Skip to content
🚀 Release & Docker Build

feat(app): updated to Cap v0.4.82 and refactored redirects #34

Sign in to view logs

feat(app): updated to Cap v0.4.82 and refactored redirects

feat(app): updated to Cap v0.4.82 and refactored redirects #34

Workflow file for this run

.github/workflows/docker-release.yml at 114dbc7
name: 🚀 Release & Docker Build
on:
push:
branches: [main]
paths-ignore:
- '.github/**'
- '*.md'
- 'docs/**'
pull_request:
branches: [main]
paths:
- 'src/**'
- 'docker-compose*.yml'
- '.dockerignore'
workflow_dispatch:
inputs:
force-release:
description: 'force create release'
type: boolean
default: false
permissions:
contents: write
issues: write
pull-requests: write
packages: write
security-events: write
jobs:
# ============================================
# Validation Jobs
# ============================================
validate-compose:
name: 🔍 Validate Docker Compose
uses: bauer-group/automation-templates/.github/workflows/modules-validate-compose.yml@main
with:
runs-on: '["self-hosted", "linux"]'
compose-files: '["docker-compose.coolify.yml", "docker-compose.traefik.yml", "docker-compose.development.yml"]'
env-template: |
{
"STACK_NAME": "cap_ci_test",
"CAP_VERSION": "latest",
"MYSQL_VERSION": "8.4",
"MINIO_VERSION": "latest",
"TIME_ZONE": "UTC",
"PROXY_NETWORK": "EDGEPROXY",
"SERVICE_HOSTNAME": "cap.example.com",
"S3_HOSTNAME": "assets.cap.example.com",
"S3_CONSOLE_HOSTNAME": "assets-console.cap.example.com",
"EXPOSED_APP_PORT": "3000",
"EXPOSED_MYSQL_PORT": "3306",
"EXPOSED_MINIO_API_PORT": "9000",
"EXPOSED_MINIO_CONSOLE_PORT": "9001",
"WEB_URL": "https://cap.example.com",
"NODE_ENV": "production",
"NEXTAUTH_SECRET": "ci-test-secret-32-bytes-long-xxx",
"DATABASE_ENCRYPTION_KEY": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
"DATABASE_PASSWORD": "ci-test-password",
"DATABASE_POOL_SIZE": "20",
"MINIO_ROOT_USER": "admin",
"MINIO_ROOT_PASSWORD": "ci-test-minio-password",
"CAP_AWS_SECRET_KEY": "ci-test-s3-secret-key-40-characters-xx",
"S3_PUBLIC_ENDPOINT": "https://assets.cap.example.com",
"CAP_AWS_BUCKET_URL": "https://assets.cap.example.com/media",
"CAP_VIDEOS_DEFAULT_PUBLIC": "true",
"MEDIA_SERVER_WEBHOOK_SECRET": "ci-test-media-server-secret"
}
validate-scripts:
name: 🔍 Validate Shell Scripts
uses: bauer-group/automation-templates/.github/workflows/modules-validate-shellscript.yml@main
with:
runs-on: '["self-hosted", "linux"]'
scan-directory: '.'
severity: 'error'
# ============================================
# Release Job (only on main branch push)
# ============================================
release:
name: 📦 Create Semantic Release
needs: [validate-compose, validate-scripts]
if: |
(github.event_name == 'push' || github.event_name == 'workflow_dispatch') &&
needs.validate-compose.result == 'success' &&
needs.validate-scripts.result == 'success'
uses: bauer-group/automation-templates/.github/workflows/modules-semantic-release.yml@main
with:
runs-on: '["self-hosted", "linux"]'
target-branch: 'main'
dry-run: false
force-release: ${{ inputs.force-release || false }}
extra-plugins: '@semantic-release/exec'
secrets: inherit
# ============================================
# Docker Build Jobs
# ============================================
docker-build-frontend:
name: "🐳 Build & Push Frontend Image"
needs: release
if: needs.release.outputs.release-created == 'true'
uses: bauer-group/automation-templates/.github/workflows/docker-build.yml@main
with:
runs-on: '["self-hosted", "linux"]'
cache-enabled: false # Self-hosted runners have no access to GitHub Actions cache
deploy-environment: 'production'
publish-to: 'ghcr'
ghcr-image-name: 'bauer-group/CS-ScreenRecorder/frontend'
docker-image-name: 'bauergroup/screen-recorder-frontend'
release-version: ${{ needs.release.outputs.version }}
update-dockerfile-version: true
auto-tags: true
latest-tag: true
dockerfile-path: './src/frontend/Dockerfile'
docker-context: './src/frontend'
platforms: 'linux/amd64'
push: true
security-scan: false
security-fail-on: 'CRITICAL'
generate-sbom: true
sync-dockerhub-readme: true
secrets: inherit
docker-build-mediaserver:
name: "🐳 Build & Push Mediaserver Image"
needs: release
if: needs.release.outputs.release-created == 'true'
uses: bauer-group/automation-templates/.github/workflows/docker-build.yml@main
with:
runs-on: '["self-hosted", "linux"]'
cache-enabled: false
deploy-environment: 'production'
publish-to: 'ghcr'
ghcr-image-name: 'bauer-group/CS-ScreenRecorder/mediaserver'
docker-image-name: 'bauergroup/screen-recorder-mediaserver'
release-version: ${{ needs.release.outputs.version }}
update-dockerfile-version: true
auto-tags: true
latest-tag: true
dockerfile-path: './src/mediaserver/Dockerfile'
docker-context: './src/mediaserver'
platforms: 'linux/amd64'
push: true
security-scan: false
generate-sbom: true
sync-dockerhub-readme: false
secrets: inherit
docker-build-frontend-pr:
name: "🔨 Validate Frontend Build (PR)"
needs: [validate-compose, validate-scripts]
if: |
github.event_name == 'pull_request' &&
needs.validate-compose.result == 'success' &&
needs.validate-scripts.result == 'success'
uses: bauer-group/automation-templates/.github/workflows/docker-build.yml@main
with:
runs-on: '["self-hosted", "linux"]'
cache-enabled: false
publish-to: 'ghcr'
ghcr-image-name: 'bauer-group/cs-screenrecorder/frontend'
auto-tags: true
dockerfile-path: './src/frontend/Dockerfile'
docker-context: './src/frontend'
platforms: 'linux/amd64'
push: false
security-scan: false
security-fail-on: 'CRITICAL'
secrets: inherit
docker-build-mediaserver-pr:
name: "🔨 Validate Mediaserver Build (PR)"
needs: [validate-compose, validate-scripts]
if: |
github.event_name == 'pull_request' &&
needs.validate-compose.result == 'success' &&
needs.validate-scripts.result == 'success'
uses: bauer-group/automation-templates/.github/workflows/docker-build.yml@main
with:
runs-on: '["self-hosted", "linux"]'
cache-enabled: false
publish-to: 'ghcr'
ghcr-image-name: 'bauer-group/cs-screenrecorder/mediaserver'
auto-tags: true
dockerfile-path: './src/mediaserver/Dockerfile'
docker-context: './src/mediaserver'
platforms: 'linux/amd64'
push: false
security-scan: false
security-fail-on: 'CRITICAL'
secrets: inherit