feat: add sigterm support (#2472) #673
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "[Deployment] Release" | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - beta | |
| - dev | |
| workflow_dispatch: | |
| inputs: | |
| send-notifications: | |
| type: boolean | |
| required: false | |
| default: true | |
| description: Send notifications | |
| permissions: | |
| contents: write # Required to update package.json version | |
| packages: write # Required for pushing to GHCR | |
| env: | |
| SKIP_ENV_VALIDATION: true | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| GHCR_REPO: ghcr.io/${{ github.repository }} | |
| TURBO_TELEMETRY_DISABLED: 1 | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref_name }} | |
| jobs: | |
| release: | |
| name: Create tag and release | |
| runs-on: ubuntu-latest | |
| env: | |
| SKIP_RELEASE: ${{ github.event_name == 'workflow_dispatch' || github.ref_name == 'dev' }} | |
| outputs: | |
| version: ${{ steps.read-semver.outputs.version || steps.version-fallback.outputs.version }} | |
| git_ref: ${{ steps.read-git-ref.outputs.ref || github.ref }} | |
| steps: | |
| - run: echo "Skipping release for workflow_dispatch event" | |
| if: env.SKIP_RELEASE == 'true' | |
| # The below generated version fallback represents a normalized branch name, for example "feature/branch-name" -> "feature-branch-name" | |
| - run: echo "version="$(echo ${{github.ref_name}} | sed 's/[^a-zA-Z0-9\-]/-/g') >> "$GITHUB_OUTPUT" | |
| id: version-fallback | |
| if: env.SKIP_RELEASE == 'true' && github.ref_name != 'main' && github.ref_name != 'beta' | |
| - name: Obtain token | |
| if: env.SKIP_RELEASE == 'false' | |
| id: obtainToken | |
| uses: tibdex/github-app-token@v2 | |
| with: | |
| private_key: ${{ secrets.RENOVATE_MERGE_PRIVATE_KEY }} | |
| app_id: ${{ secrets.RENOVATE_MERGE_APP_ID }} | |
| - uses: actions/checkout@v4 | |
| if: env.SKIP_RELEASE == 'false' | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-node@v4 | |
| if: env.SKIP_RELEASE == 'false' | |
| with: | |
| node-version: 22 | |
| - run: npm i -g pnpm | |
| if: env.SKIP_RELEASE == 'false' | |
| - name: Install dependencies | |
| if: env.SKIP_RELEASE == 'false' | |
| run: | | |
| pnpm install | |
| - name: Run Semantic Release | |
| if: env.SKIP_RELEASE == 'false' | |
| env: | |
| GITHUB_TOKEN: ${{ steps.obtainToken.outputs.token }} | |
| GIT_AUTHOR_NAME: "Releases Homarr" | |
| GIT_AUTHOR_EMAIL: "175486441+homarr-releases[bot]@users.noreply.github.com" | |
| GIT_COMMITTER_NAME: "Releases Homarr" | |
| GIT_COMMITTER_EMAIL: "175486441+homarr-releases[bot]@users.noreply.github.com" | |
| run: | | |
| pnpm release | |
| - name: Read semver output | |
| # We read the last tag either from the created release or from the current branch, this is to rerun the deployment job for the currently released version when it failed | |
| if: env.SKIP_RELEASE == 'false' || github.ref_name == 'main' || github.ref_name == 'beta' | |
| id: read-semver | |
| run: | | |
| git fetch --tags | |
| echo "version=$(git describe --tags --abbrev=0)" >> "$GITHUB_OUTPUT" | |
| - name: Read git ref | |
| if: env.SKIP_RELEASE == 'false' | |
| id: read-git-ref | |
| run: | | |
| echo "ref=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT" | |
| - name: Update dev branch | |
| if: env.SKIP_RELEASE == 'false' | |
| continue-on-error: true # Prevent pipeline from failing when merge fails | |
| env: | |
| GITHUB_TOKEN: ${{ steps.obtainToken.outputs.token }} | |
| run: | | |
| git config user.name "Releases Homarr" | |
| git config user.email "175486441+homarr-releases[bot]@users.noreply.github.com" | |
| git remote set-url origin https://x-access-token:${{ steps.obtainToken.outputs.token }}@github.com/${{ github.repository }}.git | |
| git fetch origin dev | |
| git checkout dev | |
| git pull origin dev | |
| git rebase ${{ github.ref_name }} | |
| git push origin dev | |
| build-amd64: | |
| name: Build docker image for amd64 | |
| needs: release | |
| runs-on: ubuntu-latest | |
| outputs: | |
| digest: ${{ steps.build.outputs.digest }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ needs.release.outputs.git_ref }} | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: "${{ env.GHCR_REPO }}" | |
| - name: Log in to the Container registry | |
| uses: docker/#-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push by digest | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| network: host | |
| platforms: linux/amd64 | |
| labels: ${{ steps.meta.outputs.labels }} | |
| outputs: type=image,"name=${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=true | |
| env: | |
| SKIP_ENV_VALIDATION: true | |
| build-arm64: | |
| name: Build docker image for arm64 | |
| needs: release | |
| runs-on: ubuntu-24.04-arm | |
| outputs: | |
| digest: ${{ steps.build.outputs.digest }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ needs.release.outputs.git_ref }} | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: "${{ env.GHCR_REPO }}" | |
| - name: Log in to the Container registry | |
| uses: docker/#-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push by digest | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| network: host | |
| platforms: linux/arm64 | |
| labels: ${{ steps.meta.outputs.labels }} | |
| outputs: type=image,"name=${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=true | |
| env: | |
| SKIP_ENV_VALIDATION: true | |
| publish: | |
| name: Complete deployment and notify | |
| needs: [release, build-amd64, build-arm64] | |
| runs-on: ubuntu-latest | |
| env: | |
| NEXT_VERSION: ${{ needs.release.outputs.version }} | |
| DEPLOY_LATEST: ${{ github.ref_name == 'main' }} | |
| DEPLOY_BETA: ${{ github.ref_name == 'beta' }} | |
| steps: | |
| - name: Log in to the Container registry | |
| uses: docker/#-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish beta | |
| if: env.DEPLOY_BETA == 'true' | |
| run: | | |
| docker buildx imagetools create -t ${{ env.GHCR_REPO }}:beta \ | |
| ${{ env.GHCR_REPO }}@${{ needs.build-amd64.outputs.digest }} \ | |
| ${{ env.GHCR_REPO }}@${{ needs.build-arm64.outputs.digest }} | |
| - name: Publish latest | |
| if: env.DEPLOY_LATEST == 'true' | |
| run: | | |
| docker buildx imagetools create -t ${{ env.GHCR_REPO }}:latest \ | |
| ${{ env.GHCR_REPO }}@${{ needs.build-amd64.outputs.digest }} \ | |
| ${{ env.GHCR_REPO }}@${{ needs.build-arm64.outputs.digest }} | |
| - name: Publish version | |
| run: | | |
| docker buildx imagetools create -t ${{ env.GHCR_REPO }}:${{ env.NEXT_VERSION }} \ | |
| ${{ env.GHCR_REPO }}@${{ needs.build-amd64.outputs.digest }} \ | |
| ${{ env.GHCR_REPO }}@${{ needs.build-arm64.outputs.digest }} | |
| - name: Discord notification | |
| env: | |
| DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} | |
| uses: Ilshidur/action-discord@master | |
| with: | |
| args: "Successfully deployed images for branch **${{ github.ref_name }}**. Tagged as **${{env.NEXT_VERSION}}**." |