Add release workflow #77
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Production | |
| on: | |
| schedule: | |
| # Weekly rebuild of all images, to pick up any upstream changes. | |
| - cron: "15 3 * * 0" # At 03:15 on Sunday | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| concurrency: | |
| # Only cancel in-progress runs for pull_request events, this prevents cancelling workflows against main or tags | |
| # A pull_request will reuse the same group thus enabling cancelation, all others receive a unique run_id | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }} | |
| cancel-in-progress: true | |
| jobs: | |
| ci: | |
| name: CI | |
| # This should be the only action checked as required in the repo settings. | |
| # | |
| # This is a meta-job, here to express the conditions we require | |
| # in order to consider a CI run to be successful. | |
| if: always() | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| needs: | |
| - build | |
| steps: | |
| - uses: re-actors/alls-green@release/v1 | |
| with: | |
| jobs: ${{ toJSON(needs) }} | |
| allowed-skips: clean | |
| build: | |
| name: Build | |
| # Build all images, excluding dev versions and matrix versions. | |
| # | |
| # Builds all versions of each image in parallel. | |
| permissions: | |
| contents: read | |
| packages: write | |
| uses: "posit-dev/images-shared/.github/workflows/bakery-build-native.yml@main" | |
| secrets: | |
| DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
| DOCKER_HUB_README_USERNAME: ${{ secrets.DOCKER_HUB_README_USERNAME }} | |
| DOCKER_HUB_README_PASSWORD: ${{ secrets.DOCKER_HUB_README_PASSWORD }} | |
| with: | |
| dev-versions: "exclude" | |
| matrix-versions: "exclude" | |
| # Push images only for merges into main and weekly schduled re-builds. | |
| push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event_name == 'schedule' }} | |
| clean: | |
| name: Clean | |
| if: always() && github.ref == 'refs/heads/main' | |
| permissions: | |
| contents: read | |
| packages: write | |
| needs: | |
| - build | |
| uses: "posit-dev/images-shared/.github/workflows/clean.yml@main" | |
| with: | |
| remove-dangling-caches: true | |
| remove-caches-older-than: 14 | |
| remove-dangling-temporary-images: false | |
| remove-temporary-images-older-than: 3 |