-
Notifications
You must be signed in to change notification settings - Fork 0
142 lines (129 loc) · 6.61 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
# yamllint disable rule:comments
---
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Create and publish a Docker images
'on': workflow_call
env:
IMAGE_REGISTRY: ghcr.io
jobs:
prepare-matrix:
uses: deedee-ops/containers/.github/workflows/prepare-matrix.yaml@master
secrets: inherit
deploy:
needs: prepare-matrix
name: Build and test
runs-on: ubuntu-latest
if: ${{ needs.prepare-matrix.outputs.matrix != '' && needs.prepare-matrix.outputs.matrix != '[]' }}
strategy:
matrix:
apps: ["${{ fromJson(needs.prepare-matrix.outputs.matrix) }}"]
fail-fast: false
# yamllint disable rule:line-length
steps:
- name: Generate Token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: generate-token
with:
app_id: "${{ secrets.BOT_APP_ID }}"
private_key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
token: "${{ steps.generate-token.outputs.token }}"
fetch-depth: 1
- name: Setup workflow Variables
id: vars
shell: bash
run: |-
base_image="$(jq '.base' --raw-output apps/${{ matrix.apps.app }}/metadata.json)"
test_mute_cmd="$(jq '.testMuteCmd' --raw-output apps/${{ matrix.apps.app }}/metadata.json)"
build_version="$(jq --arg chan ${{ matrix.apps.channel }} --raw-output '(.channels | .[] | select(.name == $chan)) | if .version == "master" then "latest" else .version end' ./apps/${{ matrix.apps.app }}/metadata.json)"
build_metavar="$(jq --arg chan ${{ matrix.apps.channel }} --raw-output '(.channels | .[] | select(.name == $chan)) | .metavar' ./apps/${{ matrix.apps.app }}/metadata.json)"
baseimg_build_version="$(jq --arg chan ${{ matrix.apps.channel }} --raw-output '(.channels | .[] | select(.name == $chan)) | .baseimgversion' ./apps/${{ matrix.apps.app }}/metadata.json)"
export test_mute_cmd
{
echo "build_date=$(date --rfc-3339=seconds --utc)"
echo "build_version=${build_version}"
echo "build_metavar=${build_metavar}"
echo "baseimg_build_version=${baseimg_build_version}"
echo "base_image=${base_image}"
echo "platforms=$(jq --arg chan "${{ matrix.apps.channel }}" --raw-output '(.channels | .[] | select(.name == $chan)) | .platforms | join(",")' ./apps/${{ matrix.apps.app }}/metadata.json)"
} >> "$GITHUB_OUTPUT"
if [[ "${base_image}" == true ]]; then
echo "label_type=org.opencontainers.image.base" >> "$GITHUB_OUTPUT"
else
echo "label_type=org.opencontainers.image" >> "$GITHUB_OUTPUT"
fi
tags="$(echo "${build_version}" | \
sed -E 's@^([0-9]{4})-([0-9]{2})-([0-9]{2})(.*)$@\1.\2.\3\4@g' | \
awk -F. '{ print "#" $1 "#" $1 "." $2 "#" $1 "." $2 "." $3 "#" $1 "." $2 "." $3 "." $4 "#" }' | \
sed -E 's@[^#]+\.+#@@g' | \
sed 's@#$@@g' | \
sed 's@#@,${{ env.IMAGE_REGISTRY }}/${{ github.repository_owner }}/${{ matrix.apps.app }}---suffix:@g' | \
awk -F\# '{ print $0 ",${{ env.IMAGE_REGISTRY }}/${{ github.repository_owner }}/${{ matrix.apps.app }}---suffix:latest"}')"
if [[ "${{ matrix.apps.channel }}" == "stable" ]]; then
tags="${tags//---suffix/}"
# tags="$(sed 's@---suffix@@g' <<< "${tags}")"
else
tags="${tags//---suffix/-${{ matrix.apps.channel }}}"
# tags="$(sed 's@---suffix@-${{ matrix.apps.channel }}@g' <<< "${tags}")"
fi
echo "tags=${tags}" >> "$GITHUB_OUTPUT"
- name: Setup QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
with:
image: "public.ecr.aws/eks-distro-build-tooling/binfmt-misc:qemu-v7.0.0"
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
with:
version: latest
driver-opts: |
image=public.ecr.aws/vend/moby/buildkit:buildx-stable-1
- name: Setup GHCR
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ${{ env.IMAGE_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build all platforms
id: release
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
build-args: |-
BASEIMGVERSION=${{ steps.vars.outputs.baseimg_build_version }}
METAVAR=${{ steps.vars.outputs.build_metavar }}
VERSION=${{ steps.vars.outputs.build_version }}
CHANNEL=${{ matrix.apps.channel }}
labels: |-
${{ steps.vars.outputs.label_type }}.created="${{ steps.vars.outputs.build_date }}"
${{ steps.vars.outputs.label_type }}.title="${{ matrix.apps.app }} (${{ matrix.apps.channel }})"
${{ steps.vars.outputs.label_type }}.version="${{ steps.vars.outputs.build_version }}"
${{ steps.vars.outputs.label_type }}.authors="Igor Rzegocki <[email protected]>"
${{ steps.vars.outputs.label_type }}.url="https://github.com/deedee-ops/containers/tree/master/apps/${{ matrix.apps.app }}"
${{ steps.vars.outputs.label_type }}.build.url="https://github.com/deedee-ops/containers/actions/runs/${{ github.run_id }}"
${{ steps.vars.outputs.label_type }}.documentation="https://github.com/deedee-ops/containers/tree/master/apps/${{ matrix.apps.app }}/README.md"
${{ steps.vars.outputs.label_type }}.revision="${{ github.sha }}"
context: apps/${{ matrix.apps.app }}
platforms: ${{ steps.vars.outputs.platforms }}
file: apps/${{ matrix.apps.app }}/Dockerfile
push: true
tags: ${{ steps.vars.outputs.tags }}
cache-from: type=gha
cache-to: type=gha,mode=max
# https://github.com/community/community/discussions/45969#discussioncomment-4852744
provenance: false
sbom: false
# yamllint enable
# Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7
build-success:
name: Build matrix success
runs-on: ubuntu-latest
needs:
- deploy
if: ${{ always() }}
steps:
- name: Check build matrix status
if: ${{ needs.deploy.result != 'success' && needs.deploy.result != 'skipped' }}
run: exit 1
# yamllint enable rule:comments