-
Notifications
You must be signed in to change notification settings - Fork 1.5k
124 lines (110 loc) · 5.14 KB
/
sync-image.yml
File metadata and controls
124 lines (110 loc) · 5.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
name: Target Sync Image
run-name: Target Sync ${{ github.event.issue.title }} by @${{ github.actor }}
on:
issues:
types:
- opened
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
permissions:
issues: write
jobs:
check:
runs-on: ubuntu-latest
if: contains(github.event.issue.labels.*.name, 'sync image')
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
outputs:
image: ${{ steps.get-image.outputs.image }}
link: ${{ steps.get-image.outputs.link }}
platforms: ${{ steps.get-image.outputs.platforms }}
arch: ${{ steps.get-image.outputs.arch }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Check Issue
id: get-image
env:
IMAGE: "${{ github.event.issue.title }}"
ISSUE_BODY: "${{ github.event.issue.body }}"
run: |
ORIGIN_IMAGE="${IMAGE}"
CORRECT_IMAGE="$(./hack/correct-image.sh "${ORIGIN_IMAGE}")"
if [[ "${CORRECT_IMAGE}" == "" ]]; then
gh issue comment ${{ github.event.issue.number }} -b "镜像 '${ORIGIN_IMAGE}' 不是一个镜像"
gh issue close ${{ github.event.issue.number }} --reason "not planned"
exit 1
fi
if [[ "${CORRECT_IMAGE}" != "${ORIGIN_IMAGE}" ]]; then
if ! ./hack/verify-allows.sh ./allows.txt "${CORRECT_IMAGE}"; then
gh issue comment ${{ github.event.issue.number }} -b "镜像 '${ORIGIN_IMAGE}' 不存在呢, 也许应该是 '${CORRECT_IMAGE}', 并且不在白名单列表里, 不支持同步和访问<br>可以将其添加到[白名单](https://github.com/${{ github.repository }}/issues/2328)"
else
gh issue comment ${{ github.event.issue.number }} -b "镜像 '${ORIGIN_IMAGE}' 不存在呢, 也许应该是 '${CORRECT_IMAGE}'"
fi
gh issue close ${{ github.event.issue.number }} --reason "not planned"
exit 1
fi
if ! ./hack/verify-allows.sh ./allows.txt "${ORIGIN_IMAGE}"; then
gh issue comment ${{ github.event.issue.number }} -b "镜像 ${ORIGIN_IMAGE} 不在白名单列表里, 不支持同步和访问<br>可以将其添加到[白名单](https://github.com/${{ github.repository }}/issues/2328)"
gh issue close ${{ github.event.issue.number }} --reason "not planned"
exit 1
fi
IMAGE="${ORIGIN_IMAGE}"
echo "image=${IMAGE}" >> $GITHUB_OUTPUT
GROUP="${IMAGE%%:*}"
GROUP="${GROUP%%@*}"
LINK="https://queue.m.daocloud.io/status/#group:${GROUP}"
echo "link=${LINK}" >> $GITHUB_OUTPUT
BODY="${ISSUE_BODY:-}"
ARCH=""
if [ -z "${ARCH}" ]; then
ARCH=$(printf "%s" "$BODY" | grep -oE 'linux/[a-z0-9/._+-]+' | head -n1 || true)
fi
if [ -z "${ARCH}" ]; then
ARCH="linux/amd64"
fi
echo "arch=${ARCH}" >> $GITHUB_OUTPUT
PLATFORM_FLAG="--platform=${ARCH}"
echo "platforms=${PLATFORM_FLAG}" >> $GITHUB_OUTPUT
gh issue comment ${{ github.event.issue.number }} -b "镜像 ${IMAGE}, 平台 ${ARCH} 将添加到同步队列...<br>[同步队列](${LINK})<br>[详细信息](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})"
sync:
runs-on: ubuntu-latest
needs: check
if: needs.check.result == 'success'
container: ghcr.io/opencidn/ocimirror/sync:v0.0.40
steps:
- shell: sh
run: sync ${{ needs.check.outputs.image }} ${{ needs.check.outputs.platforms }} ${{ secrets.ARGS_CIDN }} ${{ secrets.ARGS_R2_IMAGE }}
runner:
runs-on: ubuntu-latest
needs: check
if: needs.check.result == 'success'
container: ghcr.io/opencidn/cidn/runner:v0.0.108
steps:
- shell: sh
run: runner --handler-name=dc-${{ github.run_number }}-${{ github.event.issue.number }} --update-duration=10s --duration=5m --concurrency=2 ${{ secrets.ARGS_CIDN }}
failure:
runs-on: ubuntu-latest
needs:
- sync
- check
if: always() && needs.sync.result == 'failure'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Sync Failure Status
run: |
gh -R "${{ github.repository }}" issue edit ${{ github.event.issue.number }} --add-label "sync image failure" -b "镜像同步失败"
gh -R "${{ github.repository }}" issue close ${{ github.event.issue.number }} --reason "not planned" --comment "镜像 ${{ needs.check.outputs.image }}, 平台 ${{ needs.check.outputs.arch }} 同步失败<br>请去同步队列查看详细信息。"
success:
runs-on: ubuntu-latest
needs:
- sync
- check
if: needs.sync.result == 'success'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Sync Success Status
run: |
gh -R "${{ github.repository }}" issue edit ${{ github.event.issue.number }} --add-label "sync image succeeded" -b "镜像同步完成"
gh -R "${{ github.repository }}" issue close ${{ github.event.issue.number }} --reason "completed" --comment "镜像 ${{ needs.check.outputs.image }}, 平台 ${{ needs.check.outputs.arch }} 同步完成<br>请使用 m.daocloud.io/${{ needs.check.outputs.image }} 进行访问。"