Description
Is your feature request related to a problem? Please describe.
In the Github Action YAML configuration file, the tags field should be a YAML list, not a space separated list.
Indeed, YAML natively supports lists, so there is no reason to use a space separated list, other than not changing the source code which parses this YAML configuration.
Related issues:
- [FEATURE]
tagsfield should be a YAML list not a space separated list #146 - [FEATURE]
tagsfield should be a YAML list not a space separated list. push-to-registry#101
Describe the solution you'd like
Use the list native support of YAML:
- name: Build the container image
id: buildah-build
uses: redhat-actions/buildah-build@v1
with:
image-name: ${{ steps.set-oci-image-url.outputs.oci_image_url }}
containerfile: ${{ env.BASE_CONTAINERFILE_NAME }}
tags:
- ${{ github.sha }}
- tag1
- tag2
- tag3
oci: trueinstead of a space separated list:
- name: Build the container image
id: buildah-build
uses: redhat-actions/buildah-build@v1
with:
image-name: ${{ steps.set-oci-image-url.outputs.oci_image_url }}
containerfile: ${{ env.BASE_CONTAINERFILE_NAME }}
tags: ${{ github.sha }} tag1 tag2 tag3
oci: trueDescribe alternatives you've considered
I have a situation where I need to tag an OCI image with a list of multiple tags which are actualy Github Action variable from other steps of my job.
Below is an example of what 13 tags in a Github Action recipe could looks like:
tags:
- ${{ github.sha }}
- golang-${{ steps.extract.outputs.golang_version }}
- goreleaser-${{ steps.extract.outputs.goreleaser_version }}
- cosign-${{ steps.extract.outputs.cosign_version }}
- ko-${{ steps.extract.outputs.ko_version }}
- trivy-${{ steps.extract.outputs.trivy_version }}
- syft-${{ steps.extract.outputs.syft_version }}
- golang-${{ steps.extract.outputs.golang_version }}-${{ steps.extract.outputs.debian_version}}
- goreleaser-${{ steps.extract.outputs.goreleaser_version }}-${{ steps.extract.outputs.debian_version}}
- cosign-${{ steps.extract.outputs.cosign_version }}-${{ steps.extract.outputs.debian_version}}
- ko-${{ steps.extract.outputs.ko_version }}-${{ steps.extract.outputs.debian_version}}
- trivy-${{ steps.extract.outputs.trivy_version }}-${{ steps.extract.outputs.debian_version}}
- syft-${{ steps.extract.outputs.syft_version }}-${{ steps.extract.outputs.debian_version}}With 13 tags like this, it is not convenient to maintain a space separated list.
If I take the same 13 tags above and convert this list into a single oneliner like below, this becomes unreadable and unmaintable.
golang-${{ steps.extract.outputs.golang_version }} goreleaser-${{ steps.extract.outputs.goreleaser_version }} cosign-${{ steps.extract.outputs.cosign_version }} ko-${{ steps.extract.outputs.ko_version }} trivy-${{ steps.extract.outputs.trivy_version }} syft-${{ steps.extract.outputs.syft_version }} golang-${{ steps.extract.outputs.golang_version }}-${{ steps.extract.outputs.debian_version}} goreleaser-${{ steps.extract.outputs.goreleaser_version }}-${{ steps.extract.outputs.debian_version}} cosign-${{ steps.extract.outputs.cosign_version }}-${{ steps.extract.outputs.debian_version}} ko-${{ steps.extract.outputs.ko_version }}-${{ steps.extract.outputs.debian_version}} trivy-${{ steps.extract.outputs.trivy_version }}-${{ steps.extract.outputs.debian_version}} syft-${{ steps.extract.outputs.syft_version }}-${{ steps.extract.outputs.debian_version}}
How does docker do for their own docker action?
Below is an example of how docker/metadata-action handle the tags.
They do not rely on a YAML list. However, it is easier to write tags on multilines. Check the full example here.
This below is more readable than a single oneliner.
- name: Container metadata and tags
id: metadata
uses: docker/metadata-action@v5
with:
# image name may contain lowercase letters, digits and separators https://github.com/docker/metadata-action/tree/v5/?tab=readme-ov-file#image-name-and-tag-sanitization
images: ${{ steps.set-oci-image-url.outputs.oci_image_url }}
tags: |
type=ref,event=branch
# use tools version as tags
type=raw,value=golang-${{ steps.extract.outputs.golang_version }}
type=raw,value=goreleaser-${{ steps.extract.outputs.goreleaser_version }}
type=raw,value=cosign-${{ steps.extract.outputs.cosign_version }}
type=raw,value=ko-${{ steps.extract.outputs.ko_version }}
type=raw,value=trivy-${{ steps.extract.outputs.trivy_version }}
type=raw,value=syft-${{ steps.extract.outputs.syft_version }}
type=raw,value=golang-${{ steps.extract.outputs.golang_version }}-${{ steps.extract.outputs.debian_version}}
type=raw,value=goreleaser-${{ steps.extract.outputs.goreleaser_version }}-${{ steps.extract.outputs.debian_version}}
type=raw,value=cosign-${{ steps.extract.outputs.cosign_version }}-${{ steps.extract.outputs.debian_version}}
type=raw,value=ko-${{ steps.extract.outputs.ko_version }}-${{ steps.extract.outputs.debian_version}}
type=raw,value=trivy-${{ steps.extract.outputs.trivy_version }}-${{ steps.extract.outputs.debian_version}}
type=raw,value=syft-${{ steps.extract.outputs.syft_version }}-${{ steps.extract.outputs.debian_version}}
# minimal (short sha)
type=sha
# full length sha
type=sha,format=longAdditional context
In redhat-actions/buildah-build, there is a tags field which is a space separated list. Source:
tags: A space-separated list of the tags that were applied to the new image.It is the same for redhat-actions/push-to-registry:
| tags | The tag or tags of the image or manifest to push. For multiple tags, separate by whitespace. Refer to [Image and Tag Inputs](https://github.com/redhat-actions/push-to-registry#image-tag-inputs). | `latest`
My motivation ?
Kaniko deprecation
The deprecation of Kaniko is a motivation to replace Kaniko with podman and buildah.
Use podman rather than docker
Why not use docker since it is available in Ubuntu actions/runner-images?
Because my workflow is using podman.
And because Podman, skopeo and Buildah are all available in Github Actio Ubuntu 24.04 image.
Why not use docker github actions like docker/metadata-action?
Because I do not want to mix Github Action that rely on the docker CLI client with Github Actions that rely on podman and buildah.