From 90942642ea0f4cd317efc8caaa49864e02f5848b Mon Sep 17 00:00:00 2001 From: Avgustin Marinov Date: Thu, 26 Jun 2025 10:39:32 +0300 Subject: [PATCH] Add docker release workflow (#2500) Signed-off-by: Avgustin Marinov --- .github/workflows/first-interaction.yml | 3 ++ .github/workflows/license-scan.yml | 2 + .github/workflows/release.yml | 2 + .github/workflows/release_docker.yml | 58 +++++++++++++++++++++++++ .github/workflows/stale.yml | 1 + .github/workflows/trivy-scan.yml | 2 + docker/build/build_dev.sh | 2 +- 7 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/release_docker.yml diff --git a/.github/workflows/first-interaction.yml b/.github/workflows/first-interaction.yml index 056e6d90b..3cd536195 100644 --- a/.github/workflows/first-interaction.yml +++ b/.github/workflows/first-interaction.yml @@ -6,7 +6,10 @@ on: jobs: greeting: + # only on original eclipse-hawkbit/hawkbit repo + if: github.repository == 'eclipse-hawkbit/hawkbit' runs-on: ubuntu-latest + steps: - uses: actions/first-interaction@v1 with: diff --git a/.github/workflows/license-scan.yml b/.github/workflows/license-scan.yml index 5b9497e49..379b7778e 100644 --- a/.github/workflows/license-scan.yml +++ b/.github/workflows/license-scan.yml @@ -9,6 +9,8 @@ on: jobs: license-scan: + # only on original eclipse-hawkbit/hawkbit repo or when manually triggered + if: github.repository == 'eclipse-hawkbit/hawkbit' || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest permissions: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 334e442bf..b330fc164 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,6 +10,8 @@ on: jobs: release: + # only on original eclipse-hawkbit/hawkbit repo + if: github.repository == 'eclipse-hawkbit/hawkbit' runs-on: ubuntu-latest permissions: diff --git a/.github/workflows/release_docker.yml b/.github/workflows/release_docker.yml new file mode 100644 index 000000000..3fc553f27 --- /dev/null +++ b/.github/workflows/release_docker.yml @@ -0,0 +1,58 @@ +# This workflow builds and releases Docker images for Hawkbit applications. +# It should be run from personal forks of the hawkbit repository with set . +# personal DOCKERHUB_USERNAME var and DOCKERHUB_TOKEN secret. +name: Release Docker Image + +on: + # enable running the workflow manually + workflow_dispatch: + inputs: + revision: + description: 'Release version' + default: '0-SNAPSHOT' + +jobs: + build: + # only on fork of eclipse-hawkbit/hawkbit repo - see the note above + if: github.repository != 'eclipse-hawkbit/hawkbit' + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: "Release ${{ github.event.inputs.revision }}" + run: echo "Releasing ${{ github.event.inputs.revision }}" + + - name: Log into Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Setup + run: | + ALL_APPS=( + # microservices + "hawkbit-ddi-server", "hawkbit-dmf-server", "hawkbit-mgmt-server", "hawkbit-simple-ui", + # monolith + "hawkbit-update-server" + # db init + build "hawkbit-repository-jpa-init") + echo "ALL_APPS=${ALL_APPS[*]}" >> $GITHUB_ENV + echo "REVISION=${{ github.event.inputs.revision }}" >> $GITHUB_ENV + + - name: Build Docker Images + run: | + cd docker/build + for app in "${ALL_APPS[@]}"; do + docker buildx build -t hawkbit/${APP}:${REVISION} --build-arg HAWKBIT_APP=${APP} --build-arg HAWKBIT_VERSION=${REVISION} . + done + + - name: Push Docker Images + run: | + cd docker/build + for app in "${ALL_APPS[@]}"; do + docker push hawkbit/${APP}:${REVISION} + docker tag hawkbit/${APP}:${REVISION} hawkbit/${APP}:latest + docker push hawkbit/${APP}:latest + done \ No newline at end of file diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 817888e38..9c3563547 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -9,6 +9,7 @@ on: jobs: stale: runs-on: ubuntu-latest + steps: - uses: actions/stale@v9 with: diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml index 93c507237..d3d4437a1 100644 --- a/.github/workflows/trivy-scan.yml +++ b/.github/workflows/trivy-scan.yml @@ -9,6 +9,8 @@ on: jobs: trivy-scan: + # only on original eclipse-hawkbit/hawkbit repo or when manually triggered + if: github.repository == 'eclipse-hawkbit/hawkbit' || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest permissions: diff --git a/docker/build/build_dev.sh b/docker/build/build_dev.sh index faa66dd43..42d7915e9 100755 --- a/docker/build/build_dev.sh +++ b/docker/build/build_dev.sh @@ -46,7 +46,7 @@ function build() { fi echo "docker file : ${DOCKER_FILE}" - docker build -t hawkbit/$1:${TAG} --build-arg HAWKBIT_APP=$1 --build-arg HAWKBIT_VERSION=${VERSION} -f ${DOCKER_FILE} "${MVN_REPO}" + docker buildx build -t hawkbit/$1:${TAG} --build-arg HAWKBIT_APP=$1 --build-arg HAWKBIT_VERSION=${VERSION} -f ${DOCKER_FILE} "${MVN_REPO}" } if [ -z "$1" ]; then