name: CLI Build on: push: branches: [main] paths: - 'cli/**' - '.github/workflows/cli.yml' pull_request: paths: - 'cli/**' - '.github/workflows/cli.yml' release: types: [published] concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true permissions: {} jobs: publish: name: CLI Publish runs-on: ubuntu-latest permissions: contents: read defaults: run: working-directory: ./cli steps: - id: token uses: immich-app/devtools/actions/create-workflow-token@da177fa133657503ddb7503f8ba53dccefec5da1 # create-workflow-token-action-v1.0.0 with: app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }} private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }} - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false token: ${{ steps.token.outputs.token }} - name: Setup pnpm uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 - name: Setup Node uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version-file: './cli/.nvmrc' registry-url: 'https://registry.npmjs.org' cache: 'pnpm' cache-dependency-path: '**/pnpm-lock.yaml' - name: Setup typescript-sdk run: pnpm install && pnpm run build working-directory: ./open-api/typescript-sdk - run: pnpm install --frozen-lockfile - run: pnpm build - run: pnpm publish --no-git-checks if: ${{ github.event_name == 'release' }} env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} docker: name: Docker runs-on: ubuntu-latest permissions: contents: read packages: write needs: publish steps: - id: token uses: immich-app/devtools/actions/create-workflow-token@da177fa133657503ddb7503f8ba53dccefec5da1 # create-workflow-token-action-v1.0.0 with: app-id: ${{ secrets.PUSH_O_MATIC_APP_ID }} private-key: ${{ secrets.PUSH_O_MATIC_APP_KEY }} - name: Checkout uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false token: ${{ steps.token.outputs.token }} - name: Set up QEMU uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - name: Login to GitHub Container Registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 if: ${{ !github.event.pull_request.head.repo.fork }} with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Get package version id: package-version run: | version=$(jq -r '.version' cli/package.json) echo "version=$version" >> "$GITHUB_OUTPUT" - name: Generate docker image tags id: metadata uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0 with: flavor: | latest=false images: | name=ghcr.io/${{ github.repository_owner }}/immich-cli tags: | type=raw,value=${{ steps.package-version.outputs.version }},enable=${{ github.event_name == 'release' }} type=raw,value=latest,enable=${{ github.event_name == 'release' }} - name: Build and push image uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 with: file: cli/Dockerfile platforms: linux/amd64,linux/arm64 push: ${{ github.event_name == 'release' }} cache-from: type=gha cache-to: type=gha,mode=max tags: ${{ steps.metadata.outputs.tags }} labels: ${{ steps.metadata.outputs.labels }}