Container Image #139
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Container Image | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| platforms: | |
| description: "comma-separated list of platforms to build for, downstream supported are linux/amd64,linux/s390x,linux/ppc64le; note: clang is broken on s390x (RHEL-15874), also cross-builds take more than 6 hours so we don't do them" | |
| default: linux/amd64 | |
| custom_tag: | |
| description: optional custom tag on remote repo you want image to be tagged with | |
| default: scratch | |
| workflow_call: | |
| inputs: | |
| platforms: | |
| required: false | |
| default: linux/amd64 | |
| type: string | |
| custom_tag: | |
| required: false | |
| default: '' | |
| type: string | |
| schedule: | |
| # every Wednesday morning | |
| - cron: 7 7 * * 3 | |
| push: | |
| branches: [ main ] | |
| tags: [ "**" ] | |
| pull_request: | |
| types: [opened, reopened, synchronize] | |
| concurrency: | |
| group: ci-container-build-${{ github.ref }}-1 | |
| cancel-in-progress: true | |
| env: | |
| # Use docker.io for Docker Hub if empty | |
| REGISTRY: quay.io | |
| # github.repository as <account>/<repo> | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| buildah: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Sanitize Platforms | |
| id: platforms | |
| run: | | |
| platforms="${{ inputs.platforms == '' && 'linux/amd64' || inputs.platforms }}" | |
| archs="$( sed -e 's#linux/##g' <<< $platforms )" | |
| echo "platforms=$platforms" >> $GITHUB_OUTPUT | |
| echo "archs=$archs" >> $GITHUB_OUTPUT | |
| # Allow multi-target builds | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: ${{ steps.platforms.outputs.archs }} | |
| # Login against a Docker registry except on PR | |
| # https://github.com/docker/login-action | |
| - name: Log into registry ${{ env.REGISTRY }} | |
| if: github.event_name != 'pull_request' | |
| uses: redhat-actions/podman-login@v1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_PASSWORD }} | |
| # Extract metadata (tags, labels) for Docker | |
| # https://github.com/docker/metadata-action | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=schedule | |
| type=raw,value=latest,enable=${{ github.ref_name == 'main' }} | |
| type=raw,value=nightly,enable=${{ github.ref_name == 'main' }} | |
| type=ref,event=branch,enable=${{ github.ref_name != 'main' && inputs.custom_tag == '' }} | |
| ${{ inputs.custom_tag }} | |
| type=ref,event=tag | |
| type=ref,event=pr | |
| # https://github.com/actions/checkout | |
| - uses: actions/checkout@v4 | |
| - name: Build image | |
| id: build-image | |
| uses: redhat-actions/buildah-build@v2 | |
| with: | |
| tags: ${{ steps.meta.outputs.tags }} | |
| platforms: ${{ steps.platforms.outputs.platforms }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| layers: false | |
| oci: true | |
| tls-verify: true | |
| extra-args: | | |
| --squash | |
| --jobs=3 | |
| build-args: | | |
| PORTA_IMAGE=quay.io/3scale/porta:nightly | |
| containerfiles: | | |
| Containerfile | |
| - name: Echo Outputs | |
| run: | | |
| echo "Image: ${{ steps.build-image.outputs.image }}" | |
| echo "Tags: ${{ steps.build-image.outputs.tags }}" | |
| echo "Tagged Image: ${{ steps.build-image.outputs.image-with-tag }}" | |
| - name: Check images created | |
| run: buildah images | |
| - name: Smoke test the images | |
| run: | | |
| set -ex | |
| # accessing a mapped port from a container did not work so lets | |
| # create a pod where both - server and client have same localhost | |
| podman pod create > podid | |
| platforms="${{ steps.platforms.outputs.platforms }}" | |
| test_tag () { | |
| podman run -d --pod-id-file=podid --name=searchd -u 14:0 "${{ steps.build-image.outputs.image-with-tag }}$1" | |
| sleep 3 | |
| podman logs searchd | |
| podman run --pod-id-file=podid --rm --entrypoint "/bin/env" mysql:8 -- mysql -h 127.0.0.1 -P 9306 -e "SELECT * FROM account limit 1;" | |
| podman rm -f searchd | |
| } | |
| if [ x$( sed -E -e 's#[^/]##g' <<< $platforms ) != "x/" ]; then | |
| # if we are here, user has selected more than one build platform | |
| arch_tags=$( tr ',' ' ' <<< $platforms | tr -d '/' ) | |
| # removed slashes to produce "linuxamd64 linuxs390x linuxppc64le" | |
| for tag in $arch_tags; do test_tag -$tag; done | |
| else | |
| # if we are here, user has selected a single build platform | |
| test_tag | |
| fi | |
| - name: Push To Container Registry | |
| id: push-to-container-registry | |
| uses: redhat-actions/push-to-registry@v2 | |
| if: github.event_name != 'pull_request' | |
| with: | |
| tags: ${{ steps.build-image.outputs.tags }} | |
| - name: Print image url | |
| run: echo "Image pushed to ${{ steps.push-to-container-registry.outputs.registry-paths }}" |