Merge pull request #137 from linuxserver/master-workflows

add trigger workflows

Author: nemchik

.github/workflows/external_trigger.yml

@@ -0,0 +1,70 @@
+name: External Trigger Main
+
+on:
+  workflow_dispatch:
+
+jobs:
+  external-trigger-master:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+
+      - name: External Trigger
+        if: github.ref == 'refs/heads/master'
+        run: |
+          if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_OPENVPN_AS_MASTER }}" ]; then
+            echo "Github secret PAUSE_EXTERNAL_TRIGGER_OPENVPN_AS_MASTER is set; skipping trigger."
+            exit 0
+          fi
+          echo "External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_OPENVPN_AS_MASTER\"."
+          echo "Retrieving external version"
+          EXT_RELEASE=$(curl -sX GET http://as-repository.openvpn.net/as/debian/dists/bionic/main/binary-amd64/Packages.gz | gunzip -c |grep -A 7 -m 1 'Package: openvpn-as' | awk -F ': ' '/Version/{print $2;exit}')
+          if [ -z "${EXT_RELEASE}" ]; then
+            echo "Can't retrieve external version, exiting"
+            FAILURE_REASON="Can't retrieve external version for openvpn-as branch master"
+            curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680,
+              "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}],
+              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
+            exit 1
+          fi
+          echo "External version: ${EXT_RELEASE}"
+          echo "Retrieving last pushed version"
+          image="linuxserver/openvpn-as"
+          tag="latest"
+          token=$(curl -sX GET \
+            "https://ghcr.io/token?scope=repository%3Alinuxserver%2Fopenvpn-as%3Apull" \
+            | jq -r '.token')
+            digest=$(curl -s \
+              --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
+              --header "Authorization: Bearer ${token}" \
+              "https://ghcr.io/v2/${image}/manifests/${tag}" \
+              | jq -r '.config.digest')
+          image_info=$(curl -sL \
+            --header "Authorization: Bearer ${token}" \
+            "https://ghcr.io/v2/${image}/blobs/${digest}" \
+            | jq -r '.container_config')
+          IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}')
+          IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}')
+          if [ -z "${IMAGE_VERSION}" ]; then
+            echo "Can't retrieve last pushed version, exiting"
+            FAILURE_REASON="Can't retrieve last pushed version for openvpn-as tag latest"
+            curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680,
+              "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}],
+              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
+            exit 1
+          fi
+          echo "Last pushed version: ${IMAGE_VERSION}"
+          if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then
+            echo "Version ${EXT_RELEASE} already pushed, exiting"
+            exit 0
+          else
+            echo "New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build"
+            curl -X POST \
+              https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-openvpn-as/job/master/buildWithParameters?PACKAGE_CHECK=false \
+              --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }}
+            echo "Notifying Discord"
+            TRIGGER_REASON="A version change was detected for openvpn-as tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}"
+            curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
+              "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n"}],
+              "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
+          fi

.github/workflows/external_trigger_scheduler.yml

@@ -0,0 +1,41 @@
+name: External Trigger Scheduler
+
+on:
+  schedule:
+    - cron:  '45 * * * *'
+  workflow_dispatch:
+
+jobs:
+  external-trigger-scheduler:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+        with:
+          fetch-depth: '0'
+        
+      - name: External Trigger Scheduler
+        run: |
+          git for-each-ref --format='%(refname:short)' refs/remotes
+          docker pull ghcr.io/linuxserver/yq
+          for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
+          do
+            br=$(echo "$br" | sed 's|origin/||g')
+            echo "Evaluating branch ${br}"
+            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-openvpn-as/${br}/jenkins-vars.yml \
+              | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
+            if [ "$br" == "$ls_branch" ]; then
+              echo "${br} is a live branch, checking workflow."
+              if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-openvpn-as/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then
+                echo "Workflow exists. Triggering external trigger workflow for branch ${br}."
+                curl -iX POST \
+                  -H "Authorization: token ${{ secrets.CR_PAT }}" \
+                  -H "Accept: application/vnd.github.v3+json" \
+                  -d "{\"ref\":\"refs/heads/${br}\"}" \
+                  https://api.github.com/repos/linuxserver/docker-openvpn-as/actions/workflows/external_trigger.yml/dispatches
+              else
+                echo "Workflow doesn't exist; skipping trigger."
+              fi
+            else
+              echo "${br} appears to be a dev branch; skipping trigger."
+            fi
+          done

.github/workflows/package_trigger.yml

@@ -0,0 +1,22 @@
+name: Package Trigger Main
+
+on:
+  workflow_dispatch:
+
+jobs:
+  package-trigger-master:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+
+      - name: Package Trigger
+        if: github.ref == 'refs/heads/master'
+        run: |
+          if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_OPENVPN_AS_MASTER }}" ]; then
+            echo "Github secret PAUSE_PACKAGE_TRIGGER_OPENVPN_AS_MASTER is set; skipping trigger."
+            exit 0
+          fi
+          echo "Package trigger running off of master branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_OPENVPN_AS_MASTER\"."
+          curl -X POST \
+            https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-openvpn-as/job/master/buildWithParameters?PACKAGE_CHECK=true \
+            --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }}

.github/workflows/package_trigger_scheduler.yml

@@ -0,0 +1,42 @@
+name: Package Trigger Scheduler
+
+on:
+  schedule:
+    - cron:  '40 4 * * 4'
+  workflow_dispatch:
+
+jobs:
+  package-trigger-scheduler:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+        with:
+          fetch-depth: '0'
+        
+      - name: Package Trigger Scheduler
+        run: |
+          git for-each-ref --format='%(refname:short)' refs/remotes
+          docker pull ghcr.io/linuxserver/yq
+          for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
+          do
+            br=$(echo "$br" | sed 's|origin/||g')
+            echo "Evaluating branch ${br}"
+            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-openvpn-as/${br}/jenkins-vars.yml \
+              | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
+            if [ "${br}" == "${ls_branch}" ]; then
+              echo "Branch ${br} appears to be live; triggering."
+              if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-openvpn-as/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then
+                echo "Workflow exists. Triggering package trigger workflow for branch ${br}."
+                curl -iX POST \
+                  -H "Authorization: token ${{ secrets.CR_PAT }}" \
+                  -H "Accept: application/vnd.github.v3+json" \
+                  -d "{\"ref\":\"refs/heads/${br}\"}" \
+                  https://api.github.com/repos/linuxserver/docker-openvpn-as/actions/workflows/package_trigger.yml/dispatches
+                sleep 30
+              else
+                echo "Workflow doesn't exist; skipping trigger."
+              fi
+            else
+              echo "${br} appears to be a dev branch; skipping trigger."
+            fi
+          done