo $BASE_IMAGE_DIGEST > ./digest/digest_base_development
curl -O --silent https://nlnetlabs.nl/downloads/unbound/unbound-latest.tar.gz
LATEST_UNBOUND_DIGEST=$(sha256sum unbound-latest.tar.gz | cut -d ' ' -f 1)
echo "New Unbound Digest: $LATEST_UNBOUND_DIGEST"
echo $LATEST_UNBOUND_DIGEST > ./digest/digest_unbound_development
-
name: Commit files
run: |
git config user.name "GitHub Actions"
git config user.email "[email protected]"
git commit -a -m "Digest Value Updated"
-
name: Push changes to repository
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
force: true