External Trigger Main #47834
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: External Trigger Main | |
on: | |
workflow_dispatch: | |
jobs: | |
external-trigger-legacy: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4.1.1 | |
- name: External Trigger | |
if: github.ref == 'refs/heads/legacy' | |
run: | | |
printf "# External trigger for docker-wireguard\n\n" >> $GITHUB_STEP_SUMMARY | |
if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_WIREGUARD_LEGACY }}" ]; then | |
echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY | |
echo "> Github secret \`PAUSE_EXTERNAL_TRIGGER_WIREGUARD_LEGACY\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY | |
exit 0 | |
fi | |
echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY | |
echo "> External trigger running off of legacy branch. To disable this trigger, set a Github secret named \`PAUSE_EXTERNAL_TRIGGER_WIREGUARD_LEGACY\`" >> $GITHUB_STEP_SUMMARY | |
printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY | |
EXT_RELEASE=$(curl -u ${{ secrets.CR_USER }}:${{ secrets.CR_PAT }} -sX GET https://api.github.com/repos/WireGuard/wireguard-tools/tags | jq -r .[0].name) | |
echo "Type is \`custom_version_command\`" >> $GITHUB_STEP_SUMMARY | |
if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then | |
echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY | |
echo "> Can't retrieve external version, exiting" >> $GITHUB_STEP_SUMMARY | |
FAILURE_REASON="Can't retrieve external version for wireguard branch legacy" | |
GHA_TRIGGER_URL="https://github.com/linuxserver/docker-wireguard/actions/runs/${{ github.run_id }}" | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, | |
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
exit 1 | |
fi | |
EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') | |
echo "External version: \`${EXT_RELEASE}\`" >> $GITHUB_STEP_SUMMARY | |
echo "Retrieving last pushed version" >> $GITHUB_STEP_SUMMARY | |
image="linuxserver/wireguard" | |
tag="legacy" | |
token=$(curl -sX GET \ | |
"https://ghcr.io/token?scope=repository%3Alinuxserver%2Fwireguard%3Apull" \ | |
| jq -r '.token') | |
multidigest=$(curl -s \ | |
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | |
--header "Authorization: Bearer ${token}" \ | |
"https://ghcr.io/v2/${image}/manifests/${tag}" \ | |
| jq -r 'first(.manifests[].digest)') | |
digest=$(curl -s \ | |
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | |
--header "Authorization: Bearer ${token}" \ | |
"https://ghcr.io/v2/${image}/manifests/${multidigest}" \ | |
| jq -r '.config.digest') | |
image_info=$(curl -sL \ | |
--header "Authorization: Bearer ${token}" \ | |
"https://ghcr.io/v2/${image}/blobs/${digest}") | |
if [[ $(echo $image_info | jq -r '.container_config') == "null" ]]; then | |
image_info=$(echo $image_info | jq -r '.config') | |
else | |
image_info=$(echo $image_info | jq -r '.container_config') | |
fi | |
IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}') | |
IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}') | |
if [ -z "${IMAGE_VERSION}" ]; then | |
echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY | |
echo "Can't retrieve last pushed version, exiting" >> $GITHUB_STEP_SUMMARY | |
FAILURE_REASON="Can't retrieve last pushed version for wireguard tag legacy" | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, | |
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
exit 1 | |
fi | |
echo "Last pushed version: \`${IMAGE_VERSION}\`" >> $GITHUB_STEP_SUMMARY | |
if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then | |
echo "Version \`${EXT_RELEASE}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY | |
exit 0 | |
elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/legacy/lastBuild/api/json | jq -r '.building') == "true" ]; then | |
echo "New version \`${EXT_RELEASE}\` found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY | |
exit 0 | |
else | |
printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY | |
echo "New version \`${EXT_RELEASE}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY | |
response=$(curl -iX POST \ | |
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/legacy/buildWithParameters?PACKAGE_CHECK=false \ | |
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") | |
echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY | |
echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY | |
sleep 10 | |
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') | |
buildurl="${buildurl%$'\r'}" | |
echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY | |
echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY | |
curl -iX POST \ | |
"${buildurl}submitDescription" \ | |
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ | |
--data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ | |
--data-urlencode "Submit=Submit" | |
echo "**** Notifying Discord ****" | |
TRIGGER_REASON="A version change was detected for wireguard tag legacy. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}" | |
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, | |
"description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}], | |
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | |
fi |