Skip to content

Commit

Permalink
build: Use latest Docker and hydrun CI/CD configurations
Browse files Browse the repository at this point in the history 
Signed-off-by: Felicitas Pojtinger <[email protected]>
  • Loading branch information
@pojntfx
pojntfx committed Jul 11, 2024
1 parent 57af65f commit f83629a
Show file tree
Hide file tree
Showing 2 changed files with 117 additions and 62 deletions.
122 changes: 83 additions & 39 deletions .github/workflows/docker.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Docker CI
name: Docke CI

on:
push:
Expand All @@ -7,68 +7,112 @@ on:
- cron: "0 0 * * 0"

jobs:
build-linux:
runs-on: ubuntu-latest
build-oci-images:
runs-on: ${{ matrix.target.runner }}
permissions:
contents: read
packages: write
id-token: write
strategy:
matrix:
target:
- src: .
- id: weron-linux-amd64
src: .
image: ghcr.io/pojntfx/weron
arch: "linux/amd64,linux/arm/v5,linux/arm/v7,linux/386,linux/s390x" # linux/mips64le,linux/ppc64le
runner: ubuntu-latest
- id: weron-linux-arm64-v8
src: .
image: ghcr.io/pojntfx/weron
arch: "linux/amd64,linux/arm/v5,linux/arm/v7,linux/arm64/v8,linux/386,linux/s390x" # linux/mips64le,linux/ppc64le,
arch: "linux/arm64/v8"
runner: ubicloud-standard-4-arm

steps:
- name: Maximize build space
run: |
sudo rm -rf /usr/share/dotnet
sudo rm -rf /usr/local/lib/android
sudo rm -rf /opt/ghc
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to Docker Hub
uses: docker/login-action@v1
uses: docker/setup-buildx-action@v3
- name: Login to registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up metadata
id: meta
uses: docker/metadata-action@v3
uses: docker/metadata-action@v5
with:
images: ${{ matrix.target.image }}
tags: type=semver,pattern={{version}}
- name: Build image
uses: docker/build-push-action@v2
- name: Build and push image by digest to registry
id: build
uses: docker/build-push-action@v5
with:
context: ${{ matrix.target.src }}
file: ${{ matrix.target.src }}/Dockerfile
platforms: ${{ matrix.target.arch }}
push: false
tags: ${{ matrix.target.image }}:unstable
labels: ${{ steps.meta.outputs.labels }}
- name: Push pre-release image to Docker Hub
if: ${{ github.ref == 'refs/heads/main' }}
uses: docker/build-push-action@v2
outputs: type=image,name=${{ matrix.target.image }},push-by-digest=true,name-canonical=true,push=true
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Export digest
run: |
mkdir -p "/tmp/digests"
export DIGEST="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${DIGEST#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
context: ${{ matrix.target.src }}
file: ${{ matrix.target.src }}/Dockerfile
platforms: ${{ matrix.target.arch }}
push: true
tags: ${{ matrix.target.image }}:unstable
labels: ${{ steps.meta.outputs.labels }}
- name: Push release image to Docker Hub
if: startsWith(github.ref, 'refs/tags/v')
uses: docker/build-push-action@v2
name: digests-${{ matrix.target.id }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1

merge-oci-images:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
needs: build-oci-images
strategy:
matrix:
target:
- idprefix: weron-linux-
image: ghcr.io/pojntfx/weron

steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to registry
uses: docker/login-action@v3
with:
context: ${{ matrix.target.src }}
file: ${{ matrix.target.src }}/Dockerfile
platforms: ${{ matrix.target.arch }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ matrix.target.image }}
tags: type=semver,pattern={{version}}
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-${{ matrix.target.idprefix }}*
merge-multiple: true
- name: Create pre-release manifest list and push to registry
working-directory: /tmp/digests
run: |
docker buildx imagetools create --tag "${{ matrix.target.image }}:${{ github.ref_name }}" $(printf '${{ matrix.target.image }}@sha256:%s ' *)
- name: Create release manifest list and push to registry
if: startsWith(github.ref, 'refs/tags/v')
working-directory: /tmp/digests
run: |
docker buildx imagetools create --tag "${{ steps.meta.outputs.tags }}"" $(printf '${{ matrix.target.image }}@sha256:%s ' *)
57 changes: 34 additions & 23 deletions .github/workflows/hydrun.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,40 +6,45 @@ on:
schedule:
- cron: "0 0 * * 0"

permissions:
contents: write

jobs:
build-linux:
runs-on: ubuntu-latest
runs-on: ${{ matrix.target.runner }}
permissions:
contents: read
strategy:
matrix:
target:
# Tests
- id: test
src: .
os: golang:bookworm
flags: -e '--privileged -v /var/run/docker.sock:/var/run/docker.sock --net host'
flags: -e '-v /tmp/ccache:/root/.cache/go-build --privileged -v /var/run/docker.sock:/var/run/docker.sock --net host'
cmd: GOFLAGS="-short" ./Hydrunfile test
dst: out/nonexistent
- id: go-weron
runner: ubuntu-latest

# Binaries
- id: go.weron
src: .
os: golang:bookworm
flags: -e '--privileged -v /var/run/docker.sock:/var/run/docker.sock --net host'
flags: -e '-v /tmp/ccache:/root/.cache/go-build --privileged -v /var/run/docker.sock:/var/run/docker.sock --net host'
cmd: ./Hydrunfile go weron
dst: out/*
runner: ubuntu-latest

steps:
- name: Maximize build space
run: |
sudo rm -rf /usr/share/dotnet
sudo rm -rf /usr/local/lib/android
sudo rm -rf /opt/ghc
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v4
- name: Restore ccache
uses: actions/cache/restore@v4
with:
path: |
/tmp/ccache
key: cache-ccache-${{ matrix.target.id }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
uses: docker/setup-buildx-action@v3
- name: Set up hydrun
run: |
curl -L -o /tmp/hydrun "https://github.com/pojntfx/hydrun/releases/latest/download/hydrun.linux-$(uname -m)"
Expand All @@ -49,40 +54,46 @@ jobs:
run: hydrun -o ${{ matrix.target.os }} ${{ matrix.target.flags }} "${{ matrix.target.cmd }}"
- name: Fix permissions for output
run: sudo chown -R $USER .
- name: Save ccache
uses: actions/cache/save@v4
with:
path: |
/tmp/ccache
key: cache-ccache-${{ matrix.target.id }}
- name: Upload output
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.target.id }}
path: ${{ matrix.target.dst }}

publish-linux:
runs-on: ubuntu-latest
permissions:
contents: write
needs: build-linux

steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v4
- name: Download output
uses: actions/download-artifact@v2
uses: actions/download-artifact@v4
with:
path: /tmp/out
- name: Extract branch name
id: extract_branch
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
- name: Publish pre-release to GitHub releases
if: ${{ github.ref == 'refs/heads/main' }}
uses: marvinpinto/action-automatic-releases@latest
uses: softprops/action-gh-release@v2
with:
repo_token: "${{ secrets.GITHUB_TOKEN }}"
automatic_release_tag: release-${{ steps.extract_branch.outputs.branch }}
tag_name: release-${{ steps.extract_branch.outputs.branch }}
prerelease: true
files: |
/tmp/out/*/*
- name: Publish release to GitHub releases
if: startsWith(github.ref, 'refs/tags/v')
uses: marvinpinto/action-automatic-releases@latest
uses: softprops/action-gh-release@v2
with:
repo_token: "${{ secrets.GITHUB_TOKEN }}"
prerelease: false
files: |
/tmp/out/*/*

0 comments on commit f83629a

Please sign in to comment.