feat(build): add timezone arg for dockerfile (#581)

sy-records · axisofentropy · web-flow · commit ab2be1479be8 · 2023-12-22T13:59:20.000+08:00
close #528 --------- Signed-off-by: Adam Vollrath <adam.d.vollrath@gmail.com> Co-authored-by: Adam Vollrath <adam.d.vollrath@gmail.com>
diff --git a/.github/workflows/build-binary-for-release.yml b/.github/workflows/build-binary-for-release.yml
@@ -26,6 +26,7 @@ permissions:
 
 jobs:
   build-goreleaser:
+    if: ${{ github.repository_owner == 'apache' }}
     runs-on: ubuntu-latest
 
     steps:
diff --git a/.github/workflows/build-image-for-manual.yml b/.github/workflows/build-image-for-manual.yml
@@ -27,6 +27,7 @@ on:
 
 jobs:
   build:
+    if: ${{ github.repository_owner == 'apache' }}
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
diff --git a/.github/workflows/build-image-for-release.yml b/.github/workflows/build-image-for-release.yml
@@ -29,6 +29,7 @@ on:
 
 jobs:
   build:
+    if: ${{ github.repository_owner == 'apache' }}
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
diff --git a/.github/workflows/build-image-for-test.yml b/.github/workflows/build-image-for-test.yml
@@ -23,6 +23,7 @@ on:
 
 jobs:
   build:
+    if: ${{ github.repository_owner == 'apache' }}
     name: Build and Push
     runs-on: ubuntu-latest
     steps:
diff --git a/.github/workflows/uffizzi-build.yml b/.github/workflows/uffizzi-build.yml
@@ -26,7 +26,7 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       tags: ${{ steps.meta.outputs.tags }}
-    if: ${{ github.event.action != 'closed' }}
+    if: ${{ github.event.action != 'closed' && github.repository_owner == 'apache' }}
     steps:
       - name: Checkout git repo
         uses: actions/checkout@v4
@@ -36,15 +36,15 @@ jobs:
 
       - name: Generate UUID image name
         id: uuid
-        run: echo "UUID_WORKER=$(uuidgen)" >> $GITHUB_ENV
+        run: echo "UUID_WORKER=answer-$(uuidgen --time)" >> $GITHUB_ENV
 
       - name: Docker metadata
         id: meta
         uses: docker/metadata-action@v4
         with:
           images: registry.uffizzi.com/${{ env.UUID_WORKER }}
           tags: |
-            type=raw,value=60d
+            type=raw,value=30d
 
       - name: Build and Push Image to registry.uffizzi.com - Uffizzi's ephemeral Registry
         uses: docker/build-push-action@v3
@@ -98,7 +98,7 @@ jobs:
   delete-preview:
     name: Call for Preview Deletion
     runs-on: ubuntu-latest
-    if: ${{ github.event.action == 'closed' }}
+    if: ${{ github.event.action == 'closed' && github.repository_owner == 'apache' }}
     steps:
       # If this PR is closing, we will not render a compose file nor pass it to the next workflow.
       - name: Serialize PR Event to File
diff --git a/.github/workflows/uffizzi-preview.yml b/.github/workflows/uffizzi-preview.yml
@@ -24,17 +24,18 @@ on:
     types:
       - completed
 
-
 jobs:
   cache-compose-file:
     name: Cache Compose File
     runs-on: ubuntu-latest
     if: ${{ github.event.workflow_run.conclusion == 'success' }}
     outputs:
-      compose-file-cache-key: ${{ env.HASH }}
-      pr-number: ${{ env.PR_NUMBER }}
+      compose-file-cache-key: ${{ steps.hash.outputs.COMPOSE_FILE_HASH }}
+      git-ref: ${{ steps.event.outputs.GIT_REF }}
+      pr-number: ${{ steps.event.outputs.PR_NUMBER }}
+      action: ${{ steps.event.outputs.ACTION }}
     steps:
-      - name: 'Download artifacts'
+      - name: Download artifacts
         # Fetch output (zip archive) from the workflow run that triggered this workflow.
         uses: actions/github-script@v6
         with:
@@ -47,6 +48,9 @@ jobs:
             let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
               return artifact.name == "preview-spec"
             })[0];
+            if (matchArtifact === undefined) {
+              throw TypeError('Build Artifact not found!');
+            }
             let download = await github.rest.actions.downloadArtifact({
                owner: context.repo.owner,
                repo: context.repo.repo,
@@ -56,34 +60,38 @@ jobs:
             let fs = require('fs');
             fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/preview-spec.zip`, Buffer.from(download.data));
 
-      - name: 'Unzip artifact'
-        run: unzip preview-spec.zip
+      - name: 'Accept event from first stage'
+        run: unzip preview-spec.zip event.json
+
       - name: Read Event into ENV
+        id: event
         run: |
-          echo 'EVENT_JSON<<EOF' >> $GITHUB_ENV
-          cat event.json >> $GITHUB_ENV
-          echo 'EOF' >> $GITHUB_ENV
+          echo PR_NUMBER=$(jq '.number | tonumber' < event.json) >> $GITHUB_OUTPUT
+          echo ACTION=$(jq --raw-output '.action | tostring | [scan("\\w+")][0]' < event.json) >> $GITHUB_OUTPUT
+          echo GIT_REF=$(jq --raw-output '.pull_request.head.sha | tostring | [scan("\\w+")][0]' < event.json) >> $GITHUB_OUTPUT
 
       - name: Hash Rendered Compose File
         id: hash
         # If the previous workflow was triggered by a PR close event, we will not have a compose file artifact.
-        if: ${{ fromJSON(env.EVENT_JSON).action != 'closed' }}
-        run: echo "HASH=$(md5sum docker-compose.rendered.yml | awk '{ print $1 }')" >> $GITHUB_ENV
+        if: ${{ steps.event.outputs.ACTION != 'closed' }}
+        run: |
+          unzip preview-spec.zip docker-compose.rendered.yml
+          echo "COMPOSE_FILE_HASH=$(md5sum docker-compose.rendered.yml | awk '{ print $1 }')" >> $GITHUB_OUTPUT
+
       - name: Cache Rendered Compose File
-        if: ${{ fromJSON(env.EVENT_JSON).action != 'closed' }}
+        if: ${{ steps.event.outputs.ACTION != 'closed' }}
         uses: actions/cache@v3
         with:
           path: docker-compose.rendered.yml
-          key: ${{ env.HASH }}
+          key: ${{ steps.hash.outputs.COMPOSE_FILE_HASH }}
 
-      - name: Read PR Number From Event Object
-        id: pr
-        run: echo "PR_NUMBER=${{ fromJSON(env.EVENT_JSON).number }}" >> $GITHUB_ENV
       - name: DEBUG - Print Job Outputs
         if: ${{ runner.debug }}
         run: |
-          echo "PR number: ${{ env.PR_NUMBER }}"
-          echo "Compose file hash: ${{ env.HASH }}"
+          echo "PR number: ${{ steps.event.outputs.PR_NUMBER }}"
+          echo "Git Ref: ${{ steps.event.outputs.GIT_REF }}"
+          echo "Action: ${{ steps.event.outputs.ACTION }}"
+          echo "Compose file hash: ${{ steps.hash.outputs.COMPOSE_FILE_HASH }}"
           cat event.json
 
   deploy-uffizzi-preview:
diff --git a/Dockerfile b/Dockerfile
@@ -47,7 +47,9 @@ RUN mkdir -p /data/uploads && chmod 777 /data/uploads \
 FROM alpine
 LABEL maintainer="linkinstar@apache.org"
 
-ENV TZ "Asia/Shanghai"
+ARG TIMEZONE
+ENV TIMEZONE=${TIMEZONE:-"Asia/Shanghai"}
+
 RUN apk update \
     && apk --no-cache add \
         bash \
@@ -58,7 +60,9 @@ RUN apk update \
         openssh \
         sqlite \
         gnupg \
-    && echo "Asia/Shanghai" > /etc/timezone
+        tzdata \
+    && ln -sf /usr/share/zoneinfo/${TIMEZONE} /etc/localtime \
+    && echo "${TIMEZONE}" > /etc/timezone
 
 COPY --from=golang-builder /usr/bin/answer /usr/bin/answer
 COPY --from=golang-builder /data /data
