Bump kaniko-project/executor from v1.21.0 to v1.22.0 #176
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| pull_request: | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 2 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - uses: pre-commit/action@v3.0.1 | |
| build: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 2 | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| cache: pip | |
| cache-dependency-path: dev-requirements.txt | |
| - name: Install | |
| run: | | |
| pip install -r dev-requirements.txt | |
| # Make a wheel and install it to catch possible issues with releases | |
| python -m build --wheel | |
| pip install dist/*.whl | |
| pip freeze | |
| test: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: Configure insecure Podman registry | |
| run: | | |
| REGISTRY_HOST=$(hostname -I | awk '{print $1}'):5000 | |
| echo "REGISTRY_HOST=${REGISTRY_HOST}" >> $GITHUB_ENV | |
| mkdir -p ~/.config/containers/ | |
| cat <<EOF >> ~/.config/containers/registries.conf | |
| [registries.insecure] | |
| registries = [ | |
| 'localhost:5000', | |
| '${REGISTRY_HOST}', | |
| ] | |
| EOF | |
| - name: Run registry for testing | |
| run: | | |
| ./ci/run-local-registry.sh & | |
| while ! curl -f http://localhost:5000; do | |
| sleep 5 | |
| done | |
| - name: Podman info | |
| run: podman info | |
| - name: Install from repo | |
| run: pip install . | |
| - name: Build container | |
| run: ./ci/build.sh | |
| - name: Test local repo2kaniko | |
| run: ./ci/test.sh repo2docker | |
| - name: Test repo2kaniko container | |
| run: ./ci/test.sh container | |
| # https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-pypi | |
| publish-pypi: | |
| name: Pypi | |
| needs: | |
| # Only publish if other jobs passed | |
| - lint | |
| - build | |
| - test | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install pypa/build | |
| run: python -m pip install build | |
| - name: Build a binary wheel and a source tarball | |
| run: python -m build --sdist --wheel --outdir dist/ | |
| # Uses OIDC | |
| - name: Publish to PyPI | |
| if: startsWith(github.ref, 'refs/tags') | |
| uses: pypa/gh-action-pypi-publish@v1.8.12 | |
| container: | |
| name: Build container | |
| needs: | |
| # Only publish if other jobs passed | |
| - lint | |
| - build | |
| - test | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 10 | |
| env: | |
| DEFAULT_REGISTRY: quay.io | |
| services: | |
| # So that we can test this in PRs/branches | |
| local-registry: | |
| image: registry:2 | |
| ports: | |
| - 5000:5000 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - context: . | |
| image_name: manics/repo2kaniko | |
| - context: ./kaniko-runner | |
| image_name: manics/kaniko-runner | |
| steps: | |
| - name: Should we push this image to a public registry? | |
| run: | | |
| if [ "${{ startsWith(github.ref, 'refs/tags/') || (github.ref == 'refs/heads/main') }}" = "true" ]; then | |
| REGISTRY=$DEFAULT_REGISTRY | |
| else | |
| REGISTRY=localhost:5000 | |
| fi | |
| echo "REGISTRY=$REGISTRY" >> $GITHUB_ENV | |
| echo "Publishing to $REGISTRY" | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up QEMU to build multiple platforms | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx (for multi-arch builds) | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| # Allows pushing to registry on localhost:5000 | |
| driver-opts: network=host | |
| - name: Login to registry | |
| if: env.REGISTRY != 'localhost:5000' | |
| run: | | |
| docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" "${{ env.REGISTRY }}" | |
| # https://github.com/jupyterhub/action-major-minor-tag-calculator | |
| - name: Get list of image tags | |
| id: imagetags | |
| uses: jupyterhub/action-major-minor-tag-calculator@v3.2.0 | |
| with: | |
| githubToken: ${{ secrets.GITHUB_TOKEN }} | |
| prefix: "${{ env.REGISTRY }}/${{ matrix.image_name }}:" | |
| defaultTag: "${{ env.REGISTRY }}/${{ matrix.image_name }}:noref" | |
| branchRegex: ^\w[\w-.]*$ | |
| - name: Build and push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ join(fromJson(steps.imagetags.outputs.tags)) }} |