mirror of
https://github.com/searxng/searxng.git
synced 2025-12-22 19:50:00 +00:00
4942c9b914
Due to current limitations of `actions/cache`, the cache cannot be overwritten. In our case, we need to accumulate cached wheels from different architectures. To solve this, we simply delete the key before storing the cache again.
271 lines
7.6 KiB
YAML
271 lines
7.6 KiB
YAML
---
|
|
name: Container
|
|
|
|
# yamllint disable-line rule:truthy
|
|
on:
|
|
workflow_dispatch:
|
|
workflow_run:
|
|
workflows:
|
|
- Integration
|
|
types:
|
|
- completed
|
|
branches:
|
|
- master
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}
|
|
cancel-in-progress: false
|
|
|
|
permissions:
|
|
contents: read
|
|
# Organization GHCR
|
|
packages: read
|
|
|
|
env:
|
|
PYTHON_VERSION: "3.13"
|
|
|
|
jobs:
|
|
build-base:
|
|
if: |
|
|
(github.repository_owner == 'searxng' && github.event.workflow_run.conclusion == 'success')
|
|
|| github.event_name == 'workflow_dispatch'
|
|
name: Build base
|
|
runs-on: ubuntu-24.04
|
|
permissions:
|
|
# Organization GHCR
|
|
packages: write
|
|
|
|
steps:
|
|
- if: github.repository_owner == 'searxng'
|
|
name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: "false"
|
|
|
|
- if: github.repository_owner == 'searxng'
|
|
name: Get date
|
|
id: date
|
|
run: echo "date=$(date +'%Y%m%d')" >>$GITHUB_OUTPUT
|
|
|
|
- if: github.repository_owner == 'searxng'
|
|
name: Check cache apko
|
|
id: cache-apko
|
|
uses: actions/cache/restore@v4
|
|
with:
|
|
# yamllint disable-line rule:line-length
|
|
key: "apko-${{ steps.date.outputs.date }}-${{ hashFiles('./container/base.yml', './container/base-builder.yml') }}"
|
|
path: "/tmp/.apko/"
|
|
lookup-only: true
|
|
|
|
- if: github.repository_owner == 'searxng' && steps.cache-apko.outputs.cache-hit != 'true'
|
|
name: Setup cache apko
|
|
uses: actions/cache@v4
|
|
with:
|
|
# yamllint disable-line rule:line-length
|
|
key: "apko-${{ steps.date.outputs.date }}-${{ hashFiles('./container/base.yml', './container/base-builder.yml') }}"
|
|
restore-keys: "apko-${{ steps.date.outputs.date }}-"
|
|
path: "/tmp/.apko/"
|
|
|
|
- if: github.repository_owner == 'searxng' && steps.cache-apko.outputs.cache-hit != 'true'
|
|
name: Setup apko
|
|
run: |
|
|
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
|
|
brew install apko
|
|
|
|
- if: github.repository_owner == 'searxng' && steps.cache-apko.outputs.cache-hit != 'true'
|
|
name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "ghcr.io"
|
|
username: "${{ github.repository_owner }}"
|
|
password: "${{ secrets.GITHUB_TOKEN }}"
|
|
|
|
- if: github.repository_owner == 'searxng' && steps.cache-apko.outputs.cache-hit != 'true'
|
|
name: Build
|
|
run: |
|
|
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
|
|
|
|
apko publish ./container/base.yml ghcr.io/${{ github.repository_owner }}/base:searxng \
|
|
--cache-dir=/tmp/.apko/ \
|
|
--sbom=false \
|
|
--vcs=false \
|
|
--log-level=debug
|
|
|
|
apko publish ./container/base-builder.yml ghcr.io/${{ github.repository_owner }}/base:searxng-builder \
|
|
--cache-dir=/tmp/.apko/ \
|
|
--sbom=false \
|
|
--vcs=false \
|
|
--log-level=debug
|
|
|
|
build:
|
|
if: github.repository_owner == 'searxng' || github.event_name == 'workflow_dispatch'
|
|
name: Build (${{ matrix.arch }})
|
|
runs-on: ${{ matrix.os }}
|
|
needs: build-base
|
|
strategy:
|
|
fail-fast: false
|
|
# Faster runners first to cache arch independent wheels
|
|
max-parallel: 1
|
|
matrix:
|
|
include:
|
|
- arch: amd64
|
|
os: ubuntu-24.04
|
|
emulation: false
|
|
- arch: arm64
|
|
os: ubuntu-24.04-arm
|
|
emulation: false
|
|
- arch: armv7
|
|
os: ubuntu-24.04-arm
|
|
emulation: true
|
|
|
|
permissions:
|
|
# Organization GHCR
|
|
packages: write
|
|
# Clean key cache step
|
|
actions: write
|
|
|
|
outputs:
|
|
docker_tag: ${{ steps.build.outputs.docker_tag }}
|
|
git_url: ${{ steps.build.outputs.git_url }}
|
|
|
|
steps:
|
|
- name: Setup Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: "${{ env.PYTHON_VERSION }}"
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: "false"
|
|
|
|
- name: Setup cache Python
|
|
uses: actions/cache@v4
|
|
with:
|
|
key: "python-${{ env.PYTHON_VERSION }}-${{ runner.arch }}-${{ hashFiles('./requirements*.txt') }}"
|
|
restore-keys: "python-${{ env.PYTHON_VERSION }}-${{ runner.arch }}-"
|
|
path: "./local/"
|
|
|
|
- name: Restore cache container mounts
|
|
id: cache-container-mounts
|
|
uses: actions/cache/restore@v4
|
|
with:
|
|
key: "container-mounts-${{ hashFiles('./container/*.dockerfile') }}"
|
|
restore-keys: "container-mounts-"
|
|
path: |
|
|
/var/tmp/buildah-cache/
|
|
/var/tmp/buildah-cache-*/
|
|
|
|
# https://github.com/actions/cache/pull/1308
|
|
- if: steps.cache-container-mounts.outputs.cache-hit == 'true'
|
|
name: Clean key cache container mounts
|
|
continue-on-error: true
|
|
env:
|
|
GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
|
run: gh cache delete container-mounts-${{ hashFiles('./container/*.dockerfile') }}
|
|
|
|
- if: ${{ matrix.emulation }}
|
|
name: Setup QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "ghcr.io"
|
|
username: "${{ github.repository_owner }}"
|
|
password: "${{ secrets.GITHUB_TOKEN }}"
|
|
|
|
- name: Build
|
|
id: build
|
|
env:
|
|
OVERRIDE_ARCH: "${{ matrix.arch }}"
|
|
run: make podman.build
|
|
|
|
- if: always()
|
|
name: Save cache container mounts
|
|
uses: actions/cache/save@v4
|
|
with:
|
|
key: "container-mounts-${{ hashFiles('./container/*.dockerfile') }}"
|
|
path: |
|
|
/var/tmp/buildah-cache/
|
|
/var/tmp/buildah-cache-*/
|
|
|
|
test:
|
|
name: Test (${{ matrix.arch }})
|
|
runs-on: ${{ matrix.os }}
|
|
needs: build
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- arch: amd64
|
|
os: ubuntu-24.04
|
|
emulation: false
|
|
- arch: arm64
|
|
os: ubuntu-24.04-arm
|
|
emulation: false
|
|
- arch: armv7
|
|
os: ubuntu-24.04-arm
|
|
emulation: true
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: "false"
|
|
|
|
- if: ${{ matrix.emulation }}
|
|
name: Setup QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "ghcr.io"
|
|
username: "${{ github.repository_owner }}"
|
|
password: "${{ secrets.GITHUB_TOKEN }}"
|
|
|
|
- name: Test
|
|
env:
|
|
OVERRIDE_ARCH: "${{ matrix.arch }}"
|
|
GIT_URL: "${{ needs.build.outputs.git_url }}"
|
|
run: make container.test
|
|
|
|
release:
|
|
if: github.repository_owner == 'searxng' && github.ref_name == 'master'
|
|
name: Release
|
|
runs-on: ubuntu-24.04-arm
|
|
needs:
|
|
- build
|
|
- test
|
|
|
|
permissions:
|
|
# Organization GHCR
|
|
packages: write
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: "false"
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "ghcr.io"
|
|
username: "${{ github.repository_owner }}"
|
|
password: "${{ secrets.GITHUB_TOKEN }}"
|
|
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "docker.io"
|
|
username: "${{ secrets.DOCKERHUB_USERNAME }}"
|
|
password: "${{ secrets.DOCKERHUB_TOKEN }}"
|
|
|
|
- name: Release
|
|
env:
|
|
GIT_URL: "${{ needs.build.outputs.git_url }}"
|
|
DOCKER_TAG: "${{ needs.build.outputs.docker_tag }}"
|
|
run: make container.push
|