Improve online runner check (#35722) #5584
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | name: release-nightly | |
| on: | |
| push: | |
| branches: [main, release/v*] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| nightly-binary: | |
| runs-on: namespace-profile-gitea-release-binary | |
| steps: | |
| - uses: actions/checkout@v5 | |
| # fetch all commits instead of only the last as some branches are long lived and could have many between versions | |
| # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 | |
| - run: git fetch --unshallow --quiet --tags --force | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| check-latest: true | |
| - uses: pnpm/action-setup@v4 | |
| - uses: actions/setup-node@v5 | |
| with: | |
| node-version: 24 | |
| - run: make deps-frontend deps-backend | |
| # xgo build | |
| - run: make release | |
| env: | |
| TAGS: bindata sqlite sqlite_unlock_notify | |
| - name: import gpg key | |
| id: import_gpg | |
| uses: crazy-max/ghaction-import-gpg@v6 | |
| with: | |
| gpg_private_key: ${{ secrets.GPGSIGN_KEY }} | |
| passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }} | |
| - name: sign binaries | |
| run: | | |
| for f in dist/release/*; do | |
| echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f" | |
| done | |
| # clean branch name to get the folder name in S3 | |
| - name: Get cleaned branch name | |
| id: clean_name | |
| run: | | |
| REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') | |
| echo "Cleaned name is ${REF_NAME}" | |
| echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT" | |
| - name: configure aws | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: upload binaries to s3 | |
| run: | | |
| aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress | |
| nightly-docker-rootful: | |
| runs-on: namespace-profile-gitea-release-docker | |
| permissions: | |
| packages: write # to publish to ghcr.io | |
| steps: | |
| - uses: actions/checkout@v5 | |
| # fetch all commits instead of only the last as some branches are long lived and could have many between versions | |
| # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 | |
| - run: git fetch --unshallow --quiet --tags --force | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| check-latest: true | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - name: Get cleaned branch name | |
| id: clean_name | |
| run: | | |
| REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') | |
| echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT" | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GHCR using PAT | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: fetch go modules | |
| run: make vendor | |
| - name: build rootful docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64,linux/riscv64 | |
| push: true | |
| tags: |- | |
| gitea/gitea:${{ steps.clean_name.outputs.branch }} | |
| ghcr.io/go-gitea/gitea:${{ steps.clean_name.outputs.branch }} | |
| nightly-docker-rootless: | |
| runs-on: namespace-profile-gitea-release-docker | |
| permissions: | |
| packages: write # to publish to ghcr.io | |
| steps: | |
| - uses: actions/checkout@v5 | |
| # fetch all commits instead of only the last as some branches are long lived and could have many between versions | |
| # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 | |
| - run: git fetch --unshallow --quiet --tags --force | |
| - uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: go.mod | |
| check-latest: true | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - name: Get cleaned branch name | |
| id: clean_name | |
| run: | | |
| REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') | |
| echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT" | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GHCR using PAT | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: fetch go modules | |
| run: make vendor | |
| - name: build rootless docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| file: Dockerfile.rootless | |
| tags: |- | |
| gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless | |
| ghcr.io/go-gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless |