From 0dc2f8461a7105cb666f716d8042778776ea32c2 Mon Sep 17 00:00:00 2001 From: Sarath Chandra Oruganti <39090092+sarathchandra24@users.noreply.github.com> Date: Sun, 10 Mar 2024 01:51:43 -0600 Subject: [PATCH] Fix: attach latest tag to images - DockerHub synchronize with GHCR (#1086) * push image to multiple registry Signed-off-by: Sarath Chandra Oruganti <39090092+SarathChandra24@users.noreply.github.com> Signed-off-by: Sarath Chandra Oruganti * github actions permissions Signed-off-by: Sarath Chandra Oruganti <39090092+SarathChandra24@users.noreply.github.com> Signed-off-by: Sarath Chandra Oruganti * fluentd multi registry image push Signed-off-by: Sarath Chandra Oruganti * Limit build to PR changes for certain files Signed-off-by: Sarath Chandra Oruganti * Fix: Latest tag while pushing to docker hub Signed-off-by: Sarath Chandra Oruganti --------- Signed-off-by: Sarath Chandra Oruganti <39090092+SarathChandra24@users.noreply.github.com> Signed-off-by: Sarath Chandra Oruganti Signed-off-by: Paul Smith --- .github/workflows/build-fb-image.yaml | 9 ++- .github/workflows/build-fd-image.yaml | 13 ++-- .github/workflows/build-op-image.yaml | 2 +- .../workflows/clone-docker-image-action.yaml | 61 ++++++++++++++++++- 4 files changed, 73 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build-fb-image.yaml b/.github/workflows/build-fb-image.yaml index 591e0894c..9bf106e51 100644 --- a/.github/workflows/build-fb-image.yaml +++ b/.github/workflows/build-fb-image.yaml @@ -43,7 +43,7 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - - name: docker metadata + - name: docker metadata for building id: image-metadata uses: docker/metadata-action@v5 with: @@ -210,9 +210,10 @@ jobs: with: source_image: "${{ needs.build-prod-image-metadata.outputs.IMG_NAME }}:${{ needs.build-prod-image-metadata.outputs.version }}" source_registry: ghcr.io - target_image: "${{ needs.build-prod-image-metadata.outputs.DOCKER_IMG_NAME }}:${{ needs.build-prod-image-metadata.outputs.version }}" + target_image: "${{ needs.build-prod-image-metadata.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64', 'linux/amd64']" + is_latest: true secrets: source_registry_username: ${{ github.actor }} source_registry_token: ${{ secrets.GITHUB_TOKEN }} @@ -229,9 +230,11 @@ jobs: with: source_image: "${{ needs.build-debug-image-metadata.outputs.IMG_NAME }}:${{ needs.build-debug-image-metadata.outputs.version }}" source_registry: ghcr.io - target_image: "${{ needs.build-debug-image-metadata.outputs.DOCKER_IMG_NAME }}:${{ needs.build-debug-image-metadata.outputs.version }}" + target_image: "${{ needs.build-debug-image-metadata.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64', 'linux/amd64']" + is_latest: false + suffix: "-debug" secrets: source_registry_username: ${{ github.actor }} source_registry_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build-fd-image.yaml b/.github/workflows/build-fd-image.yaml index 9df652699..35df9b667 100644 --- a/.github/workflows/build-fd-image.yaml +++ b/.github/workflows/build-fd-image.yaml @@ -216,11 +216,13 @@ jobs: - build-arm64-base-image-metadata - build-arm64-base with: - source_image: "${{ needs.build-arm64-base-image-metadata.outputs.IMG_NAME }}:${{ needs.build-arm64-base-image-metadata.outputs.version }}" + source_image: "${{ needs.build-arm64-base-image-metadata.outputs.IMG_NAME }}" source_registry: ghcr.io - target_image: "${{ needs.build-arm64-base-image-metadata.outputs.DOCKER_IMG_NAME }}:${{ needs.build-arm64-base-image-metadata.outputs.version }}" + target_image: "${{ needs.build-arm64-base-image-metadata.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64']" + is_latest: false + suffix: "-arm64-base" secrets: source_registry_username: ${{ github.actor }} source_registry_token: ${{ secrets.GITHUB_TOKEN }} @@ -301,8 +303,6 @@ jobs: uses: docker/metadata-action@v5 with: images: "ghcr.io/${{ env.GITHUB_IMAGE }}" - flavor: | - latest=false tags: | raw,latest type=ref,event=branch @@ -347,11 +347,12 @@ jobs: - prod-image-manifest - scan-image with: - source_image: "${{ needs.prod-image-manifest.outputs.IMG_NAME }}:${{ needs.prod-image-manifest.outputs.version }}" + source_image: "${{ needs.prod-image-manifest.outputs.IMG_NAME }}" source_registry: ghcr.io - target_image: "${{ needs.prod-image-manifest.outputs.DOCKER_IMG_NAME }}:${{ needs.prod-image-manifest.outputs.version }}" + target_image: "${{ needs.prod-image-manifest.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64', 'linux/amd64']" + is_latest: true secrets: source_registry_username: ${{ github.actor }} source_registry_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build-op-image.yaml b/.github/workflows/build-op-image.yaml index 6940808da..ed497f5ab 100644 --- a/.github/workflows/build-op-image.yaml +++ b/.github/workflows/build-op-image.yaml @@ -137,7 +137,7 @@ jobs: with: source_image: "${{ needs.build-image-metadata.outputs.IMG_NAME }}:${{ needs.build-image-metadata.outputs.version }}" source_registry: ghcr.io - target_image: "${{ needs.build-image-metadata.outputs.DOCKER_IMG_NAME }}:${{ needs.build-image-metadata.outputs.version }}" + target_image: "${{ needs.build-image-metadata.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64', 'linux/amd64']" secrets: diff --git a/.github/workflows/clone-docker-image-action.yaml b/.github/workflows/clone-docker-image-action.yaml index 46cecc626..5547eb3c2 100644 --- a/.github/workflows/clone-docker-image-action.yaml +++ b/.github/workflows/clone-docker-image-action.yaml @@ -24,6 +24,16 @@ required: false type: string default: '["linux/arm64", "linux/amd64"]' + suffix: + description: 'The suffix to append to the target image' + required: false + type: string + default: '' + is_latest: + description: 'Whether to tag the image as latest' + required: false + type: boolean + default: false secrets: source_registry_token: description: The Github token or similar to authenticate with for the registry. @@ -58,9 +68,56 @@ env: SOURCE_IMAGE: ${{ inputs.source_registry }}/${{ inputs.source_image }} shell: bash + create-tags: + runs-on: ubuntu-latest + outputs: + tags: ${{ steps.tags-converter.outputs.TAGS }} + steps: + - name: docker metadata for tags + id: tags-metadata + uses: docker/metadata-action@v5 + with: + flavor: | + latest=${{ inputs.is_latest }} + suffix=${{ inputs.suffix }} + tags: | + raw,latest + type=ref,event=branch + type=ref,event=pr + type=ref,event=tag + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + + - name: Convert tags to JSON array + id: tags-converter + run: | + + # Get the line-separated list of tags + TAGS="${{ steps.tags-metadata.outputs.tags }}" + + # Initialize an empty array + JSON_TAGS="[" + + # Loop through each tag and append to the JSON array + while read -r tag; do + JSON_TAGS+="\"$tag\"," + done <<< "$TAGS" + + # print the JSON array + echo "TAGS=$JSON_TAGS" + + # Remove the trailing comma and close the array + JSON_TAGS="${JSON_TAGS%,}]" + # Output the JSON array + echo "TAGS=$JSON_TAGS" >> $GITHUB_OUTPUT push-image: - needs: check-image-exists + needs: + - check-image-exists + - create-tags + strategy: + matrix: + image_tags: ${{fromJson(needs.create-tags.outputs.tags)}} runs-on: ubuntu-latest steps: - name: Promote container images from ${{ inputs.source_registry }} to ${{ inputs.target_registry }} @@ -77,6 +134,6 @@ "docker://$RELEASE_IMAGE" env: SOURCE_IMAGE: "${{ inputs.source_registry }}/${{ inputs.source_image }}" - RELEASE_IMAGE: "${{ inputs.target_registry }}/${{ inputs.target_image }}" + RELEASE_IMAGE: "${{ inputs.target_registry }}/${{ inputs.target_image }}:${{ matrix.image_tags }}" RELEASE_CREDS: ${{ secrets.target_registry_username }}:${{ secrets.target_registry_token }} SOURCE_CREDS: ${{ secrets.source_registry_username }}:${{ secrets.source_registry_token }}