torbjorn/my-pal-mcp-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ce2e15e406cb928006f2ce3a63491db03499ad73
my-pal-mcp-server/.github/workflows/auto-version.yml
Sven Lito ce2e15e406 fix: handle fork PR permissions in Docker workflow 
- Only push to registry for internal PRs (same repository)
- Build-only for fork PRs to test Docker compatibility
- Separate comments and summaries for different PR types
- Fixes permission issues with fork contributions
2025-08-12 13:58:46 +07:00

171 lines
6.0 KiB
YAML
Raw Blame History

name: PR Docker Build
on:
pull_request:
types: [opened, synchronize, reopened]
paths:
- '**.py'
- 'requirements*.txt'
- 'pyproject.toml'
- 'Dockerfile'
- 'docker-compose.yml'
- '.dockerignore'
- 'server.py'
- 'config.py'
permissions:
contents: read
packages: write
pull-requests: write
jobs:
docker:
name: Build PR Docker Image
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
if: github.event.pull_request.head.repo.full_name == github.repository
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
tags: |
# PR-specific tag for testing
type=raw,value=pr-${{ github.event.number }}-${{ github.sha }}
type=raw,value=pr-${{ github.event.number }}
- name: Build and push Docker image (internal PRs)
if: github.event.pull_request.head.repo.full_name == github.repository
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build Docker image (fork PRs)
if: github.event.pull_request.head.repo.full_name != github.repository
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
push: false
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Comment on PR with Docker info (internal PRs)
if: github.event.pull_request.head.repo.full_name == github.repository
uses: actions/github-script@v7
with:
script: |
const prNumber = context.payload.pull_request.number;
const sha = context.sha.substring(0, 7);
const repo = context.repo.repo;
const owner = context.repo.owner;
const comment = `🐳 **Docker Image Built Successfully**
This PR has been built and pushed as a Docker image for testing:
**Available Tags:**
- \`ghcr.io/${owner}/${repo}:pr-${prNumber}-${context.sha}\`
- \`ghcr.io/${owner}/${repo}:pr-${prNumber}\` (latest for this PR)
**Test the changes:**
\`\`\`bash
docker pull ghcr.io/${owner}/${repo}:pr-${prNumber}
\`\`\`
**Claude Desktop configuration:**
\`\`\`json
{
"mcpServers": {
"zen-mcp-server": {
"command": "docker",
"args": [
"run", "--rm", "-i",
"-e", "GEMINI_API_KEY",
"ghcr.io/${owner}/${repo}:pr-${prNumber}"
],
"env": {
"GEMINI_API_KEY": "your-api-key-here"
}
}
}
}
\`\`\`
The image will be updated automatically when you push new commits to this PR.`;
github.rest.issues.createComment({
issue_number: prNumber,
owner: owner,
repo: repo,
body: comment
});
- name: Comment on PR with Docker info (fork PRs)
if: github.event.pull_request.head.repo.full_name != github.repository
uses: actions/github-script@v7
with:
script: |
const prNumber = context.payload.pull_request.number;
const sha = context.sha.substring(0, 7);
const comment = `🐳 **Docker Build Complete (Build Only)**
**PR**: #${prNumber} | **Commit**: \`${sha}\`
✅ **Docker build successful** - Multi-platform image built and tested
**Note**: Fork PRs only build (no push) for security. Images will be available once PR is merged.
The Docker build confirms your changes are compatible with the containerized deployment.`;
github.rest.issues.createComment({
issue_number: prNumber,
owner: context.repo.owner,
repo: context.repo.repo,
body: comment
});
- name: Create deployment summary (internal PRs)
if: github.event.pull_request.head.repo.full_name == github.repository
run: |
echo "## 🐳 PR Docker Build Complete" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**PR**: #${{ github.event.number }}" >> $GITHUB_STEP_SUMMARY
echo "**Commit**: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY
echo "**Images built:**" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
echo "${{ steps.meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
- name: Create deployment summary (fork PRs)
if: github.event.pull_request.head.repo.full_name != github.repository
run: |
echo "## 🐳 Docker Build Complete (Build Only)" >> $GITHUB_STEP_SUMMARY
echo "** PR**: #${{ github.event.number }}" >> $GITHUB_STEP_SUMMARY
echo "**Commit**: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY
echo "✅ Multi-platform Docker build successful" >> $GITHUB_STEP_SUMMARY
echo "Note: Fork PRs only build (no push) for security" >> $GITHUB_STEP_SUMMARY
Reference in New Issue View Git Blame Copy Permalink