build-manylinux-container-images.yml

name: ♲ manylinux containers

on:
  workflow_dispatch:
  schedule:
  # Run once a week on Mondays
  - cron: 0 0 * * MON
  pull_request:
    paths:
    - .github/workflows/build-manylinux-container-images.yml
    - build-scripts/manylinux-container-image/**
  push:
    branches:
    - devel
    paths:
    - .github/workflows/build-manylinux-container-images.yml
    - build-scripts/manylinux-container-image/**

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        IMAGE:
        # Build containers for x86_64
        - ARCH: x86_64
          YEAR: 1  # CentOS 5
        - ARCH: x86_64
          YEAR: 2010  # CentOS 6
        - ARCH: x86_64
          YEAR: 2014  # CentOS 7

        # Build the manylinux2014_aarch64 container
        - ARCH: aarch64
          QEMU_ARCH: arm64
          YEAR: 2014  # It's the first year ARM was included in PEP

    env:
      PYPA_MANYLINUX_TAG: >-
        manylinux${{ matrix.IMAGE.YEAR }}_${{ matrix.IMAGE.ARCH }}
      FULL_IMAGE_NAME: >-
        ${{ github.repository }}-manylinux${{ matrix.IMAGE.YEAR }}_${{ matrix.IMAGE.ARCH }}
      QEMU_ARCH: ${{ matrix.QEMU_ARCH || 'amd64' }}

    defaults:
      run:
        working-directory: build-scripts/manylinux-container-image/

    name: >-  # can't use `env` in this context:
      🐳
      manylinux${{ matrix.IMAGE.YEAR }}_${{ matrix.IMAGE.ARCH }}
    steps:
    - name: Fetch the repo src
      uses: actions/checkout@v2
    - name: >-
        Set up QEMU ${{ matrix.IMAGE.QEMU_ARCH }} arch emulation
        with Podman
      if: matrix.IMAGE.QEMU_ARCH == 'arm64'
      run: >-
        sudo podman run
        --rm --privileged
        multiarch/qemu-user-static
        --reset -p yes
    - name: Build the image with Buildah
      id: build-image
      uses: redhat-actions/buildah-build@v2
      with:
        archs: linux/${{ env.QEMU_ARCH }}
        image: ${{ env.FULL_IMAGE_NAME }}
        tags: latest
        dockerfiles: build-scripts/manylinux-container-image/Dockerfile
        context: build-scripts/manylinux-container-image/
        oci: true  # Should be alright because we don't publish to Docker Hub
        build-args: RELEASE=${{ env.PYPA_MANYLINUX_TAG }}
    - name: Push to GitHub Container Registry
      if: >-
        (github.event_name == 'push' || github.event_name == 'schedule')
        && github.ref == format(
            'refs/heads/{0}', github.event.repository.default_branch
        )
      id: push-to-ghcr
      uses: redhat-actions/push-to-registry@v2
      with:
        image: ${{ steps.build-image.outputs.image }}
        tags: ${{ steps.build-image.outputs.tags }}
        registry: ghcr.io
        username: ${{ github.actor }}
        password: ${{ secrets.GHCR_TOKEN }}
    - name: Log the upload result
      if: >-
        (github.event_name == 'push' || github.event_name == 'schedule')
        && github.ref == format(
            'refs/heads/{0}', github.event.repository.default_branch
        )
      run: >-
        echo
        'New image has been pushed to
        ${{ steps.push-to-ghcr.outputs.registry-paths }}'