Align workflows with htpasswd standard pattern

- Add hadolint, test, and build jobs in dependency chain matching htpasswd - Update build context: ./pkg, file: pkg/Dockerfile - Update image to jcabillot/send with SA_TOKEN_ACTION_PUSH_TAGS - Add continue-on-error on hadolint jobs, setup-buildx in test steps - Add version comments on action SHAs - Use fetch-depth: 0 for tag-related checkouts - Configure git auth URL with SA_TOKEN_ACTION_PUSH_TAGS for tag creation Closes: fix/workflow-standard
2026-06-13 21:36:33 +00:00
parent 6ec8199178
commit 7f3cc66380
4 changed files with 123 additions and 60 deletions
@@ -1,34 +1,49 @@
-name: Main
+name: Main Release

 on:
  push:
    branches: [master]

 jobs:
-  build-and-push:
+  hadolint:
+    runs-on: ubuntu-latest
+    continue-on-error: true
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0
+        with:
+          dockerfile: pkg/Dockerfile
+
+  test:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5
-      - name: Login to Docker Hub
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
+      - run: docker build -f pkg/Dockerfile -t ci-image:${{ github.sha }} ./pkg
+      - run: bash tests/test.sh ci-image:${{ github.sha }}
+
+  build:
+    needs: [test]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+      - uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
+      - run: docker build -f pkg/Dockerfile -t jcabillot/send:${{ github.sha }} ./pkg
+
+  tag:
+    needs: [build]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Docker metadata
-        id: meta
-        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9
-        with:
-          images: jcabillot/send
-          tags: |
-            type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }}
-            type=sha
-      - name: Build and push
-        uses: docker/build-push-action@f9f3042e7f2789586610d6e8b85c8f03e5195baf
-        with:
-          context: .
-          file: pkg/Dockerfile
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+          fetch-depth: 0
+      - name: Configure git auth
+        run: |
+          git remote set-url origin "https://x-access-token:${{ secrets.SA_TOKEN_ACTION_PUSH_TAGS }}@scm.cabillot.eu/web/send.git"
+      - uses: anothrNick/github-tag-action@4ed44965e0db8dab2b466a16da04aec3cc312fd8 # v1.75.0
+        env:
+          GITHUB_TOKEN: ${{ secrets.SA_TOKEN_ACTION_PUSH_TAGS }}
+          DEFAULT_BUMP: patch
+          RELEASE_BRANCHES: master
+          WITH_V: true
+          GIT_API_TAGGING: false