feat: add OCI plugin #489
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: | |
- 'main' | |
- '[0-9]+.[1-9][0-9]*.x' | |
pull_request: | |
branches: | |
- 'main' | |
- '[0-9]+.[1-9][0-9]*.x' | |
paths-ignore: | |
- "**.md" | |
workflow_dispatch: | |
env: | |
GO_VERSION: "~1.20" | |
IMAGE_NAME: "validator" | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
prepare_ci_run: | |
name: Prepare CI Run | |
runs-on: ubuntu-22.04 | |
outputs: | |
GIT_SHA: ${{ steps.extract_branch.outputs.GIT_SHA }} | |
BRANCH: ${{ steps.extract_branch.outputs.BRANCH }} | |
BRANCH_SLUG: ${{ steps.extract_branch.outputs.BRANCH_SLUG }} | |
DATETIME: ${{ steps.get_datetime.outputs.DATETIME }} | |
BUILD_TIME: ${{ steps.get_datetime.outputs.BUILD_TIME }} | |
NON_FORKED_AND_NON_ROBOT_RUN: ${{ steps.get_run_type.outputs.NON_FORKED_AND_NON_ROBOT_RUN }} | |
steps: | |
- name: Check out code | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 | |
- name: Extract branch name | |
id: extract_branch | |
uses: keptn/gh-action-extract-branch-name@main | |
- name: Get current date and time | |
id: get_datetime | |
run: | | |
DATETIME=$(date +'%Y%m%d%H%M') | |
BUILD_TIME=$(date -u "+%F_%T") | |
echo "DATETIME=$DATETIME" >> "$GITHUB_OUTPUT" | |
echo "BUILD_TIME=$BUILD_TIME" >> "$GITHUB_OUTPUT" | |
- name: Get workflow run type | |
id: get_run_type | |
run: | | |
NON_FORKED_AND_NON_ROBOT_RUN=${{ ( github.actor != 'renovate[bot]' && github.actor != 'dependabot[bot]' ) && ( github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository ) }} | |
echo "github.actor != 'renovate[bot]' = ${{ github.actor != 'renovate[bot]' }}" | |
echo "github.actor != 'dependabot[bot]' = ${{ github.actor != 'dependabot[bot]' }}" | |
echo "github.event_name == 'push' = ${{ github.event_name == 'push' }}" | |
echo "github.event.pull_request.head.repo.full_name == github.repository = ${{ github.event.pull_request.head.repo.full_name == github.repository }}" | |
echo "NON_FORKED_AND_NON_ROBOT_RUN = $NON_FORKED_AND_NON_ROBOT_RUN" | |
echo "NON_FORKED_AND_NON_ROBOT_RUN=$NON_FORKED_AND_NON_ROBOT_RUN" >> "$GITHUB_OUTPUT" | |
build_image: | |
name: Build Container Image | |
needs: prepare_ci_run | |
runs-on: ubuntu-22.04 | |
env: | |
BRANCH: ${{ needs.prepare_ci_run.outputs.BRANCH }} | |
DATETIME: ${{ needs.prepare_ci_run.outputs.DATETIME }} | |
BUILD_TIME: ${{ needs.prepare_ci_run.outputs.BUILD_TIME }} | |
GIT_SHA: ${{ needs.prepare_ci_run.outputs.GIT_SHA }} | |
RELEASE_REGISTRY: "localhost:5000/validator" | |
steps: | |
- name: Check out code | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3 | |
- name: Build Docker Image | |
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5 | |
with: | |
context: . | |
platforms: linux/amd64 | |
file: ./Dockerfile | |
target: production | |
tags: | | |
${{ env.RELEASE_REGISTRY }}/${{ env.IMAGE_NAME }}:dev-${{ env.DATETIME }} | |
build-args: | | |
GIT_HASH=${{ env.GIT_SHA }} | |
RELEASE_VERSION=dev-${{ env.DATETIME }} | |
BUILD_TIME=${{ env.BUILD_TIME }} | |
builder: ${{ steps.buildx.outputs.name }} | |
push: false | |
cache-from: type=gha,scope=${{ github.ref_name }}-${{ env.IMAGE_NAME }} | |
cache-to: type=gha,scope=${{ github.ref_name }}-${{ env.IMAGE_NAME }} | |
outputs: type=docker,dest=/tmp/${{ env.IMAGE_NAME }}-image.tar | |
- name: Upload image as artifact | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3 | |
with: | |
name: ${{ env.IMAGE_NAME }}-image.tar | |
path: /tmp/${{ env.IMAGE_NAME }}-image.tar | |
upload_images: | |
name: Upload images to quay registry | |
needs: [ prepare_ci_run, build_image ] | |
if: github.event_name == 'push' && needs.prepare_ci_run.outputs.NON_FORKED_AND_NON_ROBOT_RUN == 'true' # only run on push to main/maintenance branches | |
runs-on: ubuntu-22.04 | |
env: | |
DATETIME: ${{ needs.prepare_ci_run.outputs.DATETIME }} | |
BUILD_TIME: ${{ needs.prepare_ci_run.outputs.BUILD_TIME }} | |
GIT_SHA: ${{ needs.prepare_ci_run.outputs.GIT_SHA }} | |
permissions: | |
packages: write # Needed for pushing images to the registry | |
contents: read # Needed for checking out the repository | |
steps: | |
- name: Check out code | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 | |
with: | |
registry: "quay.io" | |
username: tgillson | |
password: ${{ secrets.QUAY_TOKEN }} | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3 | |
- name: Build Docker Image | |
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5 | |
with: | |
context: . | |
file: ./Dockerfile | |
platforms: linux/amd64,linux/arm64 | |
target: production | |
tags: | | |
quay.io/spectrocloud-labs/${{ env.IMAGE_NAME }}:dev-${{ env.DATETIME }} | |
build-args: | | |
GIT_HASH=${{ env.GIT_SHA }} | |
RELEASE_VERSION=dev-${{ env.DATETIME }} | |
BUILD_TIME=${{ env.BUILD_TIME }} | |
builder: ${{ steps.buildx.outputs.name }} | |
push: true | |
cache-from: type=gha,scope=${{ github.ref_name }}-${{ env.IMAGE_NAME }} | |
cache-to: type=gha,scope=${{ github.ref_name }}-${{ env.IMAGE_NAME }} |