Do not count authentication success in challenge phase #13789
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://github.com/marketplace/actions/build-and-push-docker-images | |
| name: OCI | |
| on: | |
| push: | |
| paths-ignore: | |
| - '.github/workflows/secondary-umbrella.yaml' | |
| workflow_dispatch: | |
| env: | |
| GENERIC_UNIX_ARCHIVE: ${{ github.workspace }}/bazel-bin/package-generic-unix.tar.xz | |
| RABBITMQ_VERSION: ${{ github.event.pull_request.head.sha || github.sha }} | |
| VERSION: ${{ github.event.pull_request.head.sha || github.sha }} | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| # This job will build one docker image per supported Erlang major version. | |
| # Each image will have two tags (one containing the Git commit SHA, one containing the branch name). | |
| # | |
| # For example, for Git commit SHA '111aaa' and branch name 'main' and maximum supported Erlang major version '26', | |
| # the following tags will be pushed to Dockerhub: | |
| # | |
| # * 111aaa-otp-min (image OTP 25) | |
| # * main-otp-min (image OTP 25) | |
| # * 111aaa-otp-max (image OTP 26) | |
| # * main-otp-max (image OTP 26) | |
| build-publish-dev-bazel: | |
| runs-on: ubuntu-20.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - image_tag_suffix: otp-min-bazel | |
| otp_version_id: 25_0 | |
| - image_tag_suffix: otp-max-bazel | |
| otp_version_id: 25_3 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Mount Bazel Cache | |
| uses: actions/cache@v3.3.1 | |
| with: | |
| path: "/home/runner/repo-cache/" | |
| key: repo-cache | |
| - name: Configure Bazel | |
| run: | | |
| if [ -n "${{ secrets.BUILDBUDDY_API_KEY }}" ]; then | |
| cat << EOF >> user.bazelrc | |
| build:buildbuddy --remote_header=x-buildbuddy-api-key=${{ secrets.BUILDBUDDY_API_KEY }} | |
| EOF | |
| fi | |
| cat << EOF >> user.bazelrc | |
| build:buildbuddy --build_metadata=ROLE=CI | |
| build:buildbuddy --build_metadata=VISIBILITY=PRIVATE | |
| build:buildbuddy --repository_cache=/home/runner/repo-cache/ | |
| build:buildbuddy --color=yes | |
| build:buildbuddy --disk_cache= | |
| build:buildbuddy --remote_download_toplevel | |
| build --@io_bazel_rules_docker//transitions:enable=false | |
| EOF | |
| - name: Check OTP/Elixir versions used in RBE | |
| id: load-info | |
| run: | | |
| bazelisk build :otp_version :elixir_version \ | |
| --config=rbe \ | |
| --platforms=//bazel/platforms:erlang_linux_${{ matrix.otp_version_id }}_platform | |
| echo "otp=$(cat bazel-bin/otp_version.txt)" >> $GITHUB_OUTPUT | |
| echo "elixir=$(cat bazel-bin/elixir_version.txt)" >> $GITHUB_OUTPUT | |
| - name: Configure OTP & Elixir | |
| uses: erlef/setup-beam@v1.15.3 | |
| with: | |
| otp-version: ${{ steps.load-info.outputs.otp }} | |
| elixir-version: ${{ steps.load-info.outputs.elixir }} | |
| - name: Configure otp for the OCI image | |
| run: | | |
| sudo npm install --global --silent @bazel/buildozer | |
| buildozer 'set tars ["@otp_src_${{ matrix.otp_version_id }}//file"]' \ | |
| //packaging/docker-image:otp_source | |
| - name: Build | |
| run: | | |
| bazelisk build //packaging/docker-image:rabbitmq \ | |
| --config=buildbuddy | |
| - name: Test | |
| run: | | |
| OCI_TESTS=$(bazel query 'tests(//packaging/docker-image/...)') | |
| bazelisk test ${OCI_TESTS} \ | |
| --config=buildbuddy | |
| - name: Load | |
| run: | | |
| bazelisk run //packaging/docker-image:rabbitmq \ | |
| --config=buildbuddy | |
| - name: Check for Push Credentials | |
| id: authorized | |
| run: | | |
| if [ -n "${{ secrets.DOCKERHUB_USERNAME }}" ]; then | |
| echo "PUSH=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "PUSH=false" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Login to DockerHub | |
| if: steps.authorized.outputs.PUSH == 'true' | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - name: Tag and Push | |
| if: steps.authorized.outputs.PUSH == 'true' | |
| run: | | |
| TAG_1="${{ github.event.pull_request.head.sha || github.sha }}-${{ matrix.image_tag_suffix }}" | |
| TAG_2="${GITHUB_REF##*/}-${{ matrix.image_tag_suffix }}" | |
| docker tag bazel/packaging/docker-image:rabbitmq \ | |
| pivotalrabbitmq/rabbitmq:${TAG_1} | |
| docker tag bazel/packaging/docker-image:rabbitmq \ | |
| pivotalrabbitmq/rabbitmq:${TAG_2} | |
| docker push pivotalrabbitmq/rabbitmq:${TAG_1} | |
| docker push pivotalrabbitmq/rabbitmq:${TAG_2} | |
| summary-oci: | |
| needs: | |
| - build-publish-dev-bazel | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: SUMMARY | |
| run: | | |
| echo "SUCCESS" |