Skip to content

Merge pull request #491 from RousselAaron/security-error-fix #30

Merge pull request #491 from RousselAaron/security-error-fix

Merge pull request #491 from RousselAaron/security-error-fix #30

Workflow file for this run

name: Publish Dev Docker Image
on:
push:
branches:
- master
jobs:
push_dev_to_registry:
name: Push Development Docker image to Docker Hub
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Extract Commit Hash
id: extract_hash
run: echo "::set-output name=hash::$(git rev-parse --short HEAD)"
- name: Get WebCalendar Version
run: echo "WEBCALENDAR_VERSION=$(./bump_version.sh -p)" >> $GITHUB_ENV
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ./docker/Dockerfile-php8
push: true
tags: |
${{ secrets.DOCKER_HUB_USERNAME }}/webcalendar:${{ env.WEBCALENDAR_VERSION }}-${{ steps.extract_hash.outputs.hash }}-php8-apache-dev
${{ secrets.DOCKER_HUB_USERNAME }}/webcalendar:dev-php8-apache
${{ secrets.DOCKER_HUB_USERNAME }}/webcalendar:dev
- name: Cleanup Old Images
env:
DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
DOCKER_HUB_REPO: ${{ secrets.DOCKER_HUB_USERNAME }}/webcalendar
DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
KEEP_LAST_N_IMAGES: 5
run: |
# Get list of tags
RESPONSE=$(curl -s -u $DOCKER_HUB_USERNAME:$DOCKER_HUB_ACCESS_TOKEN -o /tmp/response.json -w "%{http_code}" https://hub.docker.com/v2/repositories/$DOCKER_HUB_REPO/tags/?page_size=100)
# Check HTTP Status Code
if [ "$RESPONSE" -ne 200 ]; then
echo "Failed to fetch tags, HTTP Response code is $RESPONSE"
cat /tmp/response.json
exit 1
fi
# Check for null JSON Response and Extract Tags
TAGS=$(jq -r '.results? | if type=="array" then .[].name else empty end' /tmp/response.json)
# Filter tags with "dev"
DEV_TAGS=$(echo "$TAGS" | grep dev)
# Sort tags and delete all except for the most recent N
COUNTER=0
for TAG in $(echo $DEV_TAGS | tr " " "\n" | sort -V)
do
if [ $COUNTER -ge $KEEP_LAST_N_IMAGES ]
then
echo "The following tag should be deleted: $TAG"
# Commenting out the actual delete since dockerhub does not seem to support delete via curl :-(
# echo "Deleting tag $TAG"
# curl -i -X DELETE -u $DOCKER_HUB_USERNAME:$DOCKER_HUB_PASSWORD https://hub.docker.com/v2/repositories/$DOCKER_HUB_REPO/tags/$TAG/
else
echo "Keeping tag $TAG"
fi
COUNTER=$((COUNTER + 1))
done