Use goreleaser and GitHub Actions for image publishing to ghcr.io#11
Use goreleaser and GitHub Actions for image publishing to ghcr.io#11cw-sakamoto merged 1 commit intomainfrom
Conversation
| name: Release | ||
|
|
||
| on: | ||
| push: |
There was a problem hiding this comment.
We push versioned binaries and image for semver-tagged commits (like v1 or v1.1 or whatever git tagged commits), AND "canary" binaries(no images) for other commits.
| with: | ||
| name: kibertas | ||
| path: | | ||
| dist/kibertas*.tar.gz |
There was a problem hiding this comment.
If it is a canary release, we upload the binaries to the actions artifacts, which can be accessed via the Actions workflow run view.
There was a problem hiding this comment.
Head to the bottom of https://github.com/chatwork/kibertas/actions/runs/7018953100?pr=11 and you'll be able to grab the archived binaries:
| with: | ||
| distribution: goreleaser | ||
| version: latest | ||
| args: release --clean ${{ env.flags }} |
There was a problem hiding this comment.
You can locally test the goreleaser.yaml used by this step by running make goreleaser-snapshot. As long as it works locally, this step should mostly work...
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} |
There was a problem hiding this comment.
These are exactly how GitHub Actions itself promotes it to work with ghcr.io:
https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#publishing-a-package-using-an-action
| fetch-depth: 0 | ||
| - | ||
| name: Set up QEMU | ||
| uses: docker/setup-qemu-action@v3 |
There was a problem hiding this comment.
Used for arm builds.
| uses: docker/setup-qemu-action@v3 | ||
| - | ||
| name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 |
There was a problem hiding this comment.
Used for cross-platform builds
| name: Checkout | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 |
There was a problem hiding this comment.
We don't need the full history
| steps: | ||
| - | ||
| if: ${{ !startsWith(github.ref, 'refs/tags/v') }} | ||
| run: echo "flags=--snapshot" >> $GITHUB_ENV |
There was a problem hiding this comment.
--snapshot in case it's canary builds(=no-semver-tagged commit)- --snapshot skips image publishing and does building only.
| manifests/credentials.yaml | ||
| .bin/ | ||
| .vscode | ||
| dist/ |
There was a problem hiding this comment.
make goreleaser-snapshot produces binaries and archives of the binaries under dist/. We don't want to git-commit that so ignore.
| ARG TARGETARCH | ||
|
|
||
| COPY --from=builder /app/kibertas /usr/local/bin/kibertas | ||
| COPY kibertas /usr/local/bin/kibertas |
There was a problem hiding this comment.
goreleaser runs docker-builds in a docker context that the goreleaser-produced kibertas binary exists, hence this simple COPY work.
There was a problem hiding this comment.
You can see the image build working here: https://github.com/chatwork/kibertas/actions/runs/7018953100/job/19095388986?pr=11
|
Awesome work! |
2 participants
As the title says :)
I think we don't need to set up anything to make this workflow work.
GitHub Actions, along with the
permissionsspecified in the workflow, would give us access to ghcr.io and therefore the image publishing should just work.The images should be "private" by default. No action should be needed by you to hide the images.