1
1
name : _buildpacks-release
2
-
3
2
on :
4
3
workflow_call :
5
4
inputs :
45
44
docker_hub_token :
46
45
required : true
47
46
description : The token to login to Docker Hub with
48
-
49
47
defaults :
50
48
run :
51
49
# Setting an explicit bash shell ensures GitHub Actions enables pipefail mode too,
52
50
# rather than only error on exit (improving failure UX when pipes are used). See:
53
51
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell
54
52
shell : bash
55
-
56
53
env :
57
54
CARGO_TERM_COLOR : always
58
55
PACKAGE_DIR : ./packaged
59
-
60
56
jobs :
61
57
compile :
62
58
name : Compile Buildpacks
@@ -70,20 +66,16 @@ jobs:
70
66
uses : actions/checkout@v4
71
67
with :
72
68
submodules : true
73
-
74
69
- name : Install Languages CLI
75
- uses : heroku/languages-github-actions/.github/actions/install-languages-cli@main
70
+ uses : heroku/languages-github-actions/.github/actions/install-languages-cli@v0.8.7
76
71
with :
77
72
branch : ${{ inputs.languages_cli_branch }}
78
73
update_rust_toolchain : false
79
-
80
74
- name : Generate buildpack matrix
81
75
id : generate-buildpack-matrix
82
76
run : actions generate-buildpack-matrix --temporary-id "${{ github.run_id }}" --package-dir "${{ env.PACKAGE_DIR }}"
83
-
84
77
- name : Update Rust toolchain
85
78
run : rustup update
86
-
87
79
- name : Install cross-compile tooling
88
80
env :
89
81
RUST_TRIPLES : ${{ steps.generate-buildpack-matrix.outputs.rust_triples }}
96
88
fi
97
89
rustup target add "$triple"
98
90
done
99
-
100
91
- name : Rust cache
101
92
102
-
103
93
# the version of `libcnb-cargo` installed here is kept in sync with the version of `libcnb-package`
104
94
# that the release automation CLI tooling depends on
105
95
- name : Install libcnb-cargo
@@ -110,7 +100,6 @@ jobs:
110
100
| yq -ptoml -oyaml '.package[] | select(.name == "libcnb-package") | .version' \
111
101
)
112
102
cargo install --locked "libcnb-cargo@${LIBCNB_PACKAGE_VERSION}"
113
-
114
103
- name : Package buildpacks
115
104
id : libcnb-package
116
105
env :
@@ -134,17 +123,14 @@ jobs:
134
123
cargo libcnb package --release --package-dir "${package_dir}" --target "${triple}"
135
124
done
136
125
done
137
-
138
126
- name : Generate changelog
139
127
id : generate-changelog
140
128
run : actions generate-changelog --version ${{ steps.generate-buildpack-matrix.outputs.version }}
141
-
142
129
- name : Cache buildpacks
143
130
uses : actions/cache/save@v4
144
131
with :
145
132
key : ${{ github.run_id }}-compiled-buildpacks
146
133
path : ${{ env.PACKAGE_DIR }}
147
-
148
134
publish-docker :
149
135
name : Publish → Docker - ${{ matrix.buildpack_id }}
150
136
needs : [compile]
@@ -163,7 +149,6 @@ jobs:
163
149
uses : actions/checkout@v4
164
150
with :
165
151
submodules : true
166
-
167
152
- name : Restore buildpacks
168
153
uses : actions/cache/restore@v4
169
154
with :
@@ -172,24 +157,19 @@ jobs:
172
157
path : ${{ env.PACKAGE_DIR }}
173
158
env :
174
159
SEGMENT_DOWNLOAD_TIMEOUT_MINS : 1
175
-
176
160
- name : Install Pack CLI
177
161
uses :
buildpacks/github-actions/[email protected]
178
-
179
162
- name : Install Crane
180
163
uses :
buildpacks/github-actions/[email protected]
181
-
182
164
- name : Login to Docker Hub
183
165
184
166
with :
185
167
registry : docker.io
186
168
username : ${{ secrets.docker_hub_user }}
187
169
password : ${{ secrets.docker_hub_token }}
188
-
189
170
- name : Check if version is already on Docker Hub
190
171
id : check
191
172
run : echo "published_to_docker=$(docker manifest inspect "${{ matrix.stable_tag }}" &> /dev/null && echo 'true' || echo 'false')" >> $GITHUB_OUTPUT
192
-
193
173
- name : Publish to temporary tags
194
174
if : steps.check.outputs.published_to_docker == 'false'
195
175
env :
@@ -225,7 +205,6 @@ jobs:
225
205
digest=$(crane digest "${{ matrix.temporary_tag }}")
226
206
echo -e "- \`${{ matrix.temporary_tag }}\`\n - \`${digest}\`" >> $GITHUB_STEP_SUMMARY
227
207
fi
228
-
229
208
- name : Promote temporary tags to stable tags
230
209
if : inputs.dry_run == false && steps.check.outputs.published_to_docker == 'false'
231
210
env :
@@ -242,7 +221,6 @@ jobs:
242
221
# promote primary image manifest or manifest list to permanent tag
243
222
crane copy "${{ matrix.temporary_tag }}" "${{ matrix.stable_tag }}"
244
223
echo "- \`${{ matrix.stable_tag }}\`" >> $GITHUB_STEP_SUMMARY
245
-
246
224
- name : Unpublish temp tags from this run
247
225
if : always()
248
226
env :
@@ -272,7 +250,6 @@ jobs:
272
250
fi
273
251
done
274
252
exit $status
275
-
276
253
publish-github :
277
254
name : Publish → GitHub Release
278
255
needs : [compile]
@@ -288,7 +265,6 @@ jobs:
288
265
uses : actions/checkout@v4
289
266
with :
290
267
submodules : true
291
-
292
268
- name : Restore buildpacks
293
269
uses : actions/cache/restore@v4
294
270
with :
@@ -297,10 +273,8 @@ jobs:
297
273
path : ${{ env.PACKAGE_DIR }}
298
274
env :
299
275
SEGMENT_DOWNLOAD_TIMEOUT_MINS : 1
300
-
301
276
- name : Install Pack CLI
302
277
uses :
buildpacks/github-actions/[email protected]
303
-
304
278
- name : Generate CNB files
305
279
run : |
306
280
for buildpack in $(jq --exit-status -c '.[]' <<< '${{ needs.compile.outputs.buildpacks }}'); do
@@ -311,20 +285,17 @@ jobs:
311
285
pack buildpack package "$cnb_file" --target "${oci_target}" --config "${output_dir}/package.toml" --format file --verbose
312
286
done
313
287
done
314
-
315
288
- name : Get token for GitHub application (Linguist)
316
289
uses : actions/create-github-app-token@v1
317
290
id : generate-token
318
291
with :
319
292
app-id : ${{ inputs.app_id }}
320
293
private-key : ${{ secrets.app_private_key }}
321
-
322
294
- name : Check if release exists
323
295
id : check
324
296
env :
325
297
GH_TOKEN : ${{ steps.generate-token.outputs.token }}
326
298
run : echo "published_to_github=$(gh release view v${{ needs.compile.outputs.version }} -R ${{ github.repository }} &> /dev/null && echo "true" || echo "false")" >> $GITHUB_OUTPUT
327
-
328
299
- name : Create GitHub Release
329
300
if : inputs.dry_run == false && steps.check.outputs.published_to_github == 'false'
330
301
@@ -334,7 +305,6 @@ jobs:
334
305
body : ${{ needs.compile.outputs.changelog }}
335
306
files : " *.cnb"
336
307
fail_on_unmatched_files : true
337
-
338
308
publish-cnb-registry :
339
309
name : Publish → CNB Registry - ${{ matrix.buildpack_id }}
340
310
needs : [compile, publish-docker]
@@ -346,7 +316,6 @@ jobs:
346
316
steps :
347
317
- name : Install crane
348
318
uses :
buildpacks/github-actions/[email protected]
349
-
350
319
- name : Check if version is already in the registry
351
320
id : check
352
321
run : |
@@ -356,11 +325,9 @@ jobs:
356
325
else
357
326
echo "published_to_cnb_registry=false" >> $GITHUB_OUTPUT
358
327
fi
359
-
360
328
- name : Calculate the buildpack image digest
361
329
id : digest
362
330
run : echo "value=$(crane digest ${{ matrix.stable_tag }})" >> "$GITHUB_OUTPUT"
363
-
364
331
- name : Register the new version with the CNB Buildpack Registry
365
332
if : inputs.dry_run == false && steps.check.outputs.published_to_cnb_registry == 'false'
366
333
uses : docker://ghcr.io/buildpacks/actions/registry/request-add-entry:5.7.4
@@ -369,7 +336,6 @@ jobs:
369
336
id : ${{ matrix.buildpack_id }}
370
337
version : ${{ matrix.buildpack_version }}
371
338
address : ${{ matrix.image_repository }}@${{ steps.digest.outputs.value }}
372
-
373
339
update-builder :
374
340
name : Update Builder
375
341
needs : [compile, publish-docker, publish-cnb-registry, publish-github]
@@ -383,12 +349,10 @@ jobs:
383
349
private-key : ${{ secrets.app_private_key }}
384
350
owner : heroku
385
351
repositories : cnb-builder-images
386
-
387
352
- name : Checkout
388
353
uses : actions/checkout@v4
389
354
with :
390
355
path : ./buildpacks
391
-
392
356
- name : Checkout cnb-builder-images repository
393
357
uses : actions/checkout@v4
394
358
with :
@@ -397,22 +361,18 @@ jobs:
397
361
# Using the GH application token here will configure the local git config for this repo with credentials
398
362
# that can be used to make signed commits that are attributed to the GH application user
399
363
token : ${{ steps.generate-token.outputs.token }}
400
-
401
364
- name : Install crane
402
365
uses :
buildpacks/github-actions/[email protected]
403
-
404
366
- name : Install Languages CLI
405
- uses : heroku/languages-github-actions/.github/actions/install-languages-cli@main
367
+ uses : heroku/languages-github-actions/.github/actions/install-languages-cli@v0.8.7
406
368
with :
407
369
branch : ${{ inputs.languages_cli_branch }}
408
-
409
370
- name : Update Builder
410
371
# The dry run check is performed here because the update process requires a published
411
372
# image to exist in order to calculate a digest with `crane`. Adding the check here
412
373
# means no files will be modified and so no PR will be created later.
413
374
if : inputs.dry_run == false
414
375
run : actions update-builder --repository-path ./buildpacks --builder-repository-path ./cnb-builder-images --builders builder-20,builder-22,builder-24,salesforce-functions
415
-
416
376
- name : Create Pull Request
417
377
id : pr
418
378
uses :
peter-evans/[email protected]
@@ -430,7 +390,6 @@ jobs:
430
390
# This will ensure commits made from this workflow are attributed to the GH application user
431
391
committer : ${{ inputs.app_username }} <${{ inputs.app_email }}>
432
392
author : ${{ inputs.app_username }} <${{ inputs.app_email }}>
433
-
434
393
- name : Configure PR
435
394
if : steps.pr.outputs.pull-request-operation == 'created'
436
395
run : gh pr merge --auto --squash --repo heroku/cnb-builder-images "${{ steps.pr.outputs.pull-request-number }}"
0 commit comments