name: Update Docker Images and Helm Chart on: push: branches: - main schedule: - cron: "0 0 * * 0" # 毎週日曜日 00:00 UTC workflow_dispatch: # 手動実行も可能にする jobs: update: runs-on: ubuntu-latest permissions: contents: write # Git pushに必要な権限を明示的に付与 steps: - name: Checkout repository uses: actions/checkout@v4 with: fetch-depth: 0 # 完全な履歴を取得 token: ${{ secrets.GITEA_TOKEN || github.token }} # トークンを明示的に指定 - name: Set up Git run: | git config user.name "Gitea Actions" git config user.email "actions@git.cafepieters.com" - name: Fetch latest WordPress FPM Alpine version id: wordpress run: | # Docker Hubから最新のWordPress FPM Alpineバージョンを取得(PHPバージョンも最新) echo "Fetching WordPress FPM Alpine versions..." # fpm-alpineタグを取得(全PHPバージョン対象) LATEST_VERSION=$(curl -s "https://hub.docker.com/v2/repositories/library/wordpress/tags?page_size=100&name=fpm-alpine" | \ jq -r '.results[].name' | \ grep -E '^[0-9]+\.[0-9]+(\.[0-9]+)?-php[0-9]+\.[0-9]+-fpm-alpine$' | \ grep -v 'rc' | \ grep -v 'beta' | \ grep -v 'alpha' | \ sort -t- -k1,1V -k2,2V | \ tail -n 1) if [ -z "$LATEST_VERSION" ]; then echo "Failed to fetch from first method, trying alternative..." # 代替方法: すべてのfpm-alpineタグを取得 LATEST_VERSION=$(curl -s "https://hub.docker.com/v2/repositories/library/wordpress/tags?page_size=100" | \ jq -r '.results[].name' | \ grep -E '^[0-9]+\.[0-9]+\.[0-9]+-php[0-9]+\.[0-9]+-fpm-alpine$' | \ grep -v 'rc' | \ grep -v 'beta' | \ grep -v 'alpha' | \ sort -t- -k1,1V -k2,2V | \ tail -n 1) fi if [ -z "$LATEST_VERSION" ]; then echo "ERROR: Failed to fetch WordPress version" exit 1 fi echo "WordPress latest version: $LATEST_VERSION" # バージョン情報を分解して表示 WP_VERSION=$(echo $LATEST_VERSION | cut -d'-' -f1) PHP_VERSION=$(echo $LATEST_VERSION | cut -d'-' -f2) echo " WordPress: $WP_VERSION" echo " PHP: $PHP_VERSION" echo " Base: fpm-alpine" # 共有変数として出力 echo "version=$LATEST_VERSION" >> $GITHUB_OUTPUT echo "version_base=$WP_VERSION" >> $GITHUB_OUTPUT - name: Fetch latest Nginx Alpine Perl version id: nginx run: | # Docker Hubから最新のNginx Alpine Perlバージョンを取得 echo "Fetching Nginx Alpine Perl versions..." LATEST_VERSION=$(curl -s "https://hub.docker.com/v2/repositories/library/nginx/tags?page_size=100&name=alpine-perl" | \ jq -r '.results[].name' | \ grep -E '^[0-9]+\.[0-9]+\.[0-9]+-alpine-perl$' | \ grep -v 'rc' | \ grep -v 'beta' | \ grep -v 'alpha' | \ sort -V | \ tail -n 1) if [ -z "$LATEST_VERSION" ]; then echo "Failed to fetch from first method, trying alternative..." # 代替方法: alpine-perlタグを別の方法で検索 LATEST_VERSION=$(curl -s "https://hub.docker.com/v2/repositories/library/nginx/tags?page_size=100" | \ jq -r '.results[].name' | \ grep 'alpine-perl$' | \ grep -E '^[0-9]+\.[0-9]+\.[0-9]+-alpine-perl$' | \ grep -v 'rc' | \ grep -v 'beta' | \ grep -v 'alpha' | \ sort -V | \ tail -n 1) fi if [ -z "$LATEST_VERSION" ]; then echo "ERROR: Failed to fetch Nginx version" exit 1 fi echo "Nginx latest version: $LATEST_VERSION" # バージョン情報を表示 NGINX_VERSION=$(echo $LATEST_VERSION | cut -d'-' -f1) echo " Nginx: $NGINX_VERSION" echo " Base: alpine-perl" # 共有変数として出力 echo "version=$LATEST_VERSION" >> $GITHUB_OUTPUT echo "version_base=$NGINX_VERSION" >> $GITHUB_OUTPUT - name: Get current versions from values.yaml id: current run: | # 現在のバージョンを取得 CURRENT_WORDPRESS=$(grep -A 3 'wordpress:' values.yaml | grep 'tag:' | awk -F'"' '{print $2}') CURRENT_NGINX=$(grep -A 3 'nginx:' values.yaml | grep 'tag:' | awk -F'"' '{print $2}') echo "current_wordpress=$CURRENT_WORDPRESS" >> $GITHUB_OUTPUT echo "current_nginx=$CURRENT_NGINX" >> $GITHUB_OUTPUT echo "Current WordPress: $CURRENT_WORDPRESS" echo "Current Nginx: $CURRENT_NGINX" - name: Check if update is needed id: check run: | UPDATE_NEEDED=false CHANGES="" if [ "${{ steps.current.outputs.current_wordpress }}" != "${{ steps.wordpress.outputs.version }}" ]; then echo "WordPress update available: ${{ steps.current.outputs.current_wordpress }} -> ${{ steps.wordpress.outputs.version }}" UPDATE_NEEDED=true CHANGES="${CHANGES}- WordPress: ${{ steps.current.outputs.current_wordpress }} -> ${{ steps.wordpress.outputs.version }}\n" else echo "WordPress is up to date: ${{ steps.current.outputs.current_wordpress }}" fi if [ "${{ steps.current.outputs.current_nginx }}" != "${{ steps.nginx.outputs.version }}" ]; then echo "Nginx update available: ${{ steps.current.outputs.current_nginx }} -> ${{ steps.nginx.outputs.version }}" UPDATE_NEEDED=true CHANGES="${CHANGES}- Nginx: ${{ steps.current.outputs.current_nginx }} -> ${{ steps.nginx.outputs.version }}\n" else echo "Nginx is up to date: ${{ steps.current.outputs.current_nginx }}" fi echo "update_needed=$UPDATE_NEEDED" >> $GITHUB_OUTPUT echo -e "changes<> $GITHUB_OUTPUT echo -e "$CHANGES" >> $GITHUB_OUTPUT echo "EOF" >> $GITHUB_OUTPUT - name: Update values.yaml if: steps.check.outputs.update_needed == 'true' id: update_values run: | # バックアップを作成 cp values.yaml values.yaml.bak # 共有変数から最新バージョンを取得 WP_LATEST="${{ steps.wordpress.outputs.version }}" WP_BASE="${{ steps.wordpress.outputs.version_base }}" NGINX_LATEST="${{ steps.nginx.outputs.version }}" # 現在のバージョンを取得(Chart.yaml更新判定用) CURRENT_WP_BASE=$(grep -A 1 'wordpress:' values.yaml | grep 'tag:' | sed 's/.*tag: "\([^-]*\).*/\1/') CURRENT_NGINX=$(grep -A 1 'nginx:' values.yaml | grep 'tag:' | sed 's/.*tag: "\(.*\)".*/\1/') echo "Current versions:" echo " WordPress: $CURRENT_WP_BASE" echo " Nginx: $CURRENT_NGINX" echo "" echo "Latest versions:" echo " WordPress: $WP_BASE ($WP_LATEST)" echo " Nginx: $NGINX_LATEST" # WordPressのtagを更新(より単純で確実な方法) sed -i "s|tag: \"[0-9.]*-php[0-9.]*-fpm-alpine\"|tag: \"$WP_LATEST\"|" values.yaml # Nginxのtagを更新(より単純で確実な方法) sed -i "s|tag: \"[0-9.]*-alpine-perl\"|tag: \"$NGINX_LATEST\"|" values.yaml # 変更内容を表示 echo "" echo "=== Changes in values.yaml ===" diff values.yaml.bak values.yaml || true # 実際に変更されたか確認 if diff -q values.yaml.bak values.yaml > /dev/null 2>&1; then echo "INFO: No changes were made to values.yaml (versions already up to date)" cat values.yaml | grep -A 5 "image:" echo "chart_version_update_needed=false" >> $GITHUB_OUTPUT else echo "Changes detected in values.yaml" # WordPressバージョンが更新されたか判定(Chart.yaml更新の判定用) if [ "$CURRENT_WP_BASE" != "$WP_BASE" ]; then echo "WordPress version changed: $CURRENT_WP_BASE -> $WP_BASE" echo "chart_version_update_needed=true" >> $GITHUB_OUTPUT else echo "INFO: WordPress version unchanged - only other images updated" echo "chart_version_update_needed=false" >> $GITHUB_OUTPUT fi fi echo "" echo "=== Updated values.yaml (image section) ===" grep -A 5 "^image:" values.yaml - name: Increment chart version if: steps.update_values.outputs.chart_version_update_needed == 'true' id: increment run: | # Chart.yamlのバージョンをインクリメント(WordPressバージョン更新時のみ) # WordPressバージョン更新時は新しいWPバージョンをそのまま使用(サフィックスは付けない) if [ -f Chart.yaml ]; then CURRENT_CHART_VERSION=$(grep '^version:' Chart.yaml | awk '{print $2}') CURRENT_APP_VERSION=$(grep '^appVersion:' Chart.yaml | awk '{print $2}' | tr -d '"') # 共有変数から最新のWordPressバージョン(ベース)を取得 NEW_WP_VERSION="${{ steps.wordpress.outputs.version_base }}" # Chart.yamlはWordPressバージョンに合わせて更新(version と appVersion を同じにする) NEW_CHART_VERSION="$NEW_WP_VERSION" sed -i "s/^version: .*/version: $NEW_CHART_VERSION/" Chart.yaml sed -i "s/^appVersion: .*/appVersion: \"$NEW_WP_VERSION\"/" Chart.yaml echo "Chart version updated: $CURRENT_CHART_VERSION -> $NEW_CHART_VERSION" echo "Chart appVersion updated: $CURRENT_APP_VERSION -> $NEW_WP_VERSION" echo "new_chart_version=$NEW_CHART_VERSION" >> $GITHUB_OUTPUT else echo "Chart.yaml not found, skipping version increment" echo "new_chart_version=" >> $GITHUB_OUTPUT fi - name: Commit and push changes if: steps.check.outputs.update_needed == 'true' run: | # values.yamlは常に追加 git add values.yaml # Chart.yamlはWordPressバージョン更新時のみ追加 if [ "${{ steps.update_values.outputs.chart_version_update_needed }}" == "true" ]; then echo "Adding Chart.yaml (WordPress version was updated)" git add Chart.yaml else echo "Skipping Chart.yaml (only other images were updated)" fi git status if git diff --staged --quiet; then echo "No changes to commit" exit 0 fi # コミットメッセージを作成 cat << EOF > /tmp/commit_msg.txt chore: Update Docker images ${{ steps.check.outputs.changes }} Auto-updated by Gitea Actions EOF git commit -F /tmp/commit_msg.txt # プッシュをリトライ機構付きで実行 MAX_RETRIES=3 RETRY_COUNT=0 until git push origin main || [ $RETRY_COUNT -eq $MAX_RETRIES ]; do RETRY_COUNT=$((RETRY_COUNT+1)) echo "Push failed, retrying ($RETRY_COUNT/$MAX_RETRIES)..." sleep 5 git pull --rebase origin main done if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then echo "ERROR: Failed to push after $MAX_RETRIES attempts" exit 1 fi echo "Successfully pushed changes to main branch" - name: Install Helm if: steps.update_values.outputs.chart_version_update_needed == 'true' uses: azure/setup-helm@v3 with: version: 'latest' - name: Create Helm package if: steps.update_values.outputs.chart_version_update_needed == 'true' run: | # packagesディレクトリを作成 mkdir -p ./packages/ # Helmパッケージを作成 helm package . -d ./packages/ # リポジトリインデックスを更新 helm repo index ./packages/ --url https://git.cafepieters.com/helmchart/wordpress/raw/branch/main/packages/ # パッケージファイルをコミット git add ./packages/*.tgz ./packages/index.yaml git commit -m "chore: Add Helm package for version ${{ steps.increment.outputs.new_chart_version }}" || echo "No package changes to commit" # パッケージのプッシュをリトライ機構付きで実行 MAX_RETRIES=3 RETRY_COUNT=0 until git push origin main || [ $RETRY_COUNT -eq $MAX_RETRIES ]; do RETRY_COUNT=$((RETRY_COUNT+1)) echo "Push failed, retrying ($RETRY_COUNT/$MAX_RETRIES)..." sleep 5 git pull --rebase origin main done if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then echo "ERROR: Failed to push Helm packages after $MAX_RETRIES attempts" exit 1 fi echo "Successfully pushed Helm packages" - name: Create release tag if: steps.update_values.outputs.chart_version_update_needed == 'true' run: | # リリースタグを作成(Chart.yaml更新時のみ) TAG_NAME="v${{ steps.increment.outputs.new_chart_version }}" # タグが既に存在するか確認 if git rev-parse "$TAG_NAME" >/dev/null 2>&1; then echo "INFO: Tag $TAG_NAME already exists locally" else # タグメッセージを作成 cat << EOF > /tmp/tag_msg.txt Release $TAG_NAME ${{ steps.check.outputs.changes }} Chart version: ${{ steps.increment.outputs.new_chart_version }} EOF git tag -a "$TAG_NAME" -F /tmp/tag_msg.txt echo "Created tag: $TAG_NAME" fi # タグをプッシュ(リトライ付き) MAX_RETRIES=3 RETRY_COUNT=0 until git push origin "$TAG_NAME" 2>/dev/null || [ $RETRY_COUNT -eq $MAX_RETRIES ]; do RETRY_COUNT=$((RETRY_COUNT+1)) echo "Tag push failed, retrying ($RETRY_COUNT/$MAX_RETRIES)..." sleep 5 done if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then echo "ERROR: Failed to push tag $TAG_NAME after $MAX_RETRIES attempts" exit 1 fi echo "Successfully pushed tag: $TAG_NAME" - name: Summary if: always() run: | echo "=== Workflow Summary ===" echo "Update needed: ${{ steps.check.outputs.update_needed }}" echo "" echo "WordPress:" echo " Current: ${{ steps.current.outputs.current_wordpress }}" echo " Latest: ${{ steps.wordpress.outputs.version }}" echo "" echo "Nginx:" echo " Current: ${{ steps.current.outputs.current_nginx }}" echo " Latest: ${{ steps.nginx.outputs.version }}" if [ "${{ steps.check.outputs.update_needed }}" == "true" ]; then echo "" echo "Chart version update: ${{ steps.update_values.outputs.chart_version_update_needed }}" if [ "${{ steps.update_values.outputs.chart_version_update_needed }}" == "true" ]; then echo "Chart version: ${{ steps.increment.outputs.new_chart_version }}" echo "Tag: v${{ steps.increment.outputs.new_chart_version }}" else echo "INFO: Chart.yaml skipped (WordPress version unchanged)" fi fi