-
Notifications
You must be signed in to change notification settings - Fork 27
141 lines (126 loc) · 5.35 KB
/
publish-dev.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
# Publish flant/addon-operator-dev image to hub.docker.com.
# Start when PR is labeled with 'publish/image/dev' or 'publish/image/dev/amd64'.
name: Publish dev images
on:
pull_request:
types: [labeled]
env:
QEMU_PLATFORMS: arm64,arm
BUILDX_PLATFORMS: "linux/amd64,linux/arm64,linux/arm/v7"
BUILDX_PLATFORMS_AMD64: "linux/amd64"
IMAGE_REPO: flant/addon-operator-dev
jobs:
check:
name: Check and remove label
runs-on: ubuntu-latest
outputs:
run_publish: ${{ steps.check.outputs.run_publish }}
build_multi_arch: ${{ steps.check.outputs.build_multi_arch }}
steps:
- uses: actions/github-script@v7
id: check
with:
script: |
const PUBLISH_DEV_LABEL = 'publish/image/dev';
const PUBLISH_AMD64_LABEL = 'publish/image/dev/amd64';
const labelName = context.payload.label.name;
let runPublish = false;
let buildMultiArch = false;
if (labelName === PUBLISH_DEV_LABEL) {
runPublish = true;
buildMultiArch = true;
}
if (labelName === PUBLISH_AMD64_LABEL) {
runPublish = true;
}
if (!runPublish) {
return console.log(`Not a 'publish' label: '${labelName}'. Skip 'publish dev image'.`);
}
if (buildMultiArch) {
console.log(`Detect 'publish' label '${labelName}'. Remove label and run 'publish dev image' for all architectures.`);
} else {
console.log(`Detect 'publish' label '${labelName}'. Remove label and run 'publish dev image' for amd64 arch only.`);
}
core.setOutput('run_publish', 'true');
core.setOutput('build_multi_arch', buildMultiArch.toString());
try {
await github.rest.issues.removeLabel({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
name: labelName,
});
} catch (e) {
console.log(`Error occurred while remove label. Possibly label is already removed. Ignore '${typeof e}' error.`);
}
publish_dev_image:
name: Build and publish
runs-on: ubuntu-latest
needs:
- check
if: needs.check.outputs.run_publish == 'true'
steps:
- uses: actions/checkout@v4
- name: Prepare environment
env:
BUILD_MULTI_ARCH: ${{ needs.check.outputs.build_multi_arch }}
run: |
: Image name and version for dev image
# Example: dev-feat_branch-371e2d3b-2020.02.06_18:37:42
APP_VERSION=dev-${GITHUB_REF#refs/heads/}-${GITHUB_SHA::8}-$(date +'%Y.%m.%d_%H:%M:%S')
FINAL_IMAGE_NAME="${IMAGE_REPO}:pr${{ github.event.pull_request.number }}"
echo "APP_VERSION=${APP_VERSION}" >> ${GITHUB_ENV}
echo "FINAL_IMAGE_NAME=${FINAL_IMAGE_NAME}" >> ${GITHUB_ENV}
echo "========================================="
echo "APP_VERSION = $APP_VERSION"
echo "FINAL_IMAGE_NAME = $FINAL_IMAGE_NAME"
echo "========================================="
if [[ ${BUILD_MULTI_ARCH} == "false" ]] ; then
echo "BUILDX_PLATFORMS=${BUILDX_PLATFORMS_AMD64}" >> ${GITHUB_ENV}
fi
echo "BUILD_MULTI_ARCH = ${BUILD_MULTI_ARCH}"
echo "BUILDX_PLATFORMS = ${BUILDX_PLATFORMS}"
echo "========================================="
- name: Set up QEMU
if: needs.check.outputs.build_multi_arch == 'true'
uses: docker/setup-qemu-action@v3.2.0
with:
platforms: "${{ env.QEMU_PLATFORMS }}"
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
with:
version: latest
- name: Login to DockerHub
uses: docker/login-action@v3.3.0
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASS }}
- name: Build and push multi-arch image
run: |
echo "Build $FINAL_IMAGE_NAME with version '$APP_VERSION'"
docker buildx build \
--build-arg appVersion=$APP_VERSION \
--platform $BUILDX_PLATFORMS \
--tag $FINAL_IMAGE_NAME \
--push \
.
- name: Inspect binaries
run: |
# Image for one arhitecture has digest in config field.
# Image with multiple manifests has digest in each manifest.
manifests=$(docker buildx imagetools inspect "${FINAL_IMAGE_NAME}" --raw)
if grep manifests <<<"${manifests}" 2>&1 >/dev/null ; then
jq -r '.manifests[]? | .digest + " " + .platform.os + "/" + .platform.architecture' <<<"${manifests}"
else
echo $(echo -n "${manifests}" | openssl dgst -sha256 | sed s/^.stdin.*\ //) ' linux/amd64'
fi \
| while read digest platform ; do
image=$FINAL_IMAGE_NAME@${digest}
echo "====================================="
echo "Inspect image for platform ${platform}"
echo " ${image}"
echo "====================================="
docker run --rm --platform ${platform} --entrypoint sh ${image} -c \
'apk add file > /dev/null; file /bin/kubectl; file /bin/busybox; file /addon-operator; file /bin/helm'
done