Update docker base images #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update docker base images | |
| on: | |
| workflow_dispatch: # allow manual trigger | |
| schedule: | |
| - cron: '0 3 * * 0' # every sunday at 03:00 UTC | |
| jobs: | |
| latest-tags: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| latest_tag: ${{ steps.set-tags.outputs.latest_tag }} | |
| remaining_tags: ${{ steps.set-tags.outputs.remaining_tags }} | |
| steps: | |
| - name: Checkout sources 🔰 | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get latest tags | |
| id: latest_tags | |
| run: | | |
| # The command lists the latest 10 Git tags, filtered and sorted by the following rules: | |
| # | |
| # * Minimum version: Only tags with a major version >= v21 are included (where the docker base image feature has been introduced) | |
| # * Only one "-next" version: Displays only the latest -next.x tag, if present. | |
| # * Limit Per Major Line: Shows up to 3 tags per major version. | |
| # * The final output is limited to 10 tags. | |
| git tag -l "v*" \ | |
| | sort -r -V \ | |
| | awk ' | |
| BEGIN { | |
| # Flag to ensure only one "-next" version is included | |
| next_used = 0 | |
| } | |
| { | |
| # Extract the major version | |
| match($0, /^v([0-9]+)\./, m) | |
| major = m[1] | |
| # Skip versions below v21 | |
| if (major < 21) { | |
| next | |
| } | |
| # remove the v prefix | |
| clean_tag = $0 | |
| sub(/^v/, "", clean_tag) | |
| # Check if the tag is a "-next" version | |
| if ($0 ~ /-next\./) { | |
| if (next_used == 0) { | |
| # Use only the latest "-next" version and set the flag | |
| print "Found -next version: clean_tag" > "/dev/stderr" | |
| print "\"" clean_tag "\"" | |
| next_used = 1 | |
| } | |
| } else { | |
| # Allow up to 3 versions per major version line | |
| if (count[major] < 3) { | |
| print "Adding version: clean_tag" > "/dev/stderr" | |
| print "\"" clean_tag "\"" | |
| count[major]++ | |
| } | |
| } | |
| } | |
| ' \ | |
| | head -n 10 \ | |
| | paste -sd "," - \ | |
| | awk '{print "latest_tags=["$0"]"}' | tee -a $GITHUB_OUTPUT | |
| - name: Extract latest and the remaining tags | |
| id: set-tags | |
| run: | | |
| LATEST_TAGS='${{ steps.latest_tags.outputs.latest_tags }}' | |
| LATEST_TAG=$(echo "$LATEST_TAGS" | jq -r '.[0]') | |
| REMAINING_LATEST_TAGS=$(echo "$LATEST_TAGS" | jq -c '.[1:]') | |
| echo "latest_tag=$LATEST_TAG" | tee -a $GITHUB_OUTPUT | |
| echo "remaining_tags=$REMAINING_LATEST_TAGS" | tee -a $GITHUB_OUTPUT | |
| run-for-tag: | |
| needs: latest-tags | |
| strategy: | |
| matrix: | |
| tag: ${{ fromJSON(needs.latest-tags.outputs.remaining_tags) }} | |
| uses: ./.github/workflows/build-tag.yml | |
| with: | |
| tag: ${{ matrix.tag }} | |
| secrets: | |
| nexus_user: ${{ secrets.NEXUS_USER }} | |
| nexus_docker_user: ${{ secrets.NEXUS_DOCKER_USER }} | |
| nexus_pass: ${{ secrets.NEXUS_PASSWORD }} | |
| nexus_docker_password: ${{ secrets.NEXUS_DOCKER_PASSWORD }} | |
| run-latest-tag: | |
| needs: [latest-tags, run-for-tag] | |
| uses: ./.github/workflows/build-tag.yml | |
| with: | |
| tag: ${{ needs.latest-tags.outputs.latest_tag }} | |
| secrets: | |
| nexus_user: ${{ secrets.NEXUS_USER }} | |
| nexus_docker_user: ${{ secrets.NEXUS_DOCKER_USER }} | |
| nexus_pass: ${{ secrets.NEXUS_PASSWORD }} | |
| nexus_docker_password: ${{ secrets.NEXUS_DOCKER_PASSWORD }} |