Build Cloud Cluster image #1850
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Cloud Cluster image | |
| on: | |
| workflow_call: | |
| inputs: | |
| push_image: | |
| description: "Push image" | |
| required: false | |
| type: boolean | |
| default: false | |
| push_image_tag: | |
| description: "Push all-in-one image tag, default is latest" | |
| default: "latest" | |
| required: false | |
| type: string | |
| build_from: | |
| description: "Build all-in-one image from components image tag, default is latest" | |
| default: "latest" | |
| required: false | |
| type: string | |
| workflow_dispatch: | |
| inputs: | |
| push_image: | |
| description: "Push image" | |
| required: false | |
| type: boolean | |
| default: false | |
| push_image_tag: | |
| description: "Push all-in-one image tag, default is latest" | |
| default: "latest" | |
| required: false | |
| type: string | |
| build_from: | |
| description: "Build all-in-one image from components image tag, default is latest" | |
| default: "latest" | |
| required: false | |
| type: string | |
| push: | |
| branches: ["*"] | |
| paths: | |
| - "deploy/cloud/**" | |
| - ".github/workflows/cloud.yml" | |
| - "!**/*.md" | |
| - "!**/*.yaml" | |
| pull_request: | |
| branches: ["*"] | |
| paths: | |
| - "deploy/cloud/**" | |
| - ".github/workflows/cloud.yml" | |
| - "!**/*.md" | |
| - "!**/*.yaml" | |
| permissions: | |
| contents: read | |
| packages: write | |
| # Avoid using ${{ github.workflow }} - when called via workflow_call, it inherits the caller's name causing conflicts | |
| concurrency: | |
| group: cloud-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| env: | |
| # Common versions | |
| GO_VERSION: "1.25" | |
| DEFAULT_OWNER: "labring" | |
| ALIYUN_REGISTRY: ${{ secrets.ALIYUN_REGISTRY }} | |
| ALIYUN_REPO_PREFIX: ${{ secrets.ALIYUN_REPO_PREFIX && secrets.ALIYUN_REPO_PREFIX || secrets.ALIYUN_USERNAME && format('{0}/{1}', secrets.ALIYUN_REGISTRY, secrets.ALIYUN_USERNAME) || '' }} | |
| jobs: | |
| build-cluster-image: | |
| if: ${{ (github.event_name == 'release') ||(github.event_name == 'push') || (inputs.push_image == true) }} | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Free Disk Space (Ubuntu) | |
| uses: BRAINSia/free-disk-space@v2 | |
| with: | |
| # this might remove tools that are actually needed, | |
| # if set to "true" but frees about 6 GB | |
| tool-cache: true | |
| # all of these default to true, but feel free to set to | |
| # "false" if necessary for your workflow | |
| mandb: true | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: true | |
| docker-images: true | |
| swap-storage: true | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set image repo | |
| env: | |
| REPO_OWNER: ${{ github.repository_owner }} | |
| run: | | |
| echo "GHCR_REPO=ghcr.io/${REPO_OWNER}/sealos-cloud" >> $GITHUB_ENV | |
| if [[ -n "${{ env.ALIYUN_REPO_PREFIX }}" ]]; then | |
| echo "ALIYUN_REPO=${{ env.ALIYUN_REPO_PREFIX }}/sealos-cloud" >> $GITHUB_ENV | |
| fi | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ env.GHCR_REPO }} | |
| ${{ env.ALIYUN_REPO }} | |
| tags: | | |
| type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} | |
| type=raw,value=${{ inputs.push_image_tag }},enable=${{ inputs.push_image_tag != '' && inputs.push_image_tag != 'latest' }} | |
| type=ref,event=tag | |
| env: | |
| DOCKER_METADATA_SHORT_SHA_LENGTH: 9 | |
| - name: Install sealos | |
| run: | | |
| sudo bash ./.github/scripts/install.sh | |
| # todo: mutate image tag in images/shim and scripts or change scripts to use changeable tags | |
| - name: Sealos login to ghcr.io | |
| # if push to master, then login to ghcr.io | |
| env: | |
| REPOSITORY_OWNER: ${{ github.repository_owner }} | |
| GH_PAT: ${{ secrets.GHCR_TOKEN || secrets.GITHUB_TOKEN }} | |
| run: | | |
| sudo sealos login -u "${REPOSITORY_OWNER}" -p "${GH_PAT}" --debug ghcr.io | |
| - name: Sealos login to Aliyun Registry | |
| if: ${{ env.ALIYUN_REGISTRY }} | |
| env: | |
| ALIYUN_USERNAME: ${{ secrets.ALIYUN_USERNAME }} | |
| ALIYUN_PASSWORD: ${{ secrets.ALIYUN_PASSWORD }} | |
| run: | | |
| sudo sealos login -u "$ALIYUN_USERNAME" -p "$ALIYUN_PASSWORD" --debug ${{ env.ALIYUN_REGISTRY }} | |
| - name: Build sealos cloud cluster image | |
| working-directory: deploy/cloud | |
| env: | |
| BUILD_FROM: ${{ inputs.build_from }} | |
| REPOSITORY_OWNER: ${{ github.repository_owner }} | |
| GHCR_REPO: ${{ env.GHCR_REPO }} | |
| run: | | |
| [ -z "${BUILD_FROM}" ] && BuildFromTag="latest" || BuildFromTag="${BUILD_FROM}"; echo "BuildFromTag=${BuildFromTag}" | |
| sed -i "s#labring#${REPOSITORY_OWNER}#g" init.sh | |
| sed -i "s#latest#${BuildFromTag}#g" init.sh | |
| # Build cluster images for each tag (amd64) | |
| for TAG in $DOCKER_METADATA_OUTPUT_TAGS; do | |
| sudo rm -rf registry | |
| sudo rm -rf tars | |
| sudo bash init.sh amd64 | |
| echo "Building ${TAG}-amd64" | |
| sudo sealos build -t "${TAG}-amd64" --platform linux/amd64 -f Kubefile | |
| done | |
| # Build cluster images for each tag (arm64) | |
| for TAG in $DOCKER_METADATA_OUTPUT_TAGS; do | |
| sudo rm -rf registry | |
| sudo rm -rf tars | |
| sudo bash init.sh arm64 | |
| echo "Building ${TAG}-arm64" | |
| sudo sealos build -t "${TAG}-arm64" --platform linux/arm64 -f Kubefile | |
| done | |
| - name: Manifest Cluster Images | |
| run: | | |
| sudo sealos images | |
| for TAG in $DOCKER_METADATA_OUTPUT_TAGS; do | |
| echo "Creating manifest for ${TAG}" | |
| bash scripts/manifest-cluster-images.sh "$TAG" | |
| done | |
| # todo: build multi-arch images |