name: build from source on: push: branches: - master - dev paths: - .github/workflows/build.yaml - build/* pull_request: paths: - .github/workflows/build.yaml - build/* env: DOCKER_REPO: shenxn/protonmail-bridge DOCKER_REPO_DEV: ghcr.io/shenxn/protonmail-bridge-dev PLATFORMS: linux/amd64,linux/arm64/v8,linux/arm/v7,linux/riscv64 jobs: build-binary: runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v3 with: path: main - name: Set version id: version run: echo "version=`cat main/build/VERSION`" >> $GITHUB_OUTPUT - name: Checkout proton bridge repo uses: actions/checkout@v3 with: repository: ProtonMail/proton-bridge ref: v${{ steps.version.outputs.version }} path: proton-bridge - name: Set up golang uses: actions/setup-go@v3 with: go-version: 1.18 check-latest: true - name: Install dependencies run: sudo apt-get install -y --no-install-recommends build-essential libsecret-1-dev - name: Build binary working-directory: proton-bridge run: make build-nogui # build: # runs-on: ubuntu-latest # services: # registry: # image: registry:2 # ports: # - 5000:5000 # steps: # - name: Checkout # uses: actions/checkout@master # - name: Set version # id: version # run: echo "::set-output name=version::`cat build/VERSION`" # - name: Set repo # id: repo # run: if [[ $GITHUB_REF == "refs/heads/master" ]]; then echo "::set-output name=repo::${DOCKER_REPO}"; else echo "::set-output name=repo::${DOCKER_REPO_DEV}"; fi # - name: Docker meta # id: docker_meta # uses: crazy-max/ghaction-docker-meta@v1 # with: # images: ${{ steps.repo.outputs.repo }} # - name: Set up QEMU # uses: docker/setup-qemu-action@v1 # - name: Set up Docker Buildx # uses: docker/setup-buildx-action@v1 # with: # driver-opts: network=host # - name: Build image without push to registry # uses: docker/build-push-action@v2 # with: # context: ./build # file: ./build/Dockerfile # platforms: ${{ env.PLATFORMS }} # push: true # tags: localhost:5000/protonmail-bridge:latest # - name: Scan image # id: scan # uses: anchore/scan-action@v2 # with: # image: localhost:5000/protonmail-bridge:latest # fail-build: true # severity-cutoff: critical # acs-report-enable: true # - name: Upload Anchore scan SARIF report # uses: github/codeql-action/upload-sarif@v1 # with: # sarif_file: ${{ steps.scan.outputs.sarif }} # - name: Login to DockerHub # uses: docker/login-action@v1 # if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/master' }} # with: # username: ${{ secrets.REGISTRY_USERNAME }} # password: ${{ secrets.REGISTRY_PASSWORD }} # - name: Login to GitHub Container Registry # uses: docker/login-action@v1 # if: ${{ github.event_name != 'pull_request' && github.ref == 'refs/heads/dev' }} # with: # registry: ghcr.io # username: ${{ github.repository_owner }} # password: ${{ secrets.CR_PAT }} # - name: Push image # uses: docker/build-push-action@v2 # with: # context: ./build # file: ./build/Dockerfile # platforms: ${{ env.PLATFORMS }} # tags: | # ${{ steps.repo.outputs.repo }}:build # ${{ steps.repo.outputs.repo }}:${{ steps.version.outputs.version }}-build # labels: ${{ steps.docker_meta.outputs.labels }} # push: ${{ github.event_name != 'pull_request' }}