Skip to content
Release

really build windows #97

Sign in to view logs

really build windows

really build windows #97

Workflow file for this run

.github/workflows/release.yaml at 9e7b4e8
name: Release
on:
push:
tags:
- v*
branches:
- master
- dev-*
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
defaults:
run:
shell: bash
permissions:
contents: read
jobs:
build-linux:
name: Build & push linux
if: github.repository == 'pipekit/argo-workflows'
runs-on: ubuntu-latest
strategy:
matrix:
platform: [ linux/amd64, linux/arm64 ]
target: [ workflow-controller, argocli, argoexec ]
steps:
- uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: v0.10.4
- name: Cache Docker layers
uses: actions/cache@v3
id: cache
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-${{ matrix.platform }}-${{ matrix.target }}-buildx-${{ github.sha }}-wibble
restore-keys: |
${{ runner.os }}-${{ matrix.platform }}-${{ matrix.target }}-buildx-wibble-
- name: Docker Login
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERIO_USERNAME }}
password: ${{ secrets.DOCKERIO_PASSWORD }}
- name: Docker Login
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAYIO_USERNAME }}
password: ${{ secrets.QUAYIO_PASSWORD }}
- name: Docker Buildx
env:
DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
PLATFORM: ${{ matrix.platform }}
TARGET: ${{ matrix.target }}
run: |
tag=$(basename $GITHUB_REF)
if [ $tag = "master" ]; then
tag="latest"
fi
tag_suffix=$(echo $PLATFORM | sed -r "s/\//-/g")
image_name="${DOCKERIO_ORG}/${TARGET}:${tag}-${tag_suffix}"
docker buildx build \
--cache-from "type=local,src=/tmp/.buildx-cache" \
--cache-to "type=local,dest=/tmp/.buildx-cache" \
--output "type=image,push=true" \
--platform="${PLATFORM}" \
--target $TARGET \
--provenance=false \
--tag $image_name \
--tag quay.io/$image_name .
build-windows:
name: Build & push windows
if: github.repository == 'pipekit/argo-workflows'
runs-on: windows-2022
steps:
- uses: actions/checkout@v3
- name: Cache Docker layers
uses: actions/cache@v3
id: cache
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-windows-2022-argoexec-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-windows-2022-argoexec-buildx-
- name: Docker Login
uses: Azure/docker-login@v1
with:
username: ${{ secrets.DOCKERIO_USERNAME }}
password: ${{ secrets.DOCKERIO_PASSWORD }}
- name: Login to Quay
uses: Azure/docker-login@v1
with:
login-server: quay.io
username: ${{ secrets.QUAYIO_USERNAME }}
password: ${{ secrets.QUAYIO_PASSWORD }}
- name: Build & Push Windows Docker Images
env:
DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
run: |
docker_org=$DOCKERIO_ORG
tag=$(basename $GITHUB_REF)
if [ $tag = "master" ]; then
tag="latest"
fi
targets="argoexec"
for target in $targets; do
image_name="${docker_org}/${target}:${tag}-windows"
docker buildx build \
--cache-from "type=local,src=/tmp/.buildx-cache" \
--cache-to "type=local,dest=/tmp/.buildx-cache" \
--output "type=image,push=true" \
--target $TARGET \
--provenance=false \
--file Dockerfile.windows \
--tag $image_name \
--tag quay.io/$image_name .
done
push-images:
name: Push manifest with all images
if: github.repository == 'pipekit/argo-workflows'
runs-on: ubuntu-latest
# needs: [ build-linux-amd64, build-linux-arm64, build-windows ]
needs: [ build-linux ]
steps:
- uses: actions/checkout@v3
- name: Docker Login
uses: Azure/docker-login@v1
with:
username: ${{ secrets.DOCKERIO_USERNAME }}
password: ${{ secrets.DOCKERIO_PASSWORD }}
- name: Login to Quay
uses: Azure/docker-login@v1
with:
login-server: quay.io
username: ${{ secrets.QUAYIO_USERNAME }}
password: ${{ secrets.QUAYIO_PASSWORD }}
# - name: Install cosign
# uses: sigstore/cosign-installer@main
# with:
# cosign-release: 'v1.13.0'
- name: Push Multiarch Image
env:
DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
# COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
# COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
run: |
echo $(jq -c '. + { "experimental": "enabled" }' ${DOCKER_CONFIG}/config.json) > ${DOCKER_CONFIG}/config.json
docker_org=$DOCKERIO_ORG
tag=$(basename $GITHUB_REF)
if [ $tag = "master" ]; then
tag="latest"
fi
targets="workflow-controller argoexec argocli"
for target in $targets; do
image_name="${docker_org}/${target}:${tag}"
if [ $target = "argoexec" ]; then
# docker manifest create $image_name ${image_name}-linux-arm64 ${image_name}-linux-amd64 ${image_name}-windows
# docker manifest create quay.io/$image_name quay.io/${image_name}-linux-arm64 quay.io/${image_name}-linux-amd64 quay.io/${image_name}-windows
docker manifest create $image_name ${image_name}-linux-amd64 ${image_name}-linux-arm64
docker manifest create quay.io/$image_name quay.io/${image_name}-linux-amd64 quay.io/${image_name}-linux-arm64
else
docker manifest create $image_name ${image_name}-linux-arm64 ${image_name}-linux-amd64
docker manifest create quay.io/$image_name quay.io/${image_name}-linux-arm64 quay.io/${image_name}-linux-amd64
fi
docker manifest push $image_name
docker manifest push quay.io/$image_name
# cosign sign --key env://COSIGN_PRIVATE_KEY quay.io/$image_name
done
test-images-linux-amd64:
name: Try pulling linux/amd64
if: github.repository == 'pipekit/argo-workflows'
runs-on: ubuntu-latest
needs: [ push-images ]
strategy:
matrix:
platform: [ linux/amd64 ]
target: [ workflow-controller, argocli, argoexec ]
steps:
- name: Docker Login
uses: Azure/docker-login@v1
with:
username: ${{ secrets.DOCKERIO_USERNAME }}
password: ${{ secrets.DOCKERIO_PASSWORD }}
- name: Login to Quay
uses: Azure/docker-login@v1
with:
login-server: quay.io
username: ${{ secrets.QUAYIO_USERNAME }}
password: ${{ secrets.QUAYIO_PASSWORD }}
- name: Docker Buildx
env:
DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
PLATFORM: ${{ matrix.platform }}
TARGET: ${{ matrix.target }}
run: |
tag=$(basename $GITHUB_REF)
if [ $tag = "master" ]; then
tag="latest"
fi
image_name="${DOCKERIO_ORG}/${TARGET}:${tag}"
docker pull $image_name
docker pull quay.io/$image_name
# test-images-windows:
# name: Try pulling windows
# if: github.repository == 'pipekit/argo-workflows'
# runs-on: windows-2019
# needs: [ push-images ]
# steps:
# - name: Docker Login
# uses: Azure/docker-login@v1
# with:
# username: ${{ secrets.DOCKERIO_USERNAME }}
# password: ${{ secrets.DOCKERIO_PASSWORD }}
# - name: Login to Quay
# uses: Azure/docker-login@v1
# with:
# login-server: quay.io
# username: ${{ secrets.QUAYIO_USERNAME }}
# password: ${{ secrets.QUAYIO_PASSWORD }}
# - name: Try pulling
# env:
# DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
# run: |
# docker_org=$DOCKERIO_ORG
# tag=$(basename $GITHUB_REF)
# if [ $tag = "master" ]; then
# tag="latest"
# fi
# targets="argoexec"
# for target in $targets; do
# image_name="${docker_org}/${target}:${tag}"
# docker pull $image_name
# docker pull quay.io/$image_name
# done
publish-release:
permissions:
contents: write # for softprops/action-gh-release to create GitHub release
runs-on: ubuntu-latest
if: github.repository == 'pipekit/argo-workflows'
# needs: [ push-images, test-images-linux-amd64, test-images-windows ]
needs: [ push-images, test-images-linux-amd64 ]
env:
NODE_OPTIONS: --max-old-space-size=4096
# COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
# COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: "19"
- uses: actions/setup-go@v3
with:
go-version: "1.19"
- uses: actions/cache@v3
with:
path: ui/node_modules
key: ${{ runner.os }}-node-dep-v1-${{ hashFiles('**/yarn.lock') }}
- uses: actions/cache@v3
with:
path: /home/runner/.cache/go-build
key: GOCACHE-v2-${{ hashFiles('**/go.mod') }}
- uses: actions/cache@v3
with:
path: /home/runner/go/pkg/mod
key: GOMODCACHE-v2-${{ hashFiles('**/go.mod') }}
# - name: Install cosign
# uses: sigstore/cosign-installer@main
# with:
# cosign-release: 'v1.13.0'
# https://stackoverflow.com/questions/58033366/how-to-get-current-branch-within-github-actions
- run: |
if [ ${GITHUB_REF##*/} = master ]; then
echo "VERSION=latest" >> $GITHUB_ENV
else
echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV
fi
- run: go install sigs.k8s.io/bom/cmd/bom@v0.2.0
- run: go install github.com/spdx/spdx-sbom-generator/cmd/generator@v0.0.13
- run: mkdir -p dist
- run: generator -o dist -p .
- run: yarn --cwd ui install
- run: generator -o dist -p ui
- run: bom generate --image quay.io/pipekitdev/workflow-controller:$VERSION -o dist/workflow-controller.spdx
- run: bom generate --image quay.io/pipekitdev/argocli:$VERSION -o dist/argocli.spdx
- run: bom generate --image quay.io/pipekitdev/argoexec:$VERSION -o dist/argoexec.spdx
# pack the boms into one file to make it easy to download
- run: tar -zcf dist/sbom.tar.gz dist/*.spdx
- run: make release-notes VERSION=$VERSION
- run: cat release-notes
- run: make manifests VERSION=$VERSION
- name: Print image tag (please check it is not `:latest`)
run: |
grep image: dist/manifests/install.yaml
- run: go mod download
- run: make clis STATIC_FILES=true VERSION=$VERSION
- name: Print version (please check it is not dirty)
run: dist/argo-linux-amd64 version
- run: make checksums
# - name: Sign checksums and create public key for release assets
# run: |
# cosign sign-blob --key env://COSIGN_PRIVATE_KEY ./dist/argo-workflows-cli-checksums.txt > ./dist/argo-workflows-cli-checksums.sig
# # Retrieves the public key to release as an asset
# cosign public-key --key env://COSIGN_PRIVATE_KEY > ./dist/argo-workflows-cosign.pub
# https://github.com/softprops/action-gh-release
# This will publish the release and upload assets.
# If a conflict occurs (because you are not on a tag), the release will not be updated. This is a short coming
# of this action.
# Instead, delete the release so it is re-created.
- uses: softprops/action-gh-release@v1
if: startsWith(github.ref, 'refs/tags/v')
with:
prerelease: ${{ startsWith(github.ref, 'refs/tags/v0') || contains(github.ref, 'rc') }}
body_path: release-notes
files: |
dist/argo-*.gz
dist/argo-workflows-cli-checksums.txt
dist/argo-workflows-cli-checksums.sig
dist/manifests/*.yaml
# dist/argo-workflows-cosign.pub
dist/sbom.tar.gz
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}