From f12626f68177e57d3dd3f8edabd1937e7ae9f1f7 Mon Sep 17 00:00:00 2001 From: Tai Lee Date: Sun, 28 Mar 2021 11:31:31 +1100 Subject: [PATCH] Update CI workflow. - Scheduled run at 3 AM AEST. - No cache for scheduled runs. - Build multiarch images before (old) x64 images. - Get branch name directly instead of using `ghaction-docker-meta`. - Use `docker buildx imagetools create` instead of `docker manifest create` and `docker manifest push`. --- .github/workflows/ci.yml | 163 ++++++++++++++++++++------------------- 1 file changed, 85 insertions(+), 78 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 88cb353..9df3149 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,125 +2,132 @@ name: Continuous Integration on: push: - branches: '*' schedule: - - cron: '0 17 * * *' + - cron: '0 17 * * *' # 3 AM AEST jobs: - image-x64: + image: runs-on: + - ${{ matrix.arch }} - linux - self-hosted - - x64 steps: - # Transform ${{ git.ref }} from `refs/heads/` to `${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:`. - - name: Docker meta - id: docker_meta - uses: crazy-max/ghaction-docker-meta@v1 - with: - images: ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }} - tag-latest: false - - name: Login to Docker Hub - uses: docker/login-action@v1 + - uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Build image and push SHA tag - uses: docker/build-push-action@v2 + - uses: docker/build-push-action@v2 with: file: ${{ matrix.version }}/Dockerfile + no-cache: ${{ github.event_name == 'schedule' }} push: true - tags: ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }} - - name: Push branch tag - run: | - docker tag ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }} ${{ steps.docker_meta.outputs.tags }}-${{ matrix.version }} - docker push ${{ steps.docker_meta.outputs.tags }}-${{ matrix.version }} - - name: Push version tag - if: github.ref == 'refs/heads/master' - run: | - docker tag ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }} ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:${{ matrix.version }} - docker push ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:${{ matrix.version }} + tags: ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-${{ matrix.arch }} strategy: matrix: + arch: + - arm64 + - x64 version: - - 1 - - 1-alpine - - 2.4 - - 2.4-alpine - - 5 - - 5-alpine - - 6 + - 7 - image-multiarch: + manifest: + env: + IMAGE_REPO: ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }} + IMAGE_TAG: sha-${{ github.sha }}-${{ matrix.version }} + needs: image runs-on: - - ${{ matrix.arch }} - linux - self-hosted steps: - - name: Login to Docker Hub - uses: docker/login-action@v1 + - uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Build image and push SHA tag - uses: docker/build-push-action@v2 - with: - file: ${{ matrix.version }}/Dockerfile - push: true - tags: ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-${{ matrix.arch }} + - name: Push branch manifest list + run: | + docker buildx imagetools create -t \ + ${{ env.IMAGE_REPO }}:${GITHUB_REF#refs/heads/}-${{ matrix.version }} \ + ${{ env.IMAGE_REPO }}:${{ env.IMAGE_TAG }}-arm64 \ + ${{ env.IMAGE_REPO }}:${{ env.IMAGE_TAG }}-x64 + - name: Push SHA manifest list + run: | + docker buildx imagetools create -t \ + ${{ env.IMAGE_REPO }}:${{ env.IMAGE_TAG }} \ + ${{ env.IMAGE_REPO }}:${{ env.IMAGE_TAG }}-arm64 \ + ${{ env.IMAGE_REPO }}:${{ env.IMAGE_TAG }}-x64 + - name: Push version manifest list + if: github.ref == 'refs/heads/master' + run: | + # Version. + docker buildx imagetools create -t \ + ${{ env.IMAGE_REPO }}:${{ matrix.version }} \ + ${{ env.IMAGE_REPO }}:${{ env.IMAGE_TAG }}-arm64 \ + ${{ env.IMAGE_REPO }}:${{ env.IMAGE_TAG }}-x64 + - name: Push 'latest' manifest list + if: github.ref == 'refs/heads/master' && matrix.version == '7' + run: | + # Latest. + docker buildx imagetools create -t \ + ${{ env.IMAGE_REPO }}:latest \ + ${{ env.IMAGE_REPO }}:${{ env.IMAGE_TAG }}-arm64 \ + ${{ env.IMAGE_REPO }}:${{ env.IMAGE_TAG }}-x64 + - name: Remove arch tags + run: | + TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d '{"username": "${{ secrets.DOCKER_USERNAME }}", "password": "${{ secrets.DOCKER_PASSWORD }}"}' "https://hub.docker.com/v2/users/login/" | jq -r '.token') + curl "https://hub.docker.com/v2/repositories/${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}/tags/${{ env.IMAGE_TAG }}-arm64/" -X DELETE -H "Authorization: JWT ${TOKEN}" + curl "https://hub.docker.com/v2/repositories/${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}/tags/${{ env.IMAGE_TAG }}-x64/" -X DELETE -H "Authorization: JWT ${TOKEN}" strategy: matrix: - arch: - - arm64 - - x64 version: - 7 - manifest: - needs: image-multiarch + image-x64: + env: + IMAGE_REPO: ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }} + IMAGE_TAG: sha-${{ github.sha }}-${{ matrix.version }} runs-on: - linux - self-hosted + - x64 steps: - # Transform ${{ git.ref }} from `refs/heads/` to `${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:`. - - name: Docker meta - id: docker_meta - uses: crazy-max/ghaction-docker-meta@v1 - with: - images: ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }} - tag-latest: false - - name: Login to Docker Hub - uses: docker/login-action@v1 + - uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Push SHA tag - run: | - docker manifest create ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }} \ - --amend ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-arm64 \ - --amend ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-x64 - docker manifest push --purge ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }} + - uses: docker/build-push-action@v2 + with: + file: ${{ matrix.version }}/Dockerfile + no-cache: ${{ github.event_name == 'schedule' }} + push: true + tags: ${{ env.IMAGE_REPO }}:sha-${{ env.IMAGE_TAG }} - name: Push branch tag run: | - docker manifest create ${{ steps.docker_meta.outputs.tags }}-${{ matrix.version }} \ - --amend ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-arm64 \ - --amend ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-x64 - docker manifest push --purge ${{ steps.docker_meta.outputs.tags }}-${{ matrix.version }} + docker tag ${{ env.IMAGE_REPO }}:sha-${{ env.IMAGE_TAG }} ${{ env.IMAGE_REPO }}:${GITHUB_REF#refs/heads/}-${{ matrix.version }} + docker push ${{ env.IMAGE_REPO }}:${GITHUB_REF#refs/heads/}-${{ matrix.version }} - name: Push version tag if: github.ref == 'refs/heads/master' run: | - docker manifest create ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:${{ matrix.version }} \ - --amend ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-arm64 \ - --amend ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-x64 - docker manifest push --purge ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:${{ matrix.version }} - - name: Push latest tag - if: github.ref == 'refs/heads/master' && matrix.version == 7 - run: | - docker manifest create ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:latest \ - --amend ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-arm64 \ - --amend ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:sha-${{ github.sha }}-${{ matrix.version }}-x64 - docker manifest push --purge ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}:latest + docker tag ${{ env.IMAGE_REPO }}:sha-${{ env.IMAGE_TAG }} ${{ env.IMAGE_REPO }}:${{ matrix.version }} + docker push ${{ env.IMAGE_REPO }}:${{ matrix.version }} strategy: matrix: version: - - 7 + - 1 + - 1-alpine + - 2.4 + - 2.4-alpine + - 5 + - 5-alpine + - 6 + + readme: + needs: manifest + runs-on: + - self-hosted + steps: + - uses: actions/checkout@v2 + - uses: peter-evans/dockerhub-description@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: ${{ secrets.DOCKER_ORG }}/${{ secrets.DOCKER_REPO }}