gdal/.github/workflows/docker.yml at 3a85439d062c89923d0a0da5139d11e3c05c3067 · OSGeo/gdal · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
name: Docker

on:
    pull_request:
        paths:
            - 'docker/**'
            - '.github/workflows/docker.yml'
    schedule:
      - cron: '0 0 * * *'

    # Allows you to run this workflow manually from the Actions tab
    workflow_dispatch:

permissions:
  contents: read

concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
  cancel-in-progress: true

jobs:
  docker_builds:
    if: ${{ ! ((github.repository_owner != 'OSGeo') && (github.event_name == 'schedule')) }}
    strategy:
      fail-fast: false
      matrix:
        platform: ["arm64", "amd64"]
        base: ["alpine-small", "alpine-normal", "ubuntu-small", "ubuntu-full"]
    name: ${{ matrix.base }}-${{ matrix.platform }}
    runs-on: ${{ matrix.platform == 'amd64' && 'ubuntu-latest' || 'ubuntu-24.04-arm' }}
    permissions:
      contents: read
      attestations: write
      packages: write
      id-token: write
    steps:
      - name: Set PUSH_PACKAGES due to schedule
        if: github.event_name == 'schedule' || github.event_name ==  'workflow_dispatch'
        run: |
          echo "PUSH_PACKAGES=true" >> $GITHUB_ENV
      - name: Checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Set up Docker
        uses: docker/setup-docker-action@b2189fbf2a6592b51fee7cdd93ee2bfaeba733db # v5.1.0
        with:
          daemon-config: |
            {
              "debug": false,
              "features": {
                "containerd-snapshotter": true
              }
            }
      - name: Login to GitHub Container Registry
        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract container metadata
        id: meta
        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
        with:
          images: |
            ghcr.io/osgeo/gdal
          tags: |
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
        env:
          DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
      - name: Build
        shell: bash -l {0}
        run: |
          set -e
          cd docker/${{ matrix.base }}
          if test "${PUSH_PACKAGES}" == "true"; then
            ./build.sh --platform linux/${{ matrix.platform }} --with-multi-arch --gdal local --push
          else
            ./build.sh --platform linux/${{ matrix.platform }} --with-multi-arch --gdal local
          fi
          docker run --rm ghcr.io/osgeo/gdal:${{ matrix.base }}-latest-${{ matrix.platform }} gdalinfo --formats
          docker run --rm ghcr.io/osgeo/gdal:${{ matrix.base }}-latest-${{ matrix.platform }} ogrinfo --formats
  create-manifest:
    permissions:
      contents: read
      packages: write
      attestations: write
      id-token: write
    runs-on: ubuntu-latest
    needs: docker_builds
    strategy:
      fail-fast: false
      matrix:
        tag: ["ubuntu-full", "ubuntu-small", "alpine-small", "alpine-normal"]
    steps:
      - name: Set PUSH_PACKAGES due to schedule
        if: github.event_name == 'schedule' || github.event_name ==  'workflow_dispatch'
        run: |
          echo "PUSH_PACKAGES=true" >> $GITHUB_ENV
      - name: Login to GitHub Container Registry
        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
        if: env.PUSH_PACKAGES == 'true'
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Create and push multi-platform manifest
        if: env.PUSH_PACKAGES == 'true'
        run: |
          docker buildx imagetools create \
          -t ghcr.io/osgeo/gdal:${{ matrix.tag }}-latest \
          ghcr.io/osgeo/gdal:${{ matrix.tag }}-latest-amd64 \
          ghcr.io/osgeo/gdal:${{ matrix.tag }}-latest-arm64
      - name: Alias ubuntu-full-latest to latest
        if: matrix.tag == 'ubuntu-full' && env.PUSH_PACKAGES == 'true'
        run: |
          docker buildx imagetools create ghcr.io/osgeo/gdal:ubuntu-full-latest --tag ghcr.io/osgeo/gdal:latest


  docker_proprietary_sdk:
    if: ${{ ! ((github.repository_owner != 'OSGeo') && (github.event_name == 'schedule')) }}
    runs-on: ubuntu-latest
    name: proprietary-sdks
    env:
      PUSH_PACKAGES: false
    steps:
      - name: Checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - name: Set up Docker
        uses: docker/setup-docker-action@b2189fbf2a6592b51fee7cdd93ee2bfaeba733db # v5.1.0
        with:
          daemon-config: |
            {
              "debug": false,
              "features": {
                "containerd-snapshotter": true
              }
            }
      - name: build
        shell: bash -l {0}
        run: |
          set -e
          cd docker/ubuntu-full
          ./build.sh --gdal local --platform linux/amd64 --with-multi-arch --with-oracle --with-mrsid --with-ecw
          docker run --rm ghcr.io/osgeo/gdal:ubuntu-full-latest-amd64 gdalinfo --formats
          docker run --rm ghcr.io/osgeo/gdal:ubuntu-full-latest-amd64 ogrinfo --formats