Skip to content

fix: update isolation as new fixtures of certain scopes arrive #703

fix: update isolation as new fixtures of certain scopes arrive

fix: update isolation as new fixtures of certain scopes arrive #703

Workflow file for this run

name: Container Images
on:
push:
branches:
- main
pull_request:
release:
types: [published]
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
type=ref,event=tag
type=raw,value=stable,enable=${{ startsWith(github.ref, 'refs/tags/') }}
type=ref,event=pr
- name: Show tags
continue-on-error: true
run: |
echo "Tags generated by metadata-action:\n"
for tag in ${{ steps.metadata.output.tags }}; do
echo $tag
done
- name: Extract version from tag
if: startsWith(github.ref, 'refs/tags/')
run: echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV
- name: Log into GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push slim
uses: docker/build-push-action@v4
with:
context: .
file: ./Dockerfile.slim
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}-slim
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BUILD_DATE=${{ github.event.repository.updated_at }}
VCS_REF=${{ github.sha }}
VERSION=${{ env.VERSION }}
- name: Build and push
uses: docker/build-push-action@v4
with:
context: .
file: ./Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
SLIM_IMAGE=${{ steps.meta.outputs.tags }}-slim
- name: Fetch all tags and store them
run: |
# List all tags
tags=$(git tag -l)
echo "All tags:"
echo "$tags"
# Save tags in an environment variable for later use
echo "ALL_TAGS=$(echo $tags | tr '\n' ' ')" >> $GITHUB_ENV
- name: Retain last two minor versions
run: |
# Fetch all tags in the format X.Y.Z
echo "Using stored tags..."
all_tags="${{ env.ALL_TAGS }}"
echo "All tags:"
echo "$all_tags"
# Extract the minor versions (X.Y) from tags in the format vX.X.X
latest_two_minors=$(echo "$all_tags" | tr ' ' '\n' | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$' | sed -E 's/^v([0-9]+\.[0-9]+)\.[0-9]+$/\1/' | uniq | tail -n 2)
echo "Last two minor versions:"
echo "$latest_two_minors"
keep_tags=""
for minor in $latest_two_minors; do
echo "Processing minor version: $minor"
patches=$(echo "$all_tags" | tr ' ' '\n' | grep "^v$minor\.")
echo "Latest patch for $minor: $patches"
keep_tags="$keep_tags $patches"
done
# Store the tags in the environment variable
keep_tags=$(echo $keep_tags | tr ' ' '\n' | paste -sd ',' -)
echo "Tags to keep: $keep_tags"
echo "keep_tags=$keep_tags" >> $GITHUB_ENV
echo "keep_tags=$keep_tags"
- name: Run container retention policy
if: github.ref == 'refs/heads/main'
uses: snok/container-retention-policy@v3.0.0
with:
account: ApeWorX
token: ${{ secrets.GITHUB_TOKEN }}
image-tags: "!stable* !latest* !${{ env.keep_tags }}"
tag-selection: both
cut-off: 4w
dry-run: true