-
-
Notifications
You must be signed in to change notification settings - Fork 19
122 lines (109 loc) · 4.06 KB
/
build_base_image.yaml
File metadata and controls
122 lines (109 loc) · 4.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
on:
push:
branches:
- main
paths:
- 'requirements.txt'
- 'Dockerfile.base'
- '.github/workflows/build_base_image.yaml'
issue_comment:
types: [created]
workflow_dispatch:
name: Build base container image
permissions:
contents: read
packages: write
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build-base-image:
name: Build base image with dependencies
if: |
(github.event_name != 'issue_comment') ||
(github.event.issue.pull_request != null && contains(github.event.comment.body, 'cicd/build'))
strategy:
fail-fast: false
matrix:
include:
- platform: linux/amd64
runner: ubuntu-latest
arch: amd64
- platform: linux/arm64
runner: ubuntu-24.04-arm
arch: arm64
runs-on: ${{ matrix.runner }}
timeout-minutes: 90
steps:
- name: Checkout code
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
with:
ref: ${{ github.event_name == 'issue_comment' && format('refs/pull/{0}/head', github.event.issue.number) || github.ref }}
- name: Free up disk space
run: ./.github/scripts/free_disk_space.sh
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
with:
driver-opts: |
image=moby/buildkit:v0.12.5
- name: Login to GitHub Container Registry
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate build metadata
id: meta
run: |
echo "build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ")" >> $GITHUB_OUTPUT
echo "vcs_ref=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
echo "version=$(git describe --tags --always 2>/dev/null || echo 'latest')" >> $GITHUB_OUTPUT
- name: Build and push base image
uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
with:
context: .
file: ./Dockerfile.base
platforms: ${{ matrix.platform }}
push: true
cache-from: type=gha,scope=base-${{ matrix.arch }}
cache-to: type=gha,mode=max,scope=base-${{ matrix.arch }},ignore-error=true
build-args: |
BUILD_DATE=${{ steps.meta.outputs.build_date }}
VCS_REF=${{ steps.meta.outputs.vcs_ref }}
VERSION=${{ steps.meta.outputs.version }}
tags: |
ghcr.io/${{ github.repository }}/base:latest-${{ matrix.arch }}
create-base-manifest:
name: Create base image multi-arch manifest
runs-on: ubuntu-latest
needs: build-base-image
timeout-minutes: 15
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
- name: Login to GitHub Container Registry
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Verify single-arch images availability
run: |
REPO="${{ github.repository }}"
for tag in latest-amd64 latest-arm64; do
for i in {1..20}; do
if docker buildx imagetools inspect ghcr.io/$REPO/base:$tag > /dev/null 2>&1; then
echo "Found ghcr.io/$REPO/base:$tag";
break;
fi
echo "Waiting for ghcr.io/$REPO/base:$tag to be available ($i/20)...";
sleep 3;
done
done
- name: Create and push multi-arch manifest
run: |
REPO="${{ github.repository }}"
docker buildx imagetools create \
-t ghcr.io/$REPO/base:latest \
ghcr.io/$REPO/base:latest-amd64 \
ghcr.io/$REPO/base:latest-arm64