RTPProxy CI #1405
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: RTPProxy CI | |
| # Controls when the action will run. | |
| on: | |
| # Triggers the workflow on all push or pull request events | |
| push: | |
| pull_request: | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "0 0 * * 0" | |
| permissions: | |
| contents: write | |
| # Cancels previous runs of this workflow for the same PR | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: ${{ github.event_name == 'pull_request' || startsWith(github.ref_name, 'codex/') || github.ref_name == 'wip' }} | |
| jobs: | |
| LoadJobs_conf: | |
| name: Load Jobs Settings | |
| uses: ./.github/workflows/.jobs_configure.yml | |
| MinBuild: | |
| name: Lean Build | |
| needs: LoadJobs_conf | |
| if: needs.LoadJobs_conf.outputs.do_MinBuild == 'true' | |
| # The type of runner that the job will run on | |
| runs-on: ubuntu-${{ matrix.os }} | |
| env: | |
| COMPILER: ${{ matrix.compiler }} | |
| TAR_CMD: tar_nosuid | |
| GHA_OS: ubuntu-${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [22.04] | |
| compiler: ['gcc-i386-cross', 'clang-i386-cross', 'gcc-mips64-cross', 'gcc-arm32-cross', 'gcc-arm64-cross', 'gcc', 'clang', 'gcc-11', 'gcc-12', 'clang-11', 'clang-12', 'clang-13', 'clang-14', 'clang-15'] | |
| include: | |
| - os: 24.04 | |
| compiler: 'gcc' | |
| - os: 24.04 | |
| compiler: 'clang' | |
| - os: 24.04 | |
| compiler: 'gcc-13' | |
| - os: 24.04 | |
| compiler: 'gcc-14' | |
| - os: 24.04 | |
| compiler: 'clang-16' | |
| - os: 24.04 | |
| compiler: 'clang-17' | |
| - os: 24.04 | |
| compiler: 'clang-18' | |
| - os: 24.04 | |
| compiler: 'clang-19' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: 'recursive' | |
| - name: Start Docker container | |
| if: endsWith(matrix.compiler, '-cross') | |
| run: sh -x scripts/build/start_container.sh | |
| - name: Workaround for tar not being able to access /var/cache/apt/archives | |
| if: endsWith(matrix.compiler, '-cross') == 0 | |
| run: | | |
| sudo cp "$(command -v tar)" "$(command -v tar)"_nosuid | |
| sudo chmod u+s "$(command -v tar)" | |
| - name: Cache apt-get packages | |
| if: endsWith(matrix.compiler, '-cross') == 0 | |
| uses: actions/cache@v4 | |
| with: | |
| path: /var/cache/apt/archives | |
| key: cleanbuild-${{ matrix.os }}-apt-get-${{ github.run_id }} | |
| restore-keys: | | |
| cleanbuild-${{ matrix.os }}-apt-get | |
| cleanbuild-${{ matrix.os }}-${{ matrix.compiler }}-apt-get | |
| - name: Install apt-get updates | |
| run: scripts/ft-apt-get-update.sh | |
| - name: Set up Python | |
| if: endsWith(matrix.compiler, '-cross') == 0 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: 3.9 | |
| - name: install_depends | |
| run: sh -x scripts/build/install_depends.sh | |
| - name: build | |
| run: sh -x ./scripts/do-build.sh cleanbuild | |
| BuildPackages: | |
| name: Build Packages | |
| needs: [LoadJobs_conf, FullBuild] | |
| uses: sippy/cimagic/.github/workflows/BuildDPKGs.yml@v2 | |
| if: always() && needs.LoadJobs_conf.outputs.do_BuildPackages == 'true' && | |
| (needs.LoadJobs_conf.outputs.do_FullBuild != 'true' || needs.FullBuild.result == 'success') | |
| with: | |
| apt_depends: pkg-config libssl-dev libbcg729-dev libgsm1-dev libsndfile1-dev libunwind-dev libsrtp2-dev libsystemd-dev systemd procps | |
| test_dpkgs_script: ./scripts/do-dpkg-test.sh | |
| FullBuild: | |
| name: Full Build | |
| needs: [LoadJobs_conf, MinBuild] | |
| if: always() && needs.LoadJobs_conf.outputs.do_FullBuild == 'true' && | |
| (needs.LoadJobs_conf.outputs.do_MinBuild != 'true' || needs.MinBuild.result == 'success') | |
| # The type of runner that the job will run on | |
| runs-on: ubuntu-${{ matrix.os }} | |
| env: | |
| COMPILER: ${{ matrix.compiler }} | |
| TAR_CMD: tar_nosuid | |
| GHA_OS: ubuntu-${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [22.04] | |
| compiler: ['gcc', 'clang', 'gcc-11', 'gcc-12', 'clang-11', 'clang-12', 'clang-13', 'clang-14', 'clang-15'] | |
| include: | |
| - os: 24.04 | |
| compiler: 'gcc' | |
| - os: 24.04 | |
| compiler: 'clang' | |
| - os: 24.04 | |
| compiler: 'gcc-13' | |
| - os: 24.04 | |
| compiler: 'gcc-14' | |
| - os: 24.04 | |
| compiler: 'clang-16' | |
| - os: 24.04 | |
| compiler: 'clang-17' | |
| - os: 24.04 | |
| compiler: 'clang-18' | |
| - os: 24.04 | |
| compiler: 'clang-19' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: 'recursive' | |
| - name: Start Docker container | |
| if: endsWith(matrix.compiler, '-cross') | |
| run: sh -x scripts/build/start_container.sh | |
| - name: Workaround for tar not being able to access /var/cache/apt/archives | |
| if: endsWith(matrix.compiler, '-cross') == 0 | |
| run: | | |
| sudo cp "$(command -v tar)" "$(command -v tar)"_nosuid | |
| sudo chmod u+s "$(command -v tar)" | |
| - name: Cache apt-get packages | |
| if: endsWith(matrix.compiler, '-cross') == 0 | |
| uses: actions/cache@v4 | |
| with: | |
| path: /var/cache/apt/archives | |
| key: depsbuild-${{ matrix.os }}-apt-get-${{ github.run_id }} | |
| restore-keys: | | |
| depsbuild-${{ matrix.os }}-apt-get | |
| depsbuild-${{ matrix.os }}-${{ matrix.compiler }}-apt-get | |
| - name: Install apt-get updates | |
| run: scripts/ft-apt-get-update.sh | |
| - name: Set up Python | |
| if: endsWith(matrix.compiler, '-cross') == 0 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: 3.9 | |
| - name: install_depends | |
| run: sh -x scripts/build/install_depends.sh | |
| - name: build | |
| run: sh -x ./scripts/do-build.sh depsbuild | |
| FuncTest: | |
| name: Functional Testing | |
| needs: [LoadJobs_conf, FullBuild] | |
| if: always() && needs.LoadJobs_conf.outputs.do_FuncTest == 'true' && | |
| (needs.LoadJobs_conf.outputs.do_FullBuild != 'true' || needs.FullBuild.result == 'success') | |
| # The type of runner that the job will run on | |
| runs-on: ubuntu-${{ matrix.os }} | |
| env: | |
| COMPILER: ${{ matrix.compiler }} | |
| TAR_CMD: tar_nosuid | |
| GHA_OS: ubuntu-${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [22.04] | |
| compiler: ['gcc', 'clang', 'gcc-11', 'gcc-12', 'clang-11', 'clang-12', 'clang-13', 'clang-14', 'clang-15'] | |
| include: | |
| - os: 24.04 | |
| compiler: 'gcc' | |
| - os: 24.04 | |
| compiler: 'clang' | |
| - os: 24.04 | |
| compiler: 'gcc-13' | |
| - os: 24.04 | |
| compiler: 'gcc-14' | |
| - os: 24.04 | |
| compiler: 'clang-16' | |
| - os: 24.04 | |
| compiler: 'clang-17' | |
| - os: 24.04 | |
| compiler: 'clang-18' | |
| - os: 24.04 | |
| compiler: 'clang-19' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: 'recursive' | |
| - name: Workaround for tar not being able to access /var/cache/apt/archives | |
| run: | | |
| sudo cp "$(command -v tar)" "$(command -v tar)"_nosuid | |
| sudo chmod u+s "$(command -v tar)" | |
| - name: Cache apt-get packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: /var/cache/apt/archives | |
| key: functesting-${{ matrix.os }}-apt-get-${{ github.run_id }} | |
| restore-keys: | | |
| functesting-${{ matrix.os }}-apt-get | |
| functesting-${{ matrix.os }}-${{ matrix.compiler }}-apt-get | |
| - name: Install apt-get updates | |
| run: scripts/ft-apt-get-update.sh | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: 3.9 | |
| - name: install_depends | |
| run: sh -x scripts/build/install_depends.sh | |
| - name: before_install | |
| run: sh -x scripts/ft-before_install.sh | |
| - name: build | |
| run: sh -x ./scripts/do-build.sh basic | |
| - name: test | |
| run: sh -x scripts/do-test.sh | |
| Glitching: | |
| name: Glitch Injection | |
| needs: [LoadJobs_conf, FuncTest] | |
| if: always() && needs.LoadJobs_conf.outputs.do_Glitch == 'true' && | |
| (needs.LoadJobs_conf.outputs.do_FuncTest != 'true' || needs.FuncTest.result == 'success') | |
| # The type of runner that the job will run on | |
| runs-on: ubuntu-${{ matrix.os }} | |
| env: | |
| COMPILER: ${{ matrix.compiler }} | |
| TAR_CMD: tar_nosuid | |
| GHA_OS: ubuntu-${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [22.04] | |
| compiler: ['gcc', 'clang', 'gcc-11', 'gcc-12', 'clang-11', 'clang-12', 'clang-13', 'clang-14', 'clang-15'] | |
| include: | |
| - os: 24.04 | |
| compiler: 'gcc' | |
| - os: 24.04 | |
| compiler: 'clang' | |
| - os: 24.04 | |
| compiler: 'gcc-13' | |
| - os: 24.04 | |
| compiler: 'gcc-14' | |
| - os: 24.04 | |
| compiler: 'clang-16' | |
| - os: 24.04 | |
| compiler: 'clang-17' | |
| - os: 24.04 | |
| compiler: 'clang-18' | |
| - os: 24.04 | |
| compiler: 'clang-19' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: 'recursive' | |
| - name: Workaround for tar not being able to access /var/cache/apt/archives | |
| run: | | |
| sudo cp "$(command -v tar)" "$(command -v tar)"_nosuid | |
| sudo chmod u+s "$(command -v tar)" | |
| - name: Cache apt-get packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: /var/cache/apt/archives | |
| key: glitching-${{ matrix.os }}-apt-get-${{ github.run_id }} | |
| restore-keys: | | |
| glitching-${{ matrix.os }}-apt-get | |
| glitching-${{ matrix.os }}-${{ matrix.compiler }}-apt-get | |
| - name: Install apt-get updates | |
| run: scripts/ft-apt-get-update.sh | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: 3.9 | |
| - name: install_depends | |
| run: sh -x scripts/build/install_depends.sh | |
| - name: before_install | |
| run: sh -x scripts/ft-before_install.sh | |
| - name: build | |
| run: sh -x ./scripts/do-build.sh glitching | |
| - name: test | |
| run: sh -x scripts/do-test.sh | |
| Fuzzing: | |
| name: Fuzz with OSS-Fuzz | |
| needs: [LoadJobs_conf, Glitching] | |
| if: always() && needs.LoadJobs_conf.outputs.do_Fuzzing == 'true' && | |
| (needs.LoadJobs_conf.outputs.do_Glitch != 'true' || needs.Glitching.result == 'success') | |
| runs-on: ubuntu-latest | |
| permissions: | |
| security-events: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| sanitizer: [address, undefined, memory, coverage] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: 'recursive' | |
| - name: Build Fuzzers (${{ matrix.sanitizer }}) | |
| id: build | |
| uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master | |
| with: | |
| oss-fuzz-project-name: 'rtpproxy' | |
| dry-run: false | |
| language: c | |
| sanitizer: ${{ matrix.sanitizer }} | |
| - name: Run Fuzzers | |
| uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master | |
| env: | |
| OF_SANITIZER: ${{ matrix.sanitizer }} | |
| with: | |
| oss-fuzz-project-name: 'rtpproxy' | |
| fuzz-seconds: 1200 | |
| dry-run: false | |
| parallel-fuzzing: true | |
| language: c | |
| sanitizer: ${{ matrix.sanitizer }} | |
| output-sarif: true | |
| - name: Upload Crash | |
| uses: actions/upload-artifact@v4 | |
| if: failure() && steps.build.outcome == 'success' | |
| with: | |
| name: ${{ matrix.sanitizer }}-artifacts | |
| path: ./out/artifacts | |
| - name: Upload Sarif | |
| if: always() && steps.build.outcome == 'success' && matrix.sanitizer != 'coverage' | |
| uses: github/codeql-action/upload-sarif@v2 | |
| with: | |
| # Path to SARIF file relative to the root of the repository | |
| sarif_file: cifuzz-sarif/results.sarif | |
| checkout_path: cifuzz-sarif | |
| Docker: | |
| name: Build&Push to DockerHub | |
| needs: [LoadJobs_conf, Fuzzing] | |
| if: always() && needs.LoadJobs_conf.outputs.do_Docker == 'true' && | |
| (needs.LoadJobs_conf.outputs.do_Fuzzing != 'true' || needs.Fuzzing.result == 'success') && | |
| (github.event_name == 'push' || github.event_name == 'pull_request') | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| services: | |
| registry: | |
| image: registry:2 | |
| ports: | |
| - 5000:5000 | |
| env: | |
| CLANG_VER_NEW: 19 | |
| CLANG_VER_OLD: 19 | |
| DOCKER_REPO: sippylabs/rtpproxy | |
| GHCR_REPO: ghcr.io/${{ github.repository_owner }}/rtpproxy | |
| LOCAL_REPO: localhost:5000/sippylabs/rtpproxy | |
| BASE_IMAGE: ${{ matrix.base_image }} | |
| CCACHE_ROOT: ccache | |
| DOCKER_RW: ${{ ( github.repository == 'sippy/rtpproxy' && github.event_name != 'pull_request' ) && 'true' || 'false' }} | |
| CCACHE_BIN_IMAGE: ghcr.io/sobomax/ccache:${{ matrix.ccache_bin_image }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - base_image: 'debian:12-slim' | |
| ccache_bin_image: 'latest-debian-12' | |
| - base_image: 'debian:13-slim' | |
| ccache_bin_image: 'latest-debian-13' | |
| - base_image: 'ubuntu:latest' | |
| ccache_bin_image: 'latest-ubuntu-24.04' | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: 'recursive' | |
| - name: Set up QEMU | |
| id: qemu | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: network=host | |
| - name: Log in to Docker Hub | |
| if: env.DOCKER_RW == 'true' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set dynamic environment | |
| run: | | |
| GIT_BRANCH="${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" | |
| GIT_BRANCH="${GIT_BRANCH#refs/tags/}" | |
| echo "GIT_BRANCH=${GIT_BRANCH}" >> $GITHUB_ENV | |
| OS_TAG="`echo ${BASE_IMAGE} | sed 's|:|_|g'`" | |
| BRANCH_TAG="`echo ${GIT_BRANCH} | sed 's|/|_|g'`" | |
| CCACHE_IMAGE="${{ env.GHCR_REPO }}:${BRANCH_TAG}-${OS_TAG}-cccache" | |
| if ! docker pull ${CCACHE_IMAGE} 2>&1 >/dev/null | |
| then | |
| CCACHE_BIMAGE="scratch" | |
| else | |
| CCACHE_BIMAGE="${CCACHE_IMAGE}" | |
| fi | |
| docker pull ${CCACHE_BIN_IMAGE} | |
| echo "BRANCH_TAG=${BRANCH_TAG}" >> $GITHUB_ENV | |
| echo "CCACHE_IMAGE=${CCACHE_IMAGE}" >> $GITHUB_ENV | |
| echo "CCACHE_BIMAGE=${CCACHE_BIMAGE}" >> $GITHUB_ENV | |
| echo "BUILD_IMAGE=${{ env.LOCAL_REPO }}:latest-${OS_TAG}" >> $GITHUB_ENV | |
| echo "LIBG722_IMAGE=sippylabs/libg722:latest-${OS_TAG}" >> $GITHUB_ENV | |
| PLATFORMS="`docker manifest inspect ${{ env.BASE_IMAGE }} | \ | |
| jq -r '.manifests[] | "\(.platform.os)/\(.platform.architecture)\(if .platform.variant != null then "/\(.platform.variant)" else "" end)"' | \ | |
| grep -v unknown | sort -u | paste -sd ','`" | |
| echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV | |
| echo "OS_TAG=${OS_TAG}" >> $GITHUB_ENV | |
| if [[ "${{ matrix.base_image }}" == debian:12* ]] | |
| then | |
| echo "LIBSSL_APKG=libssl3" >> $GITHUB_ENV | |
| else | |
| echo "LIBSSL_APKG=libssl3t64" >> $GITHUB_ENV | |
| fi | |
| if [ "${{ matrix.base_image }}" = "ubuntu:latest" -a "${{ github.ref_name }}" = "${{ github.event.repository.default_branch }}" ] | |
| then | |
| echo "ADD_LATEST=true" >> "$GITHUB_ENV" | |
| else | |
| echo "ADD_LATEST=false" >> "$GITHUB_ENV" | |
| fi | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta_dkr | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.DOCKER_REPO }} | |
| tags: | | |
| type=schedule,suffix=-${{ env.OS_TAG }} | |
| type=ref,event=branch,suffix=-${{ env.OS_TAG }} | |
| type=ref,event=tag,suffix=-${{ env.OS_TAG }} | |
| type=ref,event=pr,suffix=-${{ env.OS_TAG }} | |
| type=raw,value=latest-${{ env.OS_TAG }},enable={{is_default_branch}} | |
| type=sha,suffix=-${{ env.OS_TAG }} | |
| type=raw,value=latest,enable=${{ env.ADD_LATEST == 'true' }} | |
| - name: Extract metadata (tags, labels) for GHCR | |
| id: meta_ghcr | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.GHCR_REPO }} | |
| tags: | | |
| type=schedule,suffix=-${{ env.OS_TAG }} | |
| type=ref,event=branch,suffix=-${{ env.OS_TAG }} | |
| type=ref,event=tag,suffix=-${{ env.OS_TAG }} | |
| type=ref,event=pr,suffix=-${{ env.OS_TAG }} | |
| type=raw,value=latest-${{ env.OS_TAG }},enable={{is_default_branch}} | |
| type=sha,suffix=-${{ env.OS_TAG }} | |
| type=raw,value=latest,enable=${{ env.ADD_LATEST == 'true' }} | |
| - name: Build Docker image | |
| uses: docker/build-push-action@v6 | |
| env: | |
| CACHE_SPEC: "type=registry,ref=${{ env.GHCR_REPO }}:${{ env.BRANCH_TAG }}-${{ env.OS_TAG }}-buildcache" | |
| DOCKER_BUILD_SUMMARY: false | |
| DOCKER_BUILD_RECORD_UPLOAD: false | |
| with: | |
| context: . | |
| file: ./docker/Dockerfile | |
| build-args: | | |
| CLANG_VER_OLD=${{ env.CLANG_VER_OLD }} | |
| CLANG_VER_NEW=${{ env.CLANG_VER_NEW }} | |
| BASE_IMAGE=${{ env.BASE_IMAGE }} | |
| LIBG722_IMAGE=${{ env.LIBG722_IMAGE }} | |
| CCACHE_IMAGE=${{ env.CCACHE_BIMAGE }} | |
| CCACHE_BIN_IMAGE=${{ env.CCACHE_BIN_IMAGE }} | |
| CCACHE_ROOT=${{ env.CCACHE_ROOT }} | |
| LIBSSL_APKG=${{ env.LIBSSL_APKG }} | |
| tags: ${{ env.BUILD_IMAGE }} | |
| platforms: ${{ env.PLATFORMS }} | |
| push: true | |
| cache-from: ${{ env.CACHE_SPEC }} | |
| cache-to: ${{ env.CACHE_SPEC }},mode=max | |
| - name: Export ccache | |
| if: env.DOCKER_RW == 'true' | |
| uses: docker/build-push-action@v6 | |
| env: | |
| DOCKER_BUILD_SUMMARY: false | |
| DOCKER_BUILD_RECORD_UPLOAD: false | |
| with: | |
| file: ./docker/Dockerfile.export_ccache | |
| build-args: BUILD_IMAGE=${{ env.BUILD_IMAGE }} | |
| tags: ${{ env.CCACHE_IMAGE }} | |
| platforms: ${{ env.PLATFORMS }} | |
| push: true | |
| - name: Push Docker image | |
| if: env.DOCKER_RW == 'true' | |
| uses: docker/build-push-action@v6 | |
| env: | |
| DOCKER_BUILD_SUMMARY: false | |
| DOCKER_BUILD_RECORD_UPLOAD: false | |
| with: | |
| context: . | |
| file: ./docker/Dockerfile.push | |
| build-args: | | |
| BASE_IMAGE=${{ env.BASE_IMAGE }} | |
| BUILD_IMAGE=${{ env.BUILD_IMAGE }} | |
| push: true | |
| tags: | | |
| ${{ steps.meta_dkr.outputs.tags }} | |
| ${{ steps.meta_ghcr.outputs.tags }} | |
| labels: | | |
| ${{ steps.meta_dkr.outputs.labels }} | |
| ${{ steps.meta_ghcr.outputs.labels }} | |
| platforms: ${{ env.PLATFORMS }} | |
| - name: Update DockerHub repo description | |
| if: env.DOCKER_RW == 'true' && github.ref == format('refs/heads/{0}', github.event.repository.default_branch) | |
| env: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| run: sh -x docker/update_description.sh docker/README.md | |
| roll_release: | |
| name: Roll Release | |
| needs: [LoadJobs_conf, Docker, BuildPackages] | |
| permissions: | |
| contents: write | |
| uses: sippy/cimagic/.github/workflows/RollReleaseDraft.yml@v2 | |
| with: | |
| release_files_artifacts: | | |
| ${{ needs.BuildPackages.outputs.dpkgs_artifacts }} |