watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2025-12-06 01:18:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

Updated README and cd.yml.

Browse source
This commit is contained in:
Mike Cao 2025-11-07 12:21:17 -08:00
parent 3e9ca8761e
commit 6ee93f7ac9
2 changed files with 34 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

59
.github/workflows/cd.yml vendored
View file

@ -7,7 +7,7 @@ on:
workflow_dispatch:
inputs:
version:
description: 'Optional image version (e.g. 3.0.0, beta)'
description: 'Optional image version (e.g. 3.0.0, v3.0.0, or 3.0.0-beta.1)'
required: false
default: ''
@ -29,6 +29,13 @@ jobs:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log into GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Log into Docker Hub
if: github.repository == 'umami-software/umami'
uses: docker/login-action@v3
@ -37,27 +44,29 @@ jobs:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Log into GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Normalize manual input if provided
- name: Normalize manual version
id: normalize
# Compute tags for the image
- name: Compute version tags
id: compute
run: |
INPUT="${{ github.event.inputs.version }}"
TAGS=""
if [[ -n "$INPUT" ]]; then
VERSION="${INPUT#v}"
VERSION="${INPUT#v}" # strip leading v
MAJOR=$(echo "$VERSION" | cut -d. -f1)
MINOR=$(echo "$VERSION" | cut -d. -f2)
echo "version_tags=${VERSION},${MAJOR}.${MINOR},${MAJOR},latest" >> $GITHUB_ENV
else
echo "version_tags=" >> $GITHUB_ENV
# prereleases (e.g., 3.0.0-beta) do NOT get 'latest'
if [[ "$VERSION" == *-* ]]; then
TAGS="${VERSION}"
else
TAGS="${VERSION},${MAJOR}.${MINOR},${MAJOR},latest"
fi
fi
echo "tags=$TAGS" >> $GITHUB_OUTPUT
echo "Computed tags: $TAGS"
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
@ -65,34 +74,32 @@ jobs:
images: |
umamisoftware/umami,enable=${{ github.repository == 'umami-software/umami' }}
ghcr.io/${{ github.repository }}
flavor: |
latest=auto
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=raw,value=${{ env.version_tags }},enable=${{ env.version_tags != '' }}
type=semver,pattern={{version}},enable=${{ github.ref_type == 'tag' }}
type=semver,pattern={{major}}.{{minor}},enable=${{ github.ref_type == 'tag' }}
type=semver,pattern={{major}},enable=${{ github.ref_type == 'tag' }}
type=raw,value=${{ steps.compute.outputs.tags }},enable=${{ steps.compute.outputs.tags != '' }}
type=ref,event=branch
type=sha
# Build and push images
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
provenance: false # disable automatic attestations
provenance: false # disable automatic registry attestations
# Generate a local provenance attestation instead of uploading signatures
- name: Generate provenance attestation
# Generate a local provenance attestation (not uploaded)
- name: Generate local provenance attestation
run: |
cosign attest --yes \
--predicate <(echo '{"build":"github-actions","repo":"${{ github.repository }}","run_id":"${{ github.run_id }}"}') \
--type slsaprovenance \
${{ steps.meta.outputs.tags }}