GitHub/flutter-docker-image
1
0
Fork 0
mirror of https://github.com/gmeligio/flutter-docker-image.git synced 2026-05-24 12:30:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
008cce50a120fcf044b4469bd77ade0bff7a6d6e
flutter-docker-image/.github/workflows/release.yml
T
Eligio Mariño 008cce50a1 feat: pin Windows toolchain versions in config/version.json (#456) 
- Extends the manifest-first discipline (already used for
Flutter/Android) to the Windows toolchain. `config/version.json` now
carries `windows.git`, `windows.vsBuildTools.cmakeProject`,
`windows.vsBuildTools.windows11Sdk.build`, and
`windows.vsBuildTools.vcTools`; `config/schema.cue` validates them via
new `#SemverQuad` and `#WindowsToolchain` definitions.

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Co-authored-by: verified-commit[bot] <180343340+verified-commit[bot]@users.noreply.github.com>
2026-05-22 20:07:24 +02:00

282 lines
11 KiB
YAML
Raw Blame History

on:
push:
tags:
- '*'
workflow_dispatch:
# Read-only permissions by default
permissions:
contents: read
env:
FLUTTER_VERSION: ${{ github.ref_name }}
jobs:
release_android:
if: github.event_name == 'push'
permissions:
# Allow to write packages to push the container image to the Github Container Registry
packages: write
runs-on: ubuntu-24.04
env:
IMAGE_REPOSITORY_NAME: flutter-android
ANDROID_BUILD_TOOLS_VERSION: 30.0.3
VERSION_MANIFEST: config/version.json
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Read environment variables from the version manifest
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
env:
GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }}
IMAGE_REPOSITORY_NAME: ${{ env.IMAGE_REPOSITORY_NAME }}
VERSION_MANIFEST: ${{ env.VERSION_MANIFEST }}
with:
script: |
const script = require('./script/setEnvironmentVariables.js')
return await script({ core })
- name: Load image metadata
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
id: metadata
with:
images: |
${{ env.IMAGE_REPOSITORY_PATH }}
ghcr.io/${{ env.IMAGE_REPOSITORY_PATH }}
quay.io/${{ env.IMAGE_REPOSITORY_PATH }}
tags: |
type=raw,value=${{ env.FLUTTER_VERSION }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
with:
buildkitd-flags: --debug
- name: Login to Docker Hub
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Login to Quay.io
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
- name: Build image and push it to registries
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
with:
file: android.Dockerfile
push: true
cache-from: type=gha
cache-to: type=gha,mode=max
labels: ${{ steps.metadata.outputs.labels }}
tags: ${{ steps.metadata.outputs.tags }}
target: android
build-args: |
flutter_version=${{ env.FLUTTER_VERSION }}
fastlane_version=${{ env.FASTLANE_VERSION }}
android_build_tools_version=${{ env.ANDROID_BUILD_TOOLS_VERSION }}
android_platform_versions=${{ env.ANDROID_PLATFORM_VERSIONS }}
android_ndk_version=${{ env.ANDROID_NDK_VERSION }}
cmake_version=${{ env.CMAKE_VERSION }}
release_windows:
permissions:
# Allow to write packages to push the container image to the Github Container Registry
packages: write
runs-on: windows-2025
env:
IMAGE_REPOSITORY_NAME: flutter-windows
VERSION_MANIFEST: config/version.json
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Read environment variables from the version manifest
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
env:
GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }}
IMAGE_REPOSITORY_NAME: ${{ env.IMAGE_REPOSITORY_NAME }}
VERSION_MANIFEST: ${{ env.VERSION_MANIFEST }}
with:
script: |
const script = require('./script/setEnvironmentVariables.js')
return await script({ core })
- name: Load image metadata
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
id: metadata
with:
images: |
${{ env.IMAGE_REPOSITORY_PATH }}
ghcr.io/${{ env.IMAGE_REPOSITORY_PATH }}
quay.io/${{ env.IMAGE_REPOSITORY_PATH }}
tags: |
type=raw,value=${{ env.FLUTTER_VERSION }}
- name: Login to Docker Hub
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Login to Quay.io
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
- name: Build and push image to registries
shell: powershell
env:
METADATA_TAGS: ${{ steps.metadata.outputs.tags }}
METADATA_LABELS: ${{ steps.metadata.outputs.labels }}
run: |
$tags = $env:METADATA_TAGS -split "`r?`n" | ForEach-Object { $_.Trim() } | Where-Object { $_ }
$labels = $env:METADATA_LABELS -split "`r?`n" | ForEach-Object { $_.Trim() } | Where-Object { $_ }
$tagArgs = $tags | ForEach-Object { "--tag=$_" }
$labelArgs = $labels | ForEach-Object { "--label=$_" }
$buildArgs = $tagArgs + $labelArgs + @(
'--build-arg', "flutter_version=${{ env.FLUTTER_VERSION }}",
'--build-arg', "git_version=${{ env.GIT_VERSION }}",
'--build-arg', "vs_cmake_version=${{ env.VS_CMAKE_VERSION }}",
'--build-arg', "vs_win11sdk_build=${{ env.VS_WIN11SDK_BUILD }}",
'--build-arg', "vs_vctools_version=${{ env.VS_VCTOOLS_VERSION }}",
'--target', 'flutter',
'--file', 'windows.Dockerfile',
'.'
)
docker build @buildArgs
if ($LASTEXITCODE -ne 0) { exit $LASTEXITCODE }
foreach ($tag in $tags) {
docker push $tag
if ($LASTEXITCODE -ne 0) { exit $LASTEXITCODE }
}
update_description:
runs-on: ubuntu-24.04
needs: release_android
env:
IMAGE_REPOSITORY_NAME: flutter-android
VERSION_MANIFEST: config/version.json
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Read environment variables from the version manifest
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
env:
GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }}
IMAGE_REPOSITORY_NAME: ${{ env.IMAGE_REPOSITORY_NAME }}
VERSION_MANIFEST: ${{ env.VERSION_MANIFEST }}
with:
script: |
const script = require('./script/setEnvironmentVariables.js')
return await script({ core })
- name: Update Docker Hub description
uses: peter-evans/dockerhub-description@1b9a80c056b620d92cedb9d9b5a223409c68ddfa # v5.0.0
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
repository: ${{ env.IMAGE_REPOSITORY_PATH }}
short-description: ${{ github.event.repository.description }}
readme-filepath: readme.md
record_image:
permissions:
# Allow to write code scanning results to GitHub's code scanning dashboard
security-events: write
runs-on: ubuntu-24.04
needs: release_android
env:
IMAGE_REPOSITORY_NAME: flutter-android
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Login to Docker Hub
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Record image in Docker Scout environment
uses: docker/scout-action@f8c776824083494ab0d56b8105ba2ca85c86e4de # v1.18.2
with:
command: environment, cves
image: registry://${{ github.repository_owner }}/${{ env.IMAGE_REPOSITORY_NAME }}:${{ env.FLUTTER_VERSION }}
environment: prod
only-fixed: true
organization: ${{ secrets.DOCKER_HUB_USERNAME }}
sarif-file: sarif.json
- name: Upload the results to GitHub's code scanning dashboard
uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
with:
sarif_file: sarif.json
create_github_release:
permissions:
# Allow to create releases and upload assets to them
contents: write
runs-on: ubuntu-24.04
needs: release_android
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
# TODO: Fetch only a few commits after using --unreleased in git-cliff
# Fetch all commits to use as input for the changelog generation
fetch-depth: 0
# Fetch all tags to use as input for the changelog generation
fetch-tags: true
- name: Setup git-cliff
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: orhun/git-cliff
tag: v2.10.1
digest: 6abe8a3e112b266dd00abf9089a8052ddf7314f39e1c53e192edf0652abca4eb
- name: Get the tag details
id: get-tag-details
run: |-
# Store the changelog in a temporary directory to not pollute the working directory
mkdir -p "${{ runner.temp }}/git-cliff"
changelog_file="${{ runner.temp }}/git-cliff/changelog.md"
echo "changelog_file=${changelog_file}" >>$GITHUB_OUTPUT
git-cliff -v --latest --strip all --no-exec --github-repo "${{ github.repository }}" --output "$changelog_file"
- name: Create Github release
env:
GH_TOKEN: ${{ github.token }}
run: |-
gh release create "${{ env.FLUTTER_VERSION }}" \
--title="${{ env.FLUTTER_VERSION }}" \
--notes-file="${{ steps.get-tag-details.outputs.changelog_file }}"
Reference in New Issue View Git Blame Copy Permalink