docker.io/jenkins:v2.346 #17491
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Target Sync Image (old) | |
| on: | |
| issues: | |
| types: | |
| - opened | |
| # https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token | |
| permissions: | |
| issues: write | |
| jobs: | |
| sync: | |
| runs-on: ubuntu-latest | |
| if: startsWith(github.event.issue.title, 'SYNC ') | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Check Issue | |
| env: | |
| MESSAGE: "${{ github.event.issue.body }}" | |
| run: | | |
| ORIGIN_IMAGE=$(echo "${MESSAGE}" | grep SYNC | awk '{print $2}' | head -n 1 | sed "s/\r//g") | |
| CORRECT_IMAGE="$(./hack/correct-image.sh "${ORIGIN_IMAGE}")" | |
| if [[ "${CORRECT_IMAGE}" == "" ]]; then | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 '${ORIGIN_IMAGE}' 不是一个镜像" | |
| exit 1 | |
| fi | |
| if [[ "${CORRECT_IMAGE}" != "${ORIGIN_IMAGE}" ]]; then | |
| if ! ./hack/verify-allows.sh ./allows.txt "${CORRECT_IMAGE}"; then | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 '${ORIGIN_IMAGE}' 不存在呢, 也许应该是 '${CORRECT_IMAGE}', 并且不在白名单列表里, 不支持同步和访问<br>可以将其添加到[白名单](https://github.com/${{ github.repository }}/issues/2328)" | |
| else | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 '${ORIGIN_IMAGE}' 不存在呢, 也许应该是 '${CORRECT_IMAGE}'" | |
| fi | |
| exit 1 | |
| fi | |
| if ! ./hack/verify-allows.sh ./allows.txt "${ORIGIN_IMAGE}"; then | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 ${ORIGIN_IMAGE} 不在白名单列表里, 不支持同步和访问<br>可以将其添加到[白名单](https://github.com/${{ github.repository }}/issues/2328)" | |
| exit 1 | |
| fi | |
| - name: Check Image | |
| env: | |
| MESSAGE: "${{ github.event.issue.body }}" | |
| run: | | |
| ORIGIN_IMAGE=$(echo "${MESSAGE}" | grep SYNC | awk '{print $2}' | head -n 1 | sed "s/\r//g") | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 ${ORIGIN_IMAGE} 同步中...<br>[详情请查看](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})" | |
| gh issue edit ${{ github.event.issue.number }} --title "SYNC IMAGE ${ORIGIN_IMAGE}" | |
| - name: Set up crproxy | |
| run: | | |
| wget https://github.com/DaoCloud/crproxy/releases/download/v0.8.0/crproxy_linux_amd64 -O /usr/local/bin/crproxy && chmod +x /usr/local/bin/crproxy | |
| /usr/local/bin/crproxy -a :8000 ${{ secrets.CRPROXY_ARGS }} & | |
| - name: Sync Images | |
| env: | |
| MESSAGE: "${{ github.event.issue.body }}" | |
| run: | | |
| ORIGIN_IMAGE=$(echo "${MESSAGE}" | grep SYNC | awk '{print $2}' | head -n 1 | sed "s/\r//g") | |
| curl --fail -X PUT "http://127.0.0.1:8000/internal/api/image/sync?image=${ORIGIN_IMAGE}" | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 ${ORIGIN_IMAGE} 同步完成<br>请使用 m.daocloud.io/${ORIGIN_IMAGE} 替代源镜像" | |
| gh issue edit ${{ github.event.issue.number }} --add-label "sync image succeeded" -b "IMAGE SYNC" | |
| gh issue close ${{ github.event.issue.number }} --reason "completed" | |
| - name: Fail Sync | |
| if: failure() | |
| env: | |
| MESSAGE: "${{ github.event.issue.body }}" | |
| run: | | |
| ORIGIN_IMAGE=$(echo "${MESSAGE}" | grep SYNC | awk '{print $2}' | head -n 1 | sed "s/\r//g") | |
| gh issue comment ${{ github.event.issue.number }} -b "镜像 ${ORIGIN_IMAGE} 同步失败<br>[详情请查看](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})" | |
| gh issue edit ${{ github.event.issue.number }} --title "FAILED SYNC IMAGE ${ORIGIN_IMAGE}" |