diff --git a/.github/workflows/push.yaml b/.github/workflows/master.yaml similarity index 57% rename from .github/workflows/push.yaml rename to .github/workflows/master.yaml index f1c188f..b12ec06 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/master.yaml @@ -4,9 +4,13 @@ on: push: branches: - master + pull_request: + branches: + - master env: - IMAGE_NAME: notifier + DOCKER_REPO: ww24/calendar-notifier + IMAGE_NAME: calendar-notifier IMAGE_TAG: latest jobs: @@ -15,16 +19,22 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 + - uses: actions/cache@v2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-go- - uses: actions/setup-go@v1 with: - go-version: "1.13" + go-version: "1.14" - name: setup env run: | echo "::set-env name=GOPATH::$(go env GOPATH)" echo "::add-path::$(go env GOPATH)/bin" shell: bash - name: Install go tools - run: cat tools.go | grep _ | awk -F '"' '{print $2}' | xargs -tI {} go install {} + run: cat tools.go | awk -F'"' '/_/ {print $2}' | xargs -tI {} go install {} - name: go generate run: go generate ./... - name: Check uncommitted changes @@ -39,9 +49,8 @@ jobs: - run: go vet ./... - run: go test -v -race ./... - docker: - needs: test - name: Build and push docker image + docker_build_test: + name: Build docker image runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 @@ -67,7 +76,35 @@ jobs: run: | trivy -q --severity HIGH,CRITICAL --exit-code 1 \ "docker.pkg.github.com/${GITHUB_REPOSITORY}/${IMAGE_NAME}:${IMAGE_TAG}" - - name: Push docker image + + docker_push: + if: ${{ github.event_name == 'push' }} + needs: [test, docker_build_test] + name: Build and push docker image + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + - name: Docker login + env: + DOCKER_USER: ${{ secrets.DOCKER_USER }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + run: echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USER}" --password-stdin + - name: Build docker image and push (DockerHub) + run: | + docker buildx build \ + --cache-from "type=local,src=/tmp/.buildx-cache" \ + --cache-to "type=local,dest=/tmp/.buildx-cache" \ + --platform linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 \ + --output "type=image,push=true" \ + -t "${DOCKER_REPO}":${IMAGE_TAG} . + - name: Build docker image and push (GitHub) run: | + docker build -t "docker.pkg.github.com/${GITHUB_REPOSITORY}/${IMAGE_NAME}:${IMAGE_TAG}" . echo "${{ secrets.GITHUB_TOKEN }}" | docker login -u owner --password-stdin docker.pkg.github.com docker push "docker.pkg.github.com/${GITHUB_REPOSITORY}/${IMAGE_NAME}:${IMAGE_TAG}" diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml deleted file mode 100644 index fdcfc1c..0000000 --- a/.github/workflows/pr.yaml +++ /dev/null @@ -1,65 +0,0 @@ -name: Test for PR - -on: pull_request - -env: - IMAGE_NAME: notifier - IMAGE_TAG: latest - -jobs: - test: - name: Test - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - uses: actions/setup-go@v1 - with: - go-version: "1.13" - - name: setup env - run: | - echo "::set-env name=GOPATH::$(go env GOPATH)" - echo "::add-path::$(go env GOPATH)/bin" - shell: bash - - name: Install go tools - run: cat tools.go | grep _ | awk -F '"' '{print $2}' | xargs -tI {} go install {} - - name: go generate - run: go generate ./... - - name: Check uncommitted changes - run: | - if [ -n "$(git status --porcelain)" ]; then - echo "uncommitted changes" - git status - exit 1 - fi - - name: go lint - run: go list ./... | xargs golint -set_exit_status - - run: go vet ./... - - run: go test -v -race ./... - - docker: - name: Build docker image - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - name: Shellcheck - env: - SHELLCHECK_OPTS: -e SC2187 - run: find . -name "*.sh" | xargs shellcheck - - name: Lint - run: | - docker run -v $(pwd):/working --rm hadolint/hadolint \ - hadolint /working/Dockerfile \ - --ignore DL3018 - - name: Build docker image - run: docker build -t "docker.pkg.github.com/${GITHUB_REPOSITORY}/${IMAGE_NAME}:${IMAGE_TAG}" . - - name: Install trivy - run: | - sudo apt-get install --no-install-recommends apt-transport-https gnupg lsb-release - wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - - echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list - sudo apt-get update - sudo apt-get install --no-install-recommends trivy - - name: Vulnerability Scan - run: | - trivy -q --severity HIGH,CRITICAL --exit-code 1 \ - "docker.pkg.github.com/${GITHUB_REPOSITORY}/${IMAGE_NAME}:${IMAGE_TAG}" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 6aa9652..bf5c736 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -6,7 +6,8 @@ on: - v[0-9]+.[0-9]+.[0-9]+ env: - IMAGE_NAME: notifier + DOCKER_REPO: ww24/calendar-notifier + IMAGE_NAME: calendar-notifier jobs: test: @@ -14,16 +15,22 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 + - uses: actions/cache@v2 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-go- - uses: actions/setup-go@v1 with: - go-version: "1.13" + go-version: "1.14" - name: setup env run: | echo "::set-env name=GOPATH::$(go env GOPATH)" echo "::add-path::$(go env GOPATH)/bin" shell: bash - name: Install go tools - run: cat tools.go | grep _ | awk -F '"' '{print $2}' | xargs -tI {} go install {} + run: cat tools.go | awk -F'"' '/_/ {print $2}' | xargs -tI {} go install {} - name: go generate run: go generate ./... - name: Check uncommitted changes @@ -38,19 +45,13 @@ jobs: - run: go vet ./... - run: go test -v -race ./... - docker: - needs: test - name: Build and push docker image + docker_build_test: + name: Build docker image runs-on: ubuntu-latest + env: + IMAGE_TAG: latest steps: - uses: actions/checkout@v1 - - name: Set image tag - run: | - tag=$(echo "${GITHUB_REF}" | sed "s/^refs\/tags\/v//") - if [ -z "$tag" ]; then - exit 1 - fi - echo "::set-env name=IMAGE_TAG::$tag" - name: Shellcheck env: SHELLCHECK_OPTS: -e SC2187 @@ -73,7 +74,41 @@ jobs: run: | trivy -q --severity HIGH,CRITICAL --exit-code 1 \ "docker.pkg.github.com/${GITHUB_REPOSITORY}/${IMAGE_NAME}:${IMAGE_TAG}" - - name: Push docker image + + docker_push: + needs: [test, docker_build_test] + name: Build and push docker image + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + - name: Set image tag + run: | + tag=$(echo "${GITHUB_REF}" | sed "s/^refs\/tags\/v//") + if [ -z "$tag" ]; then + exit 1 + fi + echo "::set-env name=IMAGE_TAG::$tag" + - name: Docker login + env: + DOCKER_USER: ${{ secrets.DOCKER_USER }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + run: echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USER}" --password-stdin + - name: Build docker image and push (DockerHub) + run: | + docker buildx build \ + --cache-from "type=local,src=/tmp/.buildx-cache" \ + --cache-to "type=local,dest=/tmp/.buildx-cache" \ + --platform linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 \ + --output "type=image,push=true" \ + -t "${DOCKER_REPO}":${IMAGE_TAG} . + - name: Push docker image (GitHub) run: | + docker build -t "docker.pkg.github.com/${GITHUB_REPOSITORY}/${IMAGE_NAME}:${IMAGE_TAG}" . echo "${{ secrets.GITHUB_TOKEN }}" | docker login -u owner --password-stdin docker.pkg.github.com docker push "docker.pkg.github.com/${GITHUB_REPOSITORY}/${IMAGE_NAME}:${IMAGE_TAG}" diff --git a/README.md b/README.md index d3b9a95..c3b6428 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,11 @@ calendar-notifier === -![](https://github.com/ww24/calendar-notifier/workflows/Test%20on%20master/badge.svg) +![Test on master][github-actions-img] -Calendar Notifier is Google Calendar event handler and actions. +Calendar Notifier provides event handler and actions triggered by Google Calendar. + +[![dockeri.co][dockeri-img]][dockeri-url] ## Features @@ -86,3 +88,7 @@ roles/pubsub.publisher #### References - https://cloud.google.com/pubsub/docs/access-control + +[github-actions-img]: https://github.com/ww24/calendar-notifier/workflows/Test%20on%20master/badge.svg?branch=master +[dockeri-img]: https://dockeri.co/image/ww24/calendar-notifier +[dockeri-url]: https://hub.docker.com/r/ww24/calendar-notifier