diff --git a/.github/workflows/push_image.yml b/.github/workflows/push_image.yml index f37ac6088..11aa2c689 100644 --- a/.github/workflows/push_image.yml +++ b/.github/workflows/push_image.yml @@ -8,7 +8,7 @@ env: REGISTRY_PASSWORD: ${{ secrets.QUAY_SECRET }} REGISTRY: quay.io/netobserv IMAGE: flowlogs-pipeline - TAG: latest + TAG: main jobs: push-image: @@ -26,20 +26,23 @@ jobs: go-version: ${{ matrix.go }} - name: checkout uses: actions/checkout@v2 - - name: build image - run: make build-image + - name: build images + run: DOCKER_TAG=${{ env.TAG }} make build-ci-images - name: podman login to quay.io uses: redhat-actions/podman-login@v1 with: username: ${{ env.REGISTRY_USER }} password: ${{ env.REGISTRY_PASSWORD }} registry: quay.io + - name: get short sha + id: shortsha + run: echo "::set-output name=short_sha::$(git rev-parse --short HEAD)" - name: push to quay.io id: push-to-quay uses: redhat-actions/push-to-registry@v2 with: image: ${{ env.IMAGE }} - tags: ${{ env.TAG }} + tags: ${{ env.TAG }} ${{ steps.shortsha.outputs.short_sha }} latest registry: ${{ env.REGISTRY }} - name: print image url run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 000000000..94e4dc9cb --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,56 @@ +name: release to quay.io +on: + push: + tags: [v*] + +env: + REGISTRY_USER: netobserv+github_ci + REGISTRY_PASSWORD: ${{ secrets.QUAY_SECRET }} + REGISTRY: quay.io/netobserv + IMAGE: flowlogs-pipeline + +jobs: + push-image: + name: push image + runs-on: ubuntu-20.04 + strategy: + matrix: + go: ['1.17'] + steps: + - name: checkout + uses: actions/checkout@v2 + - name: validate tag + id: validate_tag + run: | + tag=`git describe --exact-match --tags 2> /dev/null` + if [[ $tag =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-rc[0-9]+)?$ ]]; then + echo "$tag is a valid release tag" + set -e + echo "::set-output name=tag::$tag" + else + echo "$tag is NOT a valid release tag" + exit 1 + fi + - name: install make + run: sudo apt-get install make + - name: set up go 1.x + uses: actions/setup-go@v2 + with: + go-version: ${{ matrix.go }} + - name: build images + run: DOCKER_TAG=${{ steps.validate_tag.outputs.tag }} make build-images + - name: podman login to quay.io + uses: redhat-actions/podman-login@v1 + with: + username: ${{ env.REGISTRY_USER }} + password: ${{ env.REGISTRY_PASSWORD }} + registry: quay.io + - name: push to quay.io + id: push-to-quay + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ env.IMAGE }} + tags: ${{ steps.validate_tag.outputs.tag }} + registry: ${{ env.REGISTRY }} + - name: print image url + run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" diff --git a/Makefile b/Makefile index d1f610728..bfe30e340 100644 --- a/Makefile +++ b/Makefile @@ -116,6 +116,16 @@ run: build ## Run build-image: DOCKER_BUILDKIT=1 $(OCI_RUNTIME) build -t $(DOCKER_IMG):$(DOCKER_TAG) -f contrib/docker/Dockerfile . +.PHONY: build-ci-images +build-ci-images: +ifeq ($(DOCKER_TAG), main) +# Also tag "latest" only for branch "main" + DOCKER_BUILDKIT=1 $(OCI_RUNTIME) build -t $(DOCKER_IMG):$(DOCKER_TAG) -t $(DOCKER_IMG):latest -f contrib/docker/Dockerfile . +else + DOCKER_BUILDKIT=1 $(OCI_RUNTIME) build -t $(DOCKER_IMG):$(DOCKER_TAG) -f contrib/docker/Dockerfile . +endif + DOCKER_BUILDKIT=1 $(OCI_RUNTIME) build --build-arg BASE_IMAGE=$(DOCKER_IMG):$(DOCKER_TAG) -t $(DOCKER_IMG):$(COMMIT) -f contrib/docker/shortlived.Dockerfile . + .PHONY: push-image push-image: build-image ## Push latest image @echo 'publish image $(DOCKER_TAG) to $(DOCKER_IMG)' diff --git a/contrib/docker/shortlived.Dockerfile b/contrib/docker/shortlived.Dockerfile new file mode 100644 index 000000000..7dca26000 --- /dev/null +++ b/contrib/docker/shortlived.Dockerfile @@ -0,0 +1,3 @@ +ARG BASE_IMAGE=quay.io/netobserv/flowlogs-pipeline:main +FROM $BASE_IMAGE +LABEL quay.expires-after=2w