gaschz/trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-20 07:08:55 +02:00
Code Issues Actions 18 Packages Projects Releases Wiki Activity

fix: re-enable rootless images

Browse Source
This commit is contained in:
Quik2007 2025-09-21 23:09:20 +02:00
parent 6f565afd44
commit 43c761328d
1 changed files with 43 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
.github/workflows/main-docker.yml vendored
View File

@ -122,6 +122,26 @@ jobs:
- dockerfile: Dockerfile - dockerfile: Dockerfile
platform: linux/arm/v8 platform: linux/arm/v8
image: ubuntu-24.04-arm image: ubuntu-24.04-arm
- dockerfile: Dockerfile.alpine.rootless
platform: linux/amd64
image: ubuntu-latest
flavor: rootless
- dockerfile: Dockerfile.rootless
platform: linux/amd64
image: ubuntu-latest
flavor: rootless
- dockerfile: Dockerfile.rootless
platform: linux/arm64
image: ubuntu-24.04-arm
flavor: rootless
- dockerfile: Dockerfile.rootless
platform: linux/arm/v7
image: ubuntu-24.04-arm
flavor: rootless
- dockerfile: Dockerfile.rootless
platform: linux/arm/v8
image: ubuntu-24.04-arm
flavor: rootless
runs-on: ${{ matrix.image }} runs-on: ${{ matrix.image }}
needs: needs:
- test_docker - test_docker
@ -260,37 +280,45 @@ jobs:
username: ${{ secrets.DOCKERHUB_USERNAME }} username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }} password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Create manifest list and push - name: Create multi-arch manifest lists
if: startsWith(github.ref, 'refs/tags/') # only on releases
working-directory: /tmp/digests working-directory: /tmp/digests
run: | run: |
# Extract the branch or tag name from the ref
REF_NAME=$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///' | sed 's/refs\/tags\///') REF_NAME=$(echo "${GITHUB_REF}" | sed 's/refs\/heads\///' | sed 's/refs\/tags\///')
# Create and push the manifest list with both the branch/tag name and the commit SHA # Normal images: tag manifest lists with branch/tag name
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ docker buildx imagetools create \
$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-t ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME} \ -t ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME} \
$(printf '${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) $(printf '${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ docker buildx imagetools create \
$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME} \ -t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME} \
$(printf '${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) $(printf '${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
# If the ref is a tag, also tag the image as stable as this is part of a 'release' # Rootless multi-arch manifest
# and only go in the `if` if there is NOT a `-` in the tag's name, due to tagging of `-alpha`, `-beta`, etc... ROOTLESS_IMAGES=$(printf '${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
if [[ "${GITHUB_REF}" == refs/tags/* && ! "${REF_NAME}" =~ - ]]; then docker buildx imagetools create \
# First create stable tags -t ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:rootless \
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ $ROOTLESS_IMAGES
docker buildx imagetools create \
-t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:rootless \
$ROOTLESS_IMAGES
# Only tag stable/latest for normal images
if [[ ! "${REF_NAME}" =~ - ]]; then
docker buildx imagetools create \
-t ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:stable \ -t ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:stable \
$(printf '${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME}
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ docker buildx imagetools create \
-t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:stable \ -t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:stable \
$(printf '${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${REF_NAME}
# Small delay to ensure stable tag is fully propagated
sleep 5 sleep 5
# Now update latest tags
docker buildx imagetools create \ docker buildx imagetools create \
-t ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:latest \ -t ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:latest \
${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:stable ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:stable
@ -298,7 +326,6 @@ jobs:
docker buildx imagetools create \ docker buildx imagetools create \
-t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest \ -t ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest \
${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:stable ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:stable
fi fi
- name: Inspect image - name: Inspect image