github/skopeo
1
0
Fork 0
mirror of https://github.com/containers/skopeo.git synced 2025-07-16 15:52:24 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1379 from cevich/generic_steps

Browse Source 
[CI:DOCS] Multi-arch image workflow: Make steps generic
This commit is contained in:
Chris Evich 2021-07-19 15:09:31 -04:00 committed by GitHub
commit ce2f64c946
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 56 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
.github/workflows/multi-arch-build.yaml vendored
View File

@ -1,6 +1,6 @@
--- ---
# Please see contrib/skopeoimage/README.md for details on the intentions # Please see contrib/<reponame>image/README.md for details on the intentions
# of this workflow. # of this workflow.
# #
# BIG FAT WARNING: This workflow is duplicated across containers/skopeo, # BIG FAT WARNING: This workflow is duplicated across containers/skopeo,
@ -11,7 +11,7 @@
name: build multi-arch images name: build multi-arch images
on: on:
# Upstream skopeo tends to be very active, with many merges per day. # Upstream tends to be very active, with many merges per day.
# Only run this daily via cron schedule, or manually, not by branch push. # Only run this daily via cron schedule, or manually, not by branch push.
schedule: schedule:
- cron: '0 8 * * *' - cron: '0 8 * * *'
@ -20,19 +20,23 @@ on:
jobs: jobs:
multi: multi:
name: multi-arch Skopeo build name: multi-arch image build
env: env:
SKOPEO_QUAY_REGISTRY: quay.io/skopeo REPONAME: skopeo # No easy way to parse this out of $GITHUB_REPOSITORY
# Server/namespace value used to format FQIN
REPONAME_QUAY_REGISTRY: quay.io/skopeo
CONTAINERS_QUAY_REGISTRY: quay.io/containers CONTAINERS_QUAY_REGISTRY: quay.io/containers
# list of architectures for build # list of architectures for build
PLATFORMS: linux/amd64,linux/s390x,linux/ppc64le,linux/arm64 PLATFORMS: linux/amd64,linux/s390x,linux/ppc64le,linux/arm64
# Command to execute in container to obtain project version number
VERSION_CMD: "--version" # skopeo is the entrypoint
# build several images (upstream, testing, stable) in parallel # build several images (upstream, testing, stable) in parallel
strategy: strategy:
# By default, failure of one matrix item cancels all others # By default, failure of one matrix item cancels all others
fail-fast: false fail-fast: false
matrix: matrix:
# Builds are located under contrib/skopeoimage/<source> directory # Builds are located under contrib/<reponame>image/<source> directory
source: source:
- upstream - upstream
- testing - testing
@ -57,14 +61,14 @@ jobs:
driver-opts: network=host driver-opts: network=host
install: true install: true
- name: Build and locally push Skopeo - name: Build and locally push image
uses: docker/build-push-action@v2 uses: docker/build-push-action@v2
with: with:
context: contrib/skopeoimage/${{ matrix.source }} context: contrib/${{ env.REPONAME }}image/${{ matrix.source }}
file: ./contrib/skopeoimage/${{ matrix.source }}/Dockerfile file: ./contrib/${{ env.REPONAME }}image/${{ matrix.source }}/Dockerfile
platforms: ${{ env.PLATFORMS }} platforms: ${{ env.PLATFORMS }}
push: true push: true
tags: localhost:5000/skopeo/${{ matrix.source }} tags: localhost:5000/${{ env.REPONAME }}/${{ matrix.source }}
# Simple verification that stable images work, and # Simple verification that stable images work, and
# also grab version number use in forming the FQIN. # also grab version number use in forming the FQIN.
@ -72,38 +76,42 @@ jobs:
if: matrix.source == 'stable' if: matrix.source == 'stable'
id: sniff_test id: sniff_test
run: | run: |
VERSION_OUTPUT="$(docker run localhost:5000/skopeo/${{ matrix.source }} --version)" podman pull --tls-verify=false \
localhost:5000/$REPONAME/${{ matrix.source }}
VERSION_OUTPUT=$(podman run \
localhost:5000/$REPONAME/${{ matrix.source }} \
$VERSION_CMD)
echo "$VERSION_OUTPUT" echo "$VERSION_OUTPUT"
VERSION=$(grep -Em1 '^skopeo version' <<<"$VERSION_OUTPUT" | awk '{print $3}') VERSION=$(awk -r -e "/^${REPONAME} version /"'{print $3}' <<<"$VERSION_OUTPUT")
test -n "$VERSION" test -n "$VERSION"
echo "::set-output name=version::${VERSION}" echo "::set-output name=version::$VERSION"
- name: Generate skopeo reg. image FQIN(s) - name: Generate image FQIN(s) to push
id: skopeo_reg id: gen_fqin
run: | run: |
if [[ "${{ matrix.source }}" == 'stable' ]]; then if [[ "${{ matrix.source }}" == 'stable' ]]; then
# The `skopeo version` in image just built # The command version in image just built
VERSION='v${{ steps.sniff_test.outputs.version }}' VERSION='v${{ steps.sniff_test.outputs.version }}'
# workaround vim syntax-highlight bug: ' # workaround vim syntax-highlight bug: '
# Image tags previously pushed to quay # Image tags previously pushed to quay
ALLTAGS=$(skopeo list-tags \ ALLTAGS=$(skopeo list-tags \
docker://$SKOPEO_QUAY_REGISTRY/stable | \ docker://$REPONAME_QUAY_REGISTRY/stable | \
jq -r '.Tags[]') jq -r '.Tags[]')
# New version? Push quay.io/skopeo/stable:vX.X.X and :latest # New version? Push quay.io/$REPONAME/stable:vX.X.X and :latest
if ! fgrep -qx "$VERSION" <<<"$ALLTAGS"; then if ! fgrep -qx "$VERSION" <<<"$ALLTAGS"; then
# Assume version-tag is also the most up to date (i.e. "latest") # Assume version-tag is also the most up to date (i.e. "latest")
FQIN="$SKOPEO_QUAY_REGISTRY/stable:$VERSION,$SKOPEO_QUAY_REGISTRY/stable:latest" FQIN="$REPONAME_QUAY_REGISTRY/stable:$VERSION,$REPONAME_QUAY_REGISTRY/stable:latest"
else # Not a new version-tagged image else # Not a new version-tagged image
# Assume other contents changed, so this is the "new" latest. # Assume other contents changed, so this is the "new" latest.
FQIN="$SKOPEO_QUAY_REGISTRY/stable:latest" FQIN="$REPONAME_QUAY_REGISTRY/stable:latest"
fi fi
elif [[ "${{ matrix.source }}" == 'testing' ]]; then elif [[ "${{ matrix.source }}" == 'testing' ]]; then
# Assume some contents changed, always push latest testing. # Assume some contents changed, always push latest testing.
FQIN="$SKOPEO_QUAY_REGISTRY/testing:latest" FQIN="$REPONAME_QUAY_REGISTRY/testing:latest"
elif [[ "${{ matrix.source }}" == 'upstream' ]]; then elif [[ "${{ matrix.source }}" == 'upstream' ]]; then
# Assume some contents changed, always push latest upstream. # Assume some contents changed, always push latest upstream.
FQIN="$SKOPEO_QUAY_REGISTRY/upstream:latest" FQIN="$REPONAME_QUAY_REGISTRY/upstream:latest"
else else
echo "::error::Unknown matrix item '${{ matrix.source }}'" echo "::error::Unknown matrix item '${{ matrix.source }}'"
exit 1 exit 1
@ -122,14 +130,14 @@ jobs:
VERSION='v${{ steps.sniff_test.outputs.version }}' VERSION='v${{ steps.sniff_test.outputs.version }}'
# workaround vim syntax-highlight bug: ' # workaround vim syntax-highlight bug: '
ALLTAGS=$(skopeo list-tags \ ALLTAGS=$(skopeo list-tags \
docker://$CONTAINERS_QUAY_REGISTRY/skopeo | \ docker://$CONTAINERS_QUAY_REGISTRY/$REPONAME | \
jq -r '.Tags[]') jq -r '.Tags[]')
# New version? Push quay.io/containers/skopeo:vX.X.X and latest # New version? Push quay.io/containers/$REPONAME:vX.X.X and latest
if ! fgrep -qx "$VERSION" <<<"$ALLTAGS"; then if ! fgrep -qx "$VERSION" <<<"$ALLTAGS"; then
FQIN="$CONTAINERS_QUAY_REGISTRY/skopeo:$VERSION,$CONTAINERS_QUAY_REGISTRY/skopeo:latest" FQIN="$CONTAINERS_QUAY_REGISTRY/$REPONAME:$VERSION,$CONTAINERS_QUAY_REGISTRY/$REPONAME:latest"
else # Not a new version-tagged image, only update latest. else # Not a new version-tagged image, only update latest.
FQIN="$CONTAINERS_QUAY_REGISTRY/skopeo:latest" FQIN="$CONTAINERS_QUAY_REGISTRY/$REPONAME:latest"
fi fi
echo "::warning::Pushing $FQIN" echo "::warning::Pushing $FQIN"
echo "::set-output name=fqin::${FQIN}" echo "::set-output name=fqin::${FQIN}"
@ -149,40 +157,39 @@ jobs:
DELIMITER DELIMITER
EOF EOF
# Separate steps to login and push for skopeo and containers quay # Separate steps to login and push for $REPONAME_QUAY_REGISTRY and
# repositories are required, because 2 sets of credentials are used and `docker # $CONTAINERS_QUAY_REGISTRY are required, because 2 sets of credentials
# login` as well as `skopeo login` do not support having 2 different # are used and namespaced within the registry. At the same time, reuse
# credential sets for 1 registry. # of non-shell steps is not supported by Github Actions nor are YAML
# At the same time reuse of non-shell steps is not supported by Github Actions # anchors/aliases, nor composite actions.
# via anchors or composite actions
# Push to 'skopeo' Quay repo for stable, testing. and upstream # Push to $REPONAME_QUAY_REGISTRY for stable, testing. and upstream
- name: Login to 'skopeo' Quay registry - name: Login to ${{ env.REPONAME_QUAY_REGISTRY }}
uses: docker/login-action@v1 uses: docker/login-action@v1
if: steps.skopeo_reg.outputs.push == 'true' if: steps.gen_fqin.outputs.push == 'true'
with: with:
registry: ${{ env.SKOPEO_QUAY_REGISTRY }} registry: ${{ env.REPONAME_QUAY_REGISTRY }}
# N/B: Secrets are not passed to workflows that are triggered # N/B: Secrets are not passed to workflows that are triggered
# by a pull request from a fork # by a pull request from a fork
username: ${{ secrets.SKOPEO_QUAY_USERNAME }} username: ${{ secrets.REPONAME_QUAY_USERNAME }}
password: ${{ secrets.SKOPEO_QUAY_PASSWORD }} password: ${{ secrets.REPONAME_QUAY_PASSWORD }}
- name: Push images to 'skopeo' Quay - name: Push images to ${{ steps.gen_fqin.outputs.fqin }}
uses: docker/build-push-action@v2 uses: docker/build-push-action@v2
if: steps.skopeo_reg.outputs.push == 'true' if: steps.gen_fqin.outputs.push == 'true'
with: with:
cache-from: type=registry,ref=localhost:5000/skopeo/${{ matrix.source }} cache-from: type=registry,ref=localhost:5000/${{ env.REPONAME }}/${{ matrix.source }}
cache-to: type=inline cache-to: type=inline
context: contrib/skopeoimage/${{ matrix.source }} context: contrib/${{ env.REPONAME }}image/${{ matrix.source }}
file: ./contrib/skopeoimage/${{ matrix.source }}/Dockerfile file: ./contrib/${{ env.REPONAME }}image/${{ matrix.source }}/Dockerfile
platforms: ${{ env.PLATFORMS }} platforms: ${{ env.PLATFORMS }}
push: true push: true
tags: ${{ steps.skopeo_reg.outputs.fqin }} tags: ${{ steps.gen_fqin.outputs.fqin }}
labels: | labels: |
${{ env.LABELS }} ${{ env.LABELS }}
# Push to 'containers' Quay repo only stable skopeo # Push to $CONTAINERS_QUAY_REGISTRY only stable
- name: Login to 'containers' Quay registry - name: Login to ${{ env.CONTAINERS_QUAY_REGISTRY }}
if: steps.containers_reg.outputs.push == 'true' if: steps.containers_reg.outputs.push == 'true'
uses: docker/login-action@v1 uses: docker/login-action@v1
with: with:
@ -190,14 +197,14 @@ jobs:
username: ${{ secrets.CONTAINERS_QUAY_USERNAME }} username: ${{ secrets.CONTAINERS_QUAY_USERNAME }}
password: ${{ secrets.CONTAINERS_QUAY_PASSWORD }} password: ${{ secrets.CONTAINERS_QUAY_PASSWORD }}
- name: Push images to 'containers' Quay - name: Push images to ${{ steps.containers_reg.outputs.fqin }}
if: steps.containers_reg.outputs.push == 'true' if: steps.containers_reg.outputs.push == 'true'
uses: docker/build-push-action@v2 uses: docker/build-push-action@v2
with: with:
cache-from: type=registry,ref=localhost:5000/skopeo/${{ matrix.source }} cache-from: type=registry,ref=localhost:5000/${{ env.REPONAME }}/${{ matrix.source }}
cache-to: type=inline cache-to: type=inline
context: contrib/skopeoimage/${{ matrix.source }} context: contrib/${{ env.REPONAME }}image/${{ matrix.source }}
file: ./contrib/skopeoimage/${{ matrix.source }}/Dockerfile file: ./contrib/${{ env.REPONAME }}image/${{ matrix.source }}/Dockerfile
platforms: ${{ env.PLATFORMS }} platforms: ${{ env.PLATFORMS }}
push: true push: true
tags: ${{ steps.containers_reg.outputs.fqin }} tags: ${{ steps.containers_reg.outputs.fqin }}