dash/.github/workflows/release_docker_hub.yml

name: Release to Docker Hub

on:
  release:
    types: [published]

jobs:
  release:
    name: Release to Docker Hub
    runs-on: ubuntu-22.04
    steps:
    - name: Checkout
      uses: actions/checkout@v3

    - name: Set up QEMU
      uses: docker/setup-qemu-action@v2

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v2

    - name: Login to DockerHub
      uses: docker/login-action@v2
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_TOKEN }}

    - name: Set raw tag
      id: get_tag
      run: |
        TAG=${{ github.event.release.tag_name }}
        echo "build_tag=${TAG#v}" >> $GITHUB_OUTPUT

    - name: Set suffix
      uses: actions/github-script@v6
      id: suffix
      with:
        result-encoding: string
        script: |
          const fullTag = '${{ github.event.release.tag_name }}';
          if (fullTag.includes('-')) {
            const [, fullSuffix] = fullTag.split('-');
            const [suffix] = fullSuffix.split('.');
            return `-${suffix}`;
          } else {
            return '';
          }

    - name: Set Docker tags and labels
      id: docker_meta
      uses: docker/metadata-action@v4
      with:
        images: dashpay/dashd
        tags: |
          type=match,pattern=v(\d+),group=1
          type=match,pattern=v(\d+.\d+),group=1
          type=match,pattern=v(\d+.\d+.\d+),group=1
          type=match,pattern=v(.*),group=1,suffix=
        flavor: |
          suffix=${{ steps.suffix.outputs.result }},onlatest=true

    - name: Build and push
      id: docker_build
      uses: docker/build-push-action@v3
      with:
        context: ./contrib/containers/deploy
        file: ./contrib/containers/deploy/Dockerfile.GitHubActions.Release
        push: true
        provenance: mode=max
        sbom: true
        tags: ${{ steps.docker_meta.outputs.tags }}
        labels: ${{ steps.docker_meta.outputs.labels }}
        build-args: |
          TAG=${{ steps.get_tag.outputs.build_tag }}
          GITHUB_REPOSITORY=${{ github.repository }}
        cache-from: type=gha
        cache-to: type=gha,mode=max
        platforms: linux/amd64,linux/arm64

    - name: Image digest
      run: echo ${{ steps.docker_build.outputs.digest }}
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`name: Release to Docker Hub`

			`on:`
			`release:`
			`types: [published]`

			`jobs:`
			`release:`
			`name: Release to Docker Hub`
ci: fix docker tags meta action (#5054) * ci: fix docker tags meta action * chore: revert to dashpay namespace 2022-10-20 10:16:43 +02:00			`runs-on: ubuntu-22.04`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`steps:`
			`- name: Checkout`
ci: bump `actions/checkout` and `actions/cache` to v3 (#5519) ## Issue being fixed or feature implemented Should fix warnings like > The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2, actions/cache@v2. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/ https://github.com/dashpay/dash/actions/runs/5705358251?pr=5448 https://github.com/dashpay/dash/actions/runs/5705358315?pr=5448 https://github.com/dashpay/dash/actions/runs/5705358316?pr=5448 https://github.com/dashpay/dash/actions/runs/5715249078?pr=5448 ## What was done? ## How Has This Been Tested? ## Breaking Changes ## Checklist: - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone 2023-08-01 19:17:40 +02:00			`uses: actions/checkout@v3`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00
			`- name: Set up QEMU`
ci: fix docker tags meta action (#5054) * ci: fix docker tags meta action * chore: revert to dashpay namespace 2022-10-20 10:16:43 +02:00			`uses: docker/setup-qemu-action@v2`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00
			`- name: Set up Docker Buildx`
ci: fix docker tags meta action (#5054) * ci: fix docker tags meta action * chore: revert to dashpay namespace 2022-10-20 10:16:43 +02:00			`uses: docker/setup-buildx-action@v2`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00
			`- name: Login to DockerHub`
ci: fix docker tags meta action (#5054) * ci: fix docker tags meta action * chore: revert to dashpay namespace 2022-10-20 10:16:43 +02:00			`uses: docker/login-action@v2`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`with:`
			`username: ${{ secrets.DOCKERHUB_USERNAME }}`
			`password: ${{ secrets.DOCKERHUB_TOKEN }}`

ci: fix docker tags meta action (#5054) * ci: fix docker tags meta action * chore: revert to dashpay namespace 2022-10-20 10:16:43 +02:00			`- name: Set raw tag`
			`id: get_tag`
			`run: \|`
			`TAG=${{ github.event.release.tag_name }}`
			`echo "build_tag=${TAG#v}" >> $GITHUB_OUTPUT`

			`- name: Set suffix`
			`uses: actions/github-script@v6`
			`id: suffix`
			`with:`
			`result-encoding: string`
			`script: \|`
			`const fullTag = '${{ github.event.release.tag_name }}';`
			`if (fullTag.includes('-')) {`
			`const [, fullSuffix] = fullTag.split('-');`
			`const [suffix] = fullSuffix.split('.');`
			return `-${suffix}`;
			`} else {`
			`return '';`
			`}`

			`- name: Set Docker tags and labels`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`id: docker_meta`
ci: fix docker tags meta action (#5054) * ci: fix docker tags meta action * chore: revert to dashpay namespace 2022-10-20 10:16:43 +02:00			`uses: docker/metadata-action@v4`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`with:`
			`images: dashpay/dashd`
Update docker tags (#4103) * feat: use github actions * use v2 meta action * adjust indentation * try conditional versions * try to remove flavor * try different order * manual suffix * manual latest * dev suffix on latest * raw latest-dev * typo * workaround latest bug * manual latest * enable build * add space * revert Dockerfile changes * use dashpay target repo 2021-04-17 22:08:45 +02:00			`tags: \|`
ci: fix docker tags meta action (#5054) * ci: fix docker tags meta action * chore: revert to dashpay namespace 2022-10-20 10:16:43 +02:00			`type=match,pattern=v(\d+),group=1`
			`type=match,pattern=v(\d+.\d+),group=1`
			`type=match,pattern=v(\d+.\d+.\d+),group=1`
			`type=match,pattern=v(.*),group=1,suffix=`
Update docker tags (#4103) * feat: use github actions * use v2 meta action * adjust indentation * try conditional versions * try to remove flavor * try different order * manual suffix * manual latest * dev suffix on latest * raw latest-dev * typo * workaround latest bug * manual latest * enable build * add space * revert Dockerfile changes * use dashpay target repo 2021-04-17 22:08:45 +02:00			`flavor: \|`
ci: fix docker tags meta action (#5054) * ci: fix docker tags meta action * chore: revert to dashpay namespace 2022-10-20 10:16:43 +02:00			`suffix=${{ steps.suffix.outputs.result }},onlatest=true`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00
			`- name: Build and push`
			`id: docker_build`
ci: fix docker tags meta action (#5054) * ci: fix docker tags meta action * chore: revert to dashpay namespace 2022-10-20 10:16:43 +02:00			`uses: docker/build-push-action@v3`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`with:`
ci: fix docker context (#4816) 2022-04-28 18:35:50 +02:00			`context: ./contrib/containers/deploy`
ci: build on-demand docker images for testing on devnets (#4667) * ci: build alpha action * ci: use self-hosted runner * ci: build faster * ci: multicore dash build * chore: copy build, dockerize and push * chore: dockerize build * chore: remove unnecessary cachedir and checkout steps * chore: disable qemu * chore: remove buildx steps now included in AMI * chore: move binaries in to place for second stage copy * fix: runner using incorrect build driver * chore: debug builder info * chore: more detailed debug * chore: install qemu and buildx in actions * fix: indentation * fix: remove debug code * feat: multi-arch cross-compiling dockerfile * chore: remove unnecessary docker layers * chore: add debug output * chore: dump context * fix: use event inputs tag for docker_meta * chore: dump context again * fix: context reference syntax * feat: attempt to use gitian builder * chore: ff changes from other branches * chore: disable macOS build * Revert "chore: ff changes from other branches" This reverts commit daece1c50597e603f4f6027bf93240a0771eb5d3. * chore: restore GHA changes to fix incorrect merge * chore: remove duplicate code * chore: bump buildx version to latest * chore: try to build without signing * chore: setup tmate to find build * chore: run tmate on failure * fix: invalid path to binaries on copy * chore: remove unnecessary GPG steps * chore: replace strophy with dashpay * fix: gha cache not providing speedup * Update .github/workflows/release_alpha.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2022-04-04 00:24:06 +02:00			`file: ./contrib/containers/deploy/Dockerfile.GitHubActions.Release`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`push: true`
Merge #6160: feat: add sbom and provenance in release for dockerhub; use jammy; apt remove as possible 9178e8a75f7f8846ef40f8f5af53462269b2d4ac feat: add smob and provenance in release for dockerhub; use jammy; apt remove as possible (pasta) Pull request description: ## Issue being fixed or feature implemented Docker provenance refers to the origin and history of Docker images, including how they were built, modified, and by whom. An SBOM (Software Bill of Materials) is a detailed list of all components in a software application, providing transparency about libraries, dependencies, and versions used, which is crucial for security and compliance. ## What was done? Add SBOM and provenance to docker build; this may allow some level of validation that GitHub actions is actually doing what it says it is. See this for more information https://docs.docker.com/build/ci/github-actions/attestations/ ## How Has This Been Tested? Building with buildx with sbom and provenance flags locally ## Breaking Changes None ## Checklist: _Go over all the following points, and put an `x` in all the boxes that apply._ - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ ACKs for top commit: UdjinM6: utACK 9178e8a75f7f8846ef40f8f5af53462269b2d4ac Tree-SHA512: 6e3f35a0b30f002e2d5d80d6dd18ee554a1c15c62c1d4cbe1185f38977f55a199998515cf5bb9a027670f068f3d56ef33faa062d8c4122a886375d00afe6bf2f 2024-08-01 16:15:50 +02:00			`provenance: mode=max`
			`sbom: true`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`tags: ${{ steps.docker_meta.outputs.tags }}`
			`labels: ${{ steps.docker_meta.outputs.labels }}`
fix: pass `GITHUB_REPOSITORY` into `Dockerfile.GitHubActions.Release` (#5724) ## Issue being fixed or feature implemented Should hopefully fix https://github.com/dashpay/dash-dev-branches/actions/runs/6939402277/job/18876687119 #5716 follow-up ## What was done? `$GITHUB_REPOSITORY` is not available inside docker, pass it inside ## How Has This Been Tested? ## Breaking Changes n/a ## Checklist: - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ 2023-11-24 18:23:10 +01:00			`build-args: \|`
			`TAG=${{ steps.get_tag.outputs.build_tag }}`
fix: use proper GitHub.repository and add an echo for testing (#5757) ## Issue being fixed or feature implemented ## What was done? Add an echo ## How Has This Been Tested? ## Breaking Changes None ## Checklist: _Go over all the following points, and put an `x` in all the boxes that apply._ - [ ] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ 2023-12-06 19:24:12 +01:00			`GITHUB_REPOSITORY=${{ github.repository }}`
ci: build on-demand docker images for testing on devnets (#4667) * ci: build alpha action * ci: use self-hosted runner * ci: build faster * ci: multicore dash build * chore: copy build, dockerize and push * chore: dockerize build * chore: remove unnecessary cachedir and checkout steps * chore: disable qemu * chore: remove buildx steps now included in AMI * chore: move binaries in to place for second stage copy * fix: runner using incorrect build driver * chore: debug builder info * chore: more detailed debug * chore: install qemu and buildx in actions * fix: indentation * fix: remove debug code * feat: multi-arch cross-compiling dockerfile * chore: remove unnecessary docker layers * chore: add debug output * chore: dump context * fix: use event inputs tag for docker_meta * chore: dump context again * fix: context reference syntax * feat: attempt to use gitian builder * chore: ff changes from other branches * chore: disable macOS build * Revert "chore: ff changes from other branches" This reverts commit daece1c50597e603f4f6027bf93240a0771eb5d3. * chore: restore GHA changes to fix incorrect merge * chore: remove duplicate code * chore: bump buildx version to latest * chore: try to build without signing * chore: setup tmate to find build * chore: run tmate on failure * fix: invalid path to binaries on copy * chore: remove unnecessary GPG steps * chore: replace strophy with dashpay * fix: gha cache not providing speedup * Update .github/workflows/release_alpha.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2022-04-04 00:24:06 +02:00			`cache-from: type=gha`
			`cache-to: type=gha,mode=max`
			`platforms: linux/amd64,linux/arm64`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00
			`- name: Image digest`
			`run: echo ${{ steps.docker_build.outputs.digest }}`