Merge pull request #1287 from TarasLykhenko/patch-1 #252
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Publish Images | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: read # for actions/checkout to fetch code | |
| env: | |
| CONTROLLER: ${{ github.event.repository.name }} | |
| LIBCRYPTO_VERSION: "3.1.4-r5" | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write # needed for keyless signing | |
| packages: write # needed for ghcr access | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 | |
| - name: Setup Go | |
| uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 | |
| with: | |
| go-version: 1.20.x | |
| - name: Setup Terraform | |
| run: | | |
| export TF_VERSION=1.3.9 | |
| wget https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip | |
| unzip -q terraform_${TF_VERSION}_linux_amd64.zip | |
| mv terraform $(which terraform) | |
| terraform --version | |
| - name: Set up yq | |
| uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f # v1.0.2 | |
| with: | |
| version: 4.14.1 | |
| - name: Setup Kustomize | |
| uses: fluxcd/pkg/actions/kustomize@6c0b4426ba7809a9406c1a4e07aa4be4984ea72f # main | |
| - name: Get branch names | |
| id: branch-name | |
| uses: tj-actions/branch-names@033f2358d95522973eee35810e35a86fae4a71d8 # v7.0.5 | |
| - name: Prepare | |
| id: prep | |
| run: | | |
| BRANCH=$(sed 's/\//-/g' <<< ${{ steps.branch-name.outputs.current_branch }}) | |
| BUILD_SHA=$(git rev-parse --short HEAD) | |
| VERSION="${BRANCH}-${GITHUB_SHA::8}" | |
| BUILD_VERSION=${BRANCH} | |
| if [[ $GITHUB_REF == refs/tags/* ]]; then | |
| VERSION=${GITHUB_REF/refs\/tags\//} | |
| BUILD_VERSION=${VERSION} | |
| fi | |
| echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "$GITHUB_OUTPUT" | |
| echo "VERSION=${VERSION}" >> "$GITHUB_OUTPUT" | |
| echo "BUILD_VERSION=${BUILD_VERSION}" >> "$GITHUB_OUTPUT" | |
| echo "BUILD_SHA=${BUILD_SHA}" >> "$GITHUB_OUTPUT" | |
| - name: Setup QEMU | |
| uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 | |
| with: | |
| platforms: all | |
| - name: Setup Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 | |
| with: | |
| buildkitd-flags: "--debug" | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish multi-arch tf-controller container image | |
| uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 | |
| with: | |
| push: true | |
| builder: ${{ steps.buildx.outputs.name }} | |
| context: . | |
| file: ./Dockerfile | |
| build-args: | | |
| LIBCRYPTO_VERSION=${{ env.LIBCRYPTO_VERSION }} | |
| platforms: linux/amd64,linux/arm64 #,linux/arm/v7 | |
| tags: | | |
| ghcr.io/flux-iac/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} | |
| labels: | | |
| org.opencontainers.image.title=${{ github.event.repository.name }} | |
| org.opencontainers.image.description=${{ github.event.repository.description }} | |
| org.opencontainers.image.url=${{ github.event.repository.html_url }} | |
| org.opencontainers.image.revision=${{ github.sha }} | |
| org.opencontainers.image.version=${{ steps.prep.outputs.VERSION }} | |
| org.opencontainers.image.created=${{ steps.prep.outputs.BUILD_DATE }} | |
| - name: Build multi-arch tf-runner base image | |
| uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 | |
| with: | |
| push: true | |
| builder: ${{ steps.buildx.outputs.name }} | |
| context: . | |
| file: ./runner-base.Dockerfile | |
| build-args: | | |
| LIBCRYPTO_VERSION=${{ env.LIBCRYPTO_VERSION }} | |
| BUILD_VERSION=${{ steps.prep.outputs.BUILD_VERSION }} | |
| BUILD_SHA=${{ steps.prep.outputs.BUILD_SHA }} | |
| platforms: linux/amd64,linux/arm64 #,linux/arm/v7 | |
| tags: | | |
| ghcr.io/flux-iac/tf-runner:${{ steps.prep.outputs.VERSION }}-base | |
| labels: | | |
| org.opencontainers.image.title=${{ github.event.repository.name }} | |
| org.opencontainers.image.description=${{ github.event.repository.description }} | |
| org.opencontainers.image.url=${{ github.event.repository.html_url }} | |
| org.opencontainers.image.revision=${{ github.sha }} | |
| org.opencontainers.image.version=${{ steps.prep.outputs.VERSION }} | |
| org.opencontainers.image.created=${{ steps.prep.outputs.BUILD_DATE }} | |
| - name: Publish multi-arch tf-runner container image | |
| uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 | |
| with: | |
| push: true | |
| builder: ${{ steps.buildx.outputs.name }} | |
| context: . | |
| file: ./runner.Dockerfile | |
| platforms: linux/amd64,linux/arm64 #,linux/arm/v7 | |
| build-args: | | |
| BASE_IMAGE=ghcr.io/flux-iac/tf-runner:${{ steps.prep.outputs.VERSION }}-base | |
| tags: | | |
| ghcr.io/flux-iac/tf-runner:${{ steps.prep.outputs.VERSION }} | |
| labels: | | |
| org.opencontainers.image.title=${{ github.event.repository.name }} | |
| org.opencontainers.image.description=${{ github.event.repository.description }} | |
| org.opencontainers.image.url=${{ github.event.repository.html_url }} | |
| org.opencontainers.image.revision=${{ github.sha }} | |
| org.opencontainers.image.version=${{ steps.prep.outputs.VERSION }} | |
| org.opencontainers.image.created=${{ steps.prep.outputs.BUILD_DATE }} | |
| - name: Publish multi-arch branch-planner container image | |
| uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 | |
| with: | |
| push: true | |
| builder: ${{ steps.buildx.outputs.name }} | |
| context: . | |
| file: ./planner.Dockerfile | |
| platforms: linux/amd64,linux/arm64 #,linux/arm/v7 | |
| build-args: | | |
| LIBCRYPTO_VERSION=${{ env.LIBCRYPTO_VERSION }} | |
| tags: | | |
| ghcr.io/flux-iac/branch-planner:${{ steps.prep.outputs.VERSION }} | |
| labels: | | |
| org.opencontainers.image.title=${{ github.event.repository.name }} | |
| org.opencontainers.image.description=${{ github.event.repository.description }} | |
| org.opencontainers.image.url=${{ github.event.repository.html_url }} | |
| org.opencontainers.image.revision=${{ github.sha }} | |
| org.opencontainers.image.version=${{ steps.prep.outputs.VERSION }} | |
| org.opencontainers.image.created=${{ steps.prep.outputs.BUILD_DATE }} |