name: authentik-on-release on: release: types: [published, created] jobs: # Build build-server: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - name: Set up QEMU uses: docker/setup-qemu-action@v1.2.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Docker Login Registry uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry uses: docker/login-action@v1 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Building Docker Image uses: docker/build-push-action@v2 with: push: ${{ github.event_name == 'release' }} tags: | beryju/authentik:2022.2.1, beryju/authentik:latest, ghcr.io/goauthentik/server:2022.2.1, ghcr.io/goauthentik/server:latest platforms: linux/amd64,linux/arm64 context: . - name: Building Docker Image (stable) if: ${{ github.event_name == 'release' && !contains('2022.2.1', 'rc') }} run: | docker pull beryju/authentik:latest docker tag beryju/authentik:latest beryju/authentik:stable docker push beryju/authentik:stable docker pull ghcr.io/goauthentik/server:latest docker tag ghcr.io/goauthentik/server:latest ghcr.io/goauthentik/server:stable docker push ghcr.io/goauthentik/server:stable build-outpost: runs-on: ubuntu-latest strategy: fail-fast: false matrix: type: - proxy - ldap steps: - uses: actions/checkout@v3 - uses: actions/setup-go@v2 with: go-version: "^1.17" - name: Set up QEMU uses: docker/setup-qemu-action@v1.2.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Docker Login Registry uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry uses: docker/login-action@v1 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Building Docker Image uses: docker/build-push-action@v2 with: push: ${{ github.event_name == 'release' }} tags: | beryju/authentik-${{ matrix.type }}:2022.2.1, beryju/authentik-${{ matrix.type }}:latest, ghcr.io/goauthentik/${{ matrix.type }}:2022.2.1, ghcr.io/goauthentik/${{ matrix.type }}:latest file: ${{ matrix.type }}.Dockerfile platforms: linux/amd64,linux/arm64 - name: Building Docker Image (stable) if: ${{ github.event_name == 'release' && !contains('2022.2.1', 'rc') }} run: | docker pull beryju/authentik-${{ matrix.type }}:latest docker tag beryju/authentik-${{ matrix.type }}:latest beryju/authentik-${{ matrix.type }}:stable docker push beryju/authentik-${{ matrix.type }}:stable docker pull ghcr.io/goauthentik/${{ matrix.type }}:latest docker tag ghcr.io/goauthentik/${{ matrix.type }}:latest ghcr.io/goauthentik/${{ matrix.type }}:stable docker push ghcr.io/goauthentik/${{ matrix.type }}:stable build-outpost-binary: timeout-minutes: 120 runs-on: ubuntu-latest strategy: fail-fast: false matrix: type: - proxy - ldap goos: [linux, darwin] goarch: [amd64, arm64] steps: - uses: actions/checkout@v3 - uses: actions/setup-go@v2 with: go-version: "^1.17" - uses: actions/setup-node@v3.0.0 with: node-version: '16' cache: 'npm' cache-dependency-path: web/package-lock.json - name: Build web run: | cd web npm install npm run build-proxy - name: Build outpost run: | set -x export GOOS=${{ matrix.goos }} export GOARCH=${{ matrix.goarch }} go build -tags=outpost_static_embed -v -o ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} ./cmd/${{ matrix.type }} - name: Upload binaries to release uses: svenstaro/upload-release-action@v2 with: repo_token: ${{ secrets.GITHUB_TOKEN }} file: ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} asset_name: authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} tag: ${{ github.ref }} test-release: needs: - build-server - build-outpost - build-outpost-binary runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - name: Run test suite in final docker images run: | echo "PG_PASS=$(openssl rand -base64 32)" >> .env echo "AUTHENTIK_SECRET_KEY=$(openssl rand -base64 32)" >> .env docker-compose pull -q docker-compose up --no-start docker-compose start postgresql redis docker-compose run -u root server test sentry-release: needs: - build-server - build-outpost - build-outpost-binary runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - name: Get static files from docker image run: | docker pull ghcr.io/goauthentik/server:latest container=$(docker container create ghcr.io/goauthentik/server:latest) docker cp ${container}:web/ . - name: Create a Sentry.io release uses: getsentry/action-release@v1 if: ${{ github.event_name == 'release' }} env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: beryjuorg SENTRY_PROJECT: authentik SENTRY_URL: https://sentry.beryju.org with: version: authentik@2022.2.1 environment: beryjuorg-prod sourcemaps: './web/dist' url_prefix: '~/static/dist'