-
Notifications
You must be signed in to change notification settings - Fork 2.7k
132 lines (114 loc) · 4.48 KB
/
build-images-base.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: Base Image Release Build
# Any change in triggers needs to be reflected in the concurrency group.
on:
pull_request_target:
types:
- opened
- synchronize
- reopened
paths:
- images/runtime/**
- images/builder/**
permissions: read-all
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
cancel-in-progress: true
jobs:
build-and-push:
timeout-minutes: 30
environment: release-base-images
runs-on: ubuntu-20.04
strategy:
matrix:
include:
- name: cilium-runtime
dockerfile: ./images/runtime/Dockerfile
context: ./images/runtime
- name: cilium-builder
dockerfile: ./images/builder/Dockerfile
context: ./images/builder
fail-fast: false
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@27d0a4f181a40b142cce983c5393082c365d1480
- name: Checkout Source Code
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
with:
persist-credentials: false
ref: ${{ github.event.pull_request.head.sha }}
- name: Generating image tag
id: tag
run: |
echo ::set-output name=tag::"$(git ls-tree --full-tree HEAD -- ${{ matrix.context }} | awk '{ print $3 }')"
- name: Checking if tag already exists
id: tag-in-repositories
shell: bash
run: |
if docker buildx imagetools inspect quay.io/${{ github.repository_owner }}/${{ matrix.name }}:${{ steps.tag.outputs.tag }} &>/dev/null; then
echo ::set-output name=exists::"true"
else
echo ::set-output name=exists::"false"
fi
- name: Login to quay.io
if: ${{ steps.tag-in-repositories.outputs.exists == 'false' }}
uses: docker/login-action@42d299face0c5c43a0487c477f595ac9cf22f1a7
with:
registry: quay.io
username: ${{ secrets.QUAY_BASE_RELEASE_USERNAME }}
password: ${{ secrets.QUAY_BASE_RELEASE_PASSWORD }}
- name: Release build ${{ matrix.name }}
if: ${{ steps.tag-in-repositories.outputs.exists == 'false' }}
uses: docker/build-push-action@1814d3dfb36d6f84174e61f4a4b05bd84089a4b9
id: docker_build_release
with:
context: ${{ matrix.context }}
file: ${{ matrix.dockerfile }}
push: true
platforms: linux/amd64,linux/arm64
tags: |
quay.io/${{ github.repository_owner }}/${{ matrix.name }}:${{ steps.tag.outputs.tag }}
- name: Image Release Digest
if: ${{ steps.tag-in-repositories.outputs.exists == 'false' }}
shell: bash
run: |
mkdir -p image-digest/
echo "## ${{ matrix.name }}" > image-digest/${{ matrix.name }}.txt
echo "" >> image-digest/${{ matrix.name }}.txt
echo "\`quay.io/${{ github.repository_owner }}/${{ matrix.name }}:${{ steps.tag.outputs.tag }}@${{ steps.docker_build_release.outputs.digest }}\`" >> image-digest/${{ matrix.name }}.txt
echo "" >> image-digest/${{ matrix.name }}.txt
- name: Upload artifact digests
if: ${{ steps.tag-in-repositories.outputs.exists == 'false' }}
uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2
with:
name: image-digest ${{ matrix.name }}
path: image-digest
retention-days: 1
- name: Send slack notification
if: ${{ !success() && (github.event_name == 'schedule' || github.event_name == 'push') }}
uses: 8398a7/action-slack@a74b761b4089b5d730d813fbedcd2ec5d394f3af
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
image-digests:
name: Display Digests
runs-on: ubuntu-20.04
needs: build-and-push
steps:
- name: Downloading Image Digests
shell: bash
run: |
mkdir -p image-digest/
- name: Download digests of all images built
uses: actions/download-artifact@f023be2c48cc18debc3bacd34cb396e0295e2869
with:
path: image-digest/
- name: Image Digests Output
shell: bash
run: |
cd image-digest/
find -type f | sort | xargs -d '\n' cat