Skip to content
Publish snapshot Docker images

chore: forward-port release-1.3 #1

Sign in to view logs

chore: forward-port release-1.3

chore: forward-port release-1.3 #1

Workflow file for this run

.github/workflows/publish-snapshot-to-dockerhub-workflow.yaml at d83bd92
# GitHub recommends pinning actions to a commit SHA.
# To get a newer version, you will need to update the SHA.
# You can also reference a tag or branch, but the action may change without warning.
name: Publish snapshot Docker images
on:
workflow_dispatch:
push:
paths:
- "apps/**"
- ".github/workflows/publish-snapshot-to-dockerhub-workflow.yaml"
- "Dockerfile"
branches:
- "master"
- "release-*"
jobs:
astarte_appengine_api:
uses: ./.github/workflows/astarte-apps-build-workflow.yaml
with:
app: "astarte_appengine_api"
secrets: inherit
astarte_data_updater_plant:
uses: ./.github/workflows/astarte-apps-build-workflow.yaml
with:
app: "astarte_data_updater_plant"
secrets: inherit
astarte_housekeeping:
uses: ./.github/workflows/astarte-apps-build-workflow.yaml
with:
app: "astarte_housekeeping"
secrets: inherit
astarte_pairing:
uses: ./.github/workflows/astarte-apps-build-workflow.yaml
with:
app: "astarte_pairing"
secrets: inherit
astarte_realm_management:
uses: ./.github/workflows/astarte-apps-build-workflow.yaml
with:
app: "astarte_realm_management"
secrets: inherit
astarte_trigger_engine:
uses: ./.github/workflows/astarte-apps-build-workflow.yaml
with:
app: "astarte_trigger_engine"
secrets: inherit
e2e_tests:
uses: ./.github/workflows/astarte-end-to-end-test-workflow.yaml
build_snapshot:
name: Push Docker images to Docker Hub
runs-on: ${{ matrix.platform.os }}
permissions:
packages: write
contents: read
attestations: write
id-token: write
needs:
- astarte_appengine_api
- astarte_data_updater_plant
- astarte_housekeeping
- astarte_pairing
- astarte_realm_management
- astarte_trigger_engine
- e2e_tests
strategy:
fail-fast: true
matrix:
platform:
- os: ubuntu-22.04
platform: linux/amd64
platform-pair: linux-amd64
- os: ubuntu-22.04-arm
platform: linux/arm64
platform-pair: linux-arm64
app:
- astarte_appengine_api
- astarte_data_updater_plant
- astarte_housekeeping
- astarte_pairing
- astarte_realm_management
- astarte_trigger_engine
steps:
- name: Check out the repo
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
- name: Log in to Docker Hub
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build branch slug env variable (job-scoped)
run: |
# Slugify branch/tag name for Docker tag safety and consistency
echo "BRANCH_SLUG=$(echo "${GITHUB_REF_NAME}" | sha1sum | cut -f 1 -d ' ')" >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
- name: Build Docker image
id: build
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
with:
context: .
build-args: SERVICE=${{ matrix.app }}
push: true
tags: astarte/${{ matrix.app }}
platforms: ${{ matrix.platform.platform }}
cache-from: type=gha,scope=${{ matrix.app.name }}-${{ env.BRANCH_SLUG }}
cache-to: type=gha,mode=max,scope=${{ matrix.app.name }}-${{ env.BRANCH_SLUG }}
outputs: type=image,push-by-digest=true,name-canonical=true,push=true
- name: Export digest
run: |
mkdir -p ${{ runner.temp }}/digests/
digest="${{ steps.build.outputs.digest }}"
touch "${{ runner.temp }}/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: ${{ matrix.app }}-digests-${{ matrix.platform.platform-pair }}
path: ${{ runner.temp }}/digests/*
if-no-files-found: error
retention-days: 1
merge_snapshots:
name: Publish snapshot
runs-on: ubuntu-22.04
needs:
- build_snapshot
strategy:
fail-fast: true
matrix:
app:
- astarte_appengine_api
- astarte_data_updater_plant
- astarte_housekeeping
- astarte_pairing
- astarte_realm_management
- astarte_trigger_engine
steps:
- name: Download digests
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
with:
path: ${{ runner.temp }}/digests/
pattern: ${{ matrix.app }}-digests-*
merge-multiple: true
- name: Get current datetime
id: datetime
run: |
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
- name: Login to Docker Hub
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Compute tag name for snapshot images
id: compute-tag
run: |
export TAG="$(echo ${{ github.ref }} | sed 's,refs/heads/,,' | sed 's/master/snapshot/g' | sed 's/release-\(.*\)/\1-snapshot/g' )"
echo "TAG=$TAG" >> "$GITHUB_OUTPUT"
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
with:
images: |
astarte/${{ matrix.app }}
tags: |
# TODO we probably want something smarter, but the 'pattern' type runs only on tags at the moment
type=raw,value=${{ steps.compute-tag.outputs.TAG }}
labels: |
org.opencontainers.image.created=${{ steps.datetime.outputs.BUILD_DATE }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}
- name: Create manifest list and push
working-directory: ${{ runner.temp }}/digests/
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf 'astarte/${{ matrix.app }}@sha256:%s ' *)