redo build for base image, try the oci exporter #354
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
# Controls when the action will run. Triggers the workflow on push or pull request | |
# events but only for the master branch | |
on: | |
push: | |
# temporarily run on every push for testing | |
# branches: [ master ] | |
# pull_request: | |
# branches: [ master ] | |
# A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
# ┌──────────────────┐ ┌────────────────┐ ┌────────────────┐ | |
# ┌─────────┐ ┌─────────┬────► Build Latest NJS ├────────►Test Latest NJS ├─────►│Push Latest NJS │ | |
# │Build OSS├────►│Test OSS │ └──────────────────┘ └────────────────┘ └────────────────┘ | |
# └─────────┘ └──┬──────┤ | |
# │ │ ┌──────────────────┐ ┌──────────────────┐ ┌─────────────────┐ | |
# │ └────►Build Unprivileged├───────►Test Unprivileged ├────►│Push Unprivileged│ | |
# │ └──────────────────┘ └──────────────────┘ ├────────┬────────┘ | |
# │ ├────────┤ | |
# └──────────────────────────────────────────────────────────────►│Push OSS│ | |
# └────────┘ | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
# Note that uploading the artifact won't work. We will need to build and push it to a local registry. | |
# See here https://docs.docker.com/build/ci/github-actions/named-contexts/#using-with-a-container-builder | |
# This person has my problem: https://stackoverflow.com/questions/75831482/how-to-use-a-local-docker-registry2-from-one-job-as-a-container-for-another-job | |
# The issue is that the docker container that is the registery does not persist between jobs. | |
# So I"d need to do something dumb like use the artifact upload and download to get to to the next | |
# step then do it there. | |
# Time to cut my losses and do it mostly in one run. | |
if: github.ref != 'refs/heads/master' | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
# network=host driver-opt needed to push to local registry | |
driver-opts: network=host | |
platforms: linux/amd64,linux/arm64 | |
# Since we can't push and save at the same time we push to the local registry so that | |
# other builds can have access to the image (loading it does not work with buildx) | |
- name: Build and push oss image to local registry | |
uses: docker/build-push-action@v5 | |
with: | |
file: Dockerfile.oss | |
context: . | |
tags: localhost:5000/nginx-s3-gateway , localhost:5000/nginx-s3-gateway:oss | |
push: true | |
platforms: linux/amd64,linux/arm64 | |
# Build again to export the file locally so we can save all arch versions. | |
- name: Build and export oss image | |
uses: docker/build-push-action@v5 | |
with: | |
file: Dockerfile.oss | |
context: . | |
tags: localhost:5000/nginx-s3-gateway , localhost:5000/nginx-s3-gateway:oss | |
push: false | |
outputs: type=oci,dest=/tmp/oss.tar | |
platforms: linux/amd64,linux/arm64 | |
- name: Upload artifact - oss | |
uses: actions/upload-artifact@v3 | |
with: | |
name: oss | |
path: /tmp/oss.tar | |
- name: Build and export latest-njs image | |
uses: docker/build-push-action@v5 | |
with: | |
file: Dockerfile.latest-njs | |
context: . | |
tags: localhost:5000/nginx-s3-gateway:latest-njs-oss | |
push: false | |
outputs: type=oci,dest=/tmp/latest-njs.tar | |
platforms: linux/amd64,linux/arm64 | |
build-contexts: | | |
nginx-s3-gateway=docker-image://localhost:5000/nginx-s3-gateway:oss | |
- name: Upload artifact - latest-njs | |
uses: actions/upload-artifact@v3 | |
with: | |
name: latest-njs | |
path: /tmp/latest-njs.tar | |
- name: Build and export - unprivileged | |
uses: docker/build-push-action@v5 | |
with: | |
file: Dockerfile.unprivileged | |
context: . | |
tags: localhost:5000/nginx-s3-gateway:unprivileged | |
push: false | |
outputs: type=oci,dest=/tmp/unprivileged.tar | |
platforms: linux/amd64,linux/arm64 | |
build-contexts: | | |
nginx-s3-gateway=docker-image://localhost:5000/nginx-s3-gateway:oss | |
- name: Upload artifact - unprivileged | |
uses: actions/upload-artifact@v3 | |
with: | |
name: unprivileged | |
path: /tmp/unprivileged.tar | |
test-oss: | |
runs-on: ubuntu-latest | |
if: github.ref != 'refs/heads/master' | |
needs: build | |
steps: | |
- uses: actions/checkout@v4 | |
## Start tests. Keep things here because we can't keep the registry between jobs | |
## TODO: Try saving the artifact after all are built? What happens to the other archs? | |
- name: Install dependencies | |
run: sudo apt-get update -qq && sudo apt-get install -y curl wait-for-it | |
- name: Restore cached binaries | |
id: cache-binaries-restore | |
uses: actions/cache/restore@v3 | |
with: | |
path: .bin | |
key: ${{ runner.os }}-binaries | |
- name: Install MinIO Client | |
run: | | |
mkdir .bin || exit 0 | |
cd .bin | |
curl --insecure --retry 6 --fail --location --output mc.RELEASE.2023-06-19T19-31-19Z "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z" | |
curl --insecure --retry 6 --fail --silent --location "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z.sha256sum" | sha256sum --check - | |
mv mc.RELEASE.2023-06-19T19-31-19Z mc | |
chmod +x mc | |
## OSS Test. No retagging needed | |
- name: Download artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: oss | |
path: /tmp | |
- name: Load image | |
run: | | |
docker load --input /tmp/oss.tar | |
- name: Run tests - stable njs version | |
run: ./test.sh --type oss | |
test-latest-njs: | |
runs-on: ubuntu-latest | |
if: github.ref != 'refs/heads/master' | |
needs: test-oss | |
steps: | |
- uses: actions/checkout@v4 | |
## Start tests. Keep things here because we can't keep the registry between jobs | |
## TODO: Try saving the artifact after all are built? What happens to the other archs? | |
- name: Install dependencies | |
run: sudo apt-get update -qq && sudo apt-get install -y curl wait-for-it | |
- name: Restore cached binaries | |
id: cache-binaries-restore | |
uses: actions/cache/restore@v3 | |
with: | |
path: .bin | |
key: ${{ runner.os }}-binaries | |
- name: Install MinIO Client | |
run: | | |
mkdir .bin || exit 0 | |
cd .bin | |
curl --insecure --retry 6 --fail --location --output mc.RELEASE.2023-06-19T19-31-19Z "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z" | |
curl --insecure --retry 6 --fail --silent --location "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z.sha256sum" | sha256sum --check - | |
mv mc.RELEASE.2023-06-19T19-31-19Z mc | |
chmod +x mc | |
- name: Download artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: latest-njs | |
path: /tmp | |
- name: Load image | |
run: | | |
docker load --input /tmp/latest-njs.tar | |
docker tag localhost:5000/nginx-s3-gateway:latest-njs-oss nginx-s3-gateway | |
- name: Run tests - latest njs version | |
run: ./test.sh --latest-njs --type oss | |
test-unprivileged: | |
runs-on: ubuntu-latest | |
if: github.ref != 'refs/heads/master' | |
needs: test-oss | |
steps: | |
- uses: actions/checkout@v4 | |
## Start tests. Keep things here because we can't keep the registry between jobs | |
## TODO: Try saving the artifact after all are built? What happens to the other archs? | |
- name: Install dependencies | |
run: sudo apt-get update -qq && sudo apt-get install -y curl wait-for-it | |
- name: Restore cached binaries | |
id: cache-binaries-restore | |
uses: actions/cache/restore@v3 | |
with: | |
path: .bin | |
key: ${{ runner.os }}-binaries | |
- name: Install MinIO Client | |
run: | | |
mkdir .bin || exit 0 | |
cd .bin | |
curl --insecure --retry 6 --fail --location --output mc.RELEASE.2023-06-19T19-31-19Z "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z" | |
curl --insecure --retry 6 --fail --silent --location "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z.sha256sum" | sha256sum --check - | |
mv mc.RELEASE.2023-06-19T19-31-19Z mc | |
chmod +x mc | |
- name: Download artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: unprivileged | |
path: /tmp | |
- name: Load image | |
run: | | |
docker load --input /tmp/unprivileged.tar | |
docker tag localhost:5000/nginx-s3-gateway:unprivileged nginx-s3-gateway | |
- name: Run tests - stable njs version - unprivileged process | |
run: ./test.sh --unprivileged --type oss | |
tag-and-push: | |
runs-on: ubuntu-latest | |
needs: [test-oss, test-latest-njs, test-unprivileged] | |
if: | | |
github.ref == 'refs/heads/master' || | |
github.ref == 'refs/heads/main' | |
steps: | |
- name: Get current date | |
id: date | |
run: echo "date=$(date +'%Y%m%d')" >> $GITHUB_OUTPUT | |
- name: Configure Github Package Registry | |
run: echo ${{ secrets.GITHUB_TOKEN }} | docker login docker.pkg.github.com -u $GITHUB_ACTOR --password-stdin | |
- name: Download artifact - oss | |
uses: actions/download-artifact@v3 | |
with: | |
name: oss | |
path: /tmp | |
- name: Download artifact - latest-njs | |
uses: actions/download-artifact@v3 | |
with: | |
name: latest-njs | |
path: /tmp | |
- name: Download artifact - unprivileged | |
uses: actions/download-artifact@v3 | |
with: | |
name: unprivileged | |
path: /tmp | |
- name: Load and retag oss image [oss] | |
run: | | |
docker load --input /tmp/oss.tar | |
docker tag localhost:5000/nginx-s3-gateway docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-${{ steps.date.outputs.date }}-new-build-test | |
docker tag localhost:5000/nginx-s3-gateway docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-new-build-test | |
- name: Push container image to github [oss date] | |
run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-${{ steps.date.outputs.date }}-new-build-test | |
- name: Push container image to github [oss latest] | |
run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-new-build-test | |
- name: Load and retag oss image [latest-njs-oss] | |
run: | | |
docker load --input /tmp/latest-njs.tar | |
docker tag localhost:5000/nginx-s3-gateway::latest-njs-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }}-new-build-test | |
docker tag localhost:5000/nginx-s3-gateway::latest-njs-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss-new-build-test | |
- name: Push container image to github [latest-njs-oss date] | |
run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }}-new-build-test | |
- name: Push container image to github [latest-njs-oss] | |
run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss-new-build-test | |
# # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
# - uses: actions/checkout@v2 | |
# - name: Get current date | |
# id: date | |
# run: echo "date=$(date +'%Y%m%d')" >> $GITHUB_OUTPUT | |
# - name: Configure Github Package Registry | |
# run: echo ${{ secrets.GITHUB_TOKEN }} | docker login docker.pkg.github.com -u $GITHUB_ACTOR --password-stdin | |
# - name: Install dependencies | |
# run: sudo apt-get update -qq && sudo apt-get install -y curl wait-for-it | |
# - name: Restore cached binaries | |
# id: cache-binaries-restore | |
# uses: actions/cache/restore@v3 | |
# with: | |
# path: .bin | |
# key: ${{ runner.os }}-binaries | |
# - name: Install MinIO Client | |
# run: | | |
# mkdir .bin || exit 0 | |
# cd .bin | |
# curl --insecure --retry 6 --fail --silent --location --output mc.RELEASE.2023-06-19T19-31-19Z "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z" | |
# curl --insecure --retry 6 --fail --silent --location "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z.sha256sum" | sha256sum --check - | |
# mv mc.RELEASE.2023-06-19T19-31-19Z mc | |
# chmod +x mc | |
# # Run tests and builds image | |
# - name: Run tests - latest njs version | |
# run: ./test.sh --latest-njs --type oss | |
# # latest-njs-oss image push [Github] | |
# - name: Tag container image for Push to github [latest-njs-oss date] | |
# run: docker tag nginx-s3-gateway:latest-njs-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to github [latest-njs-oss] | |
# run: docker tag nginx-s3-gateway:latest-njs-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss | |
# - name: Push container image to github [latest-njs-oss date] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }} | |
# - name: Push container image to github [latest-njs-oss] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss | |
# # Run tests and builds image | |
# - name: Run tests - stable njs version - unprivileged process | |
# run: ./test.sh --unprivileged --type oss | |
# # unprivileged-oss image push [Github] | |
# - name: Tag container image for Push to github [unprivileged-oss date] | |
# run: docker tag nginx-s3-gateway:unprivileged-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:unprivileged-oss-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to github [unprivileged-oss] | |
# run: docker tag nginx-s3-gateway:unprivileged-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:unprivileged-oss | |
# - name: Push container image to github [unprivileged-oss date] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:unprivileged-oss-${{ steps.date.outputs.date }} | |
# - name: Push container image to github [unprivileged-oss] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:unprivileged-oss | |
# # Run tests and builds image | |
# - name: Run tests - stable njs version | |
# run: ./test.sh --type oss | |
# # oss image push [Github] | |
# - name: Tag container image for Push to github [oss date] | |
# run: docker tag nginx-s3-gateway:oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to github [oss] | |
# run: docker tag nginx-s3-gateway:oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest | |
# - name: Push container image to github [oss date] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-${{ steps.date.outputs.date }} | |
# - name: Push container image to github [oss latest] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest | |
# # Login to Docker Hub | |
# - name: Login to Docker Hub | |
# uses: docker/login-action@v1 | |
# with: | |
# username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
# password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
# # latest-njs-oss image push [Docker Hub] | |
# - name: Tag container image for Push to Docker Hub [latest-njs-oss date] | |
# run: docker tag nginx-s3-gateway:latest-njs-oss nginxinc/nginx-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to Docker Hub [latest-njs-oss] | |
# run: docker tag nginx-s3-gateway:latest-njs-oss nginxinc/nginx-s3-gateway:latest-njs-oss | |
# - name: Push container image to Docker Hub [latest-njs-oss date] | |
# run: docker push nginxinc/nginx-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }} | |
# - name: Push container image to Docker Hub [latest-njs-oss] | |
# run: docker push nginxinc/nginx-s3-gateway:latest-njs-oss | |
# # unprivileged-oss image push [Docker Hub] | |
# - name: Tag container image for Push to Docker Hub [unprivileged-oss date] | |
# run: docker tag nginx-s3-gateway:unprivileged-oss nginxinc/nginx-s3-gateway:unprivileged-oss-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to Docker Hub [unprivileged-oss] | |
# run: docker tag nginx-s3-gateway:unprivileged-oss nginxinc/nginx-s3-gateway:unprivileged-oss | |
# - name: Push container image to Docker Hub [unprivileged-oss date] | |
# run: docker push nginxinc/nginx-s3-gateway:unprivileged-oss-${{ steps.date.outputs.date }} | |
# - name: Push container image to Docker Hub [unprivileged-oss] | |
# run: docker push nginxinc/nginx-s3-gateway:unprivileged-oss | |
# # oss image push [Docker Hub] | |
# - name: Tag container image for Push to Docker Hub [oss date] | |
# run: docker tag nginx-s3-gateway:oss nginxinc/nginx-s3-gateway:latest-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to Docker Hub [oss] | |
# run: docker tag nginx-s3-gateway:oss nginxinc/nginx-s3-gateway:latest | |
# - name: Push container image to Docker Hub [oss date] | |
# run: docker push nginxinc/nginx-s3-gateway:latest-${{ steps.date.outputs.date }} | |
# - name: Push container image to Docker Hub [oss latest] | |
# run: docker push nginxinc/nginx-s3-gateway:latest |