-
Notifications
You must be signed in to change notification settings - Fork 0
146 lines (133 loc) · 5.06 KB
/
container-image-buildah.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
name: Container Image
on:
workflow_dispatch:
inputs:
platforms:
description: "comma-separated list of platforms to build for, downstream supported are linux/amd64,linux/s390x,linux/ppc64le; note: clang is broken on s390x (RHEL-15874), also cross-builds take more than 6 hours so we don't do them"
default: linux/amd64
custom_tag:
description: optional custom tag on remote repo you want image to be tagged with
default: scratch
workflow_call:
inputs:
platforms:
required: false
default: linux/amd64
type: string
custom_tag:
required: false
default: ''
type: string
schedule:
# every Wednesday morning
- cron: 7 7 * * 3
push:
branches: [ main ]
tags: [ "**" ]
pull_request:
types: [opened, reopened, synchronize]
concurrency:
group: ci-container-build-${{ github.ref }}-1
cancel-in-progress: true
env:
# Use docker.io for Docker Hub if empty
REGISTRY: quay.io
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
jobs:
buildah:
runs-on: ubuntu-latest
steps:
- name: Sanitize Platforms
id: platforms
run: |
platforms="${{ inputs.platforms == '' && 'linux/amd64' || inputs.platforms }}"
archs="$( sed -e 's#linux/##g' <<< $platforms )"
echo "platforms=$platforms" >> $GITHUB_OUTPUT
echo "archs=$archs" >> $GITHUB_OUTPUT
# Allow multi-target builds
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: ${{ steps.platforms.outputs.archs }}
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: redhat-actions/podman-login@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=schedule
type=raw,value=latest,enable=${{ github.ref_name == 'main' }}
type=raw,value=nightly,enable=${{ github.ref_name == 'main' }}
type=ref,event=branch,enable=${{ github.ref_name != 'main' && inputs.custom_tag == '' }}
${{ inputs.custom_tag }}
type=ref,event=tag
type=ref,event=pr
# https://github.com/actions/checkout
- uses: actions/checkout@v3
- name: Build image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
tags: ${{ steps.meta.outputs.tags }}
platforms: ${{ steps.platforms.outputs.platforms }}
labels: ${{ steps.meta.outputs.labels }}
layers: false
oci: true
tls-verify: true
extra-args: |
--squash
--jobs=3
build-args: |
PORTA_IMAGE=quay.io/3scale/porta:nightly
containerfiles: |
Containerfile
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build-image.outputs.image }}"
echo "Tags: ${{ steps.build-image.outputs.tags }}"
echo "Tagged Image: ${{ steps.build-image.outputs.image-with-tag }}"
- name: Check images created
run: buildah images
- name: Smoke test the images
run: |
set -ex
# accessing a mapped port from a container did not work so lets
# create a pod where both - server and client have same localhost
podman pod create > podid
platforms="${{ steps.platforms.outputs.platforms }}"
test_tag () {
podman run -d --pod-id-file=podid --name=searchd -u 14:0 "${{ steps.build-image.outputs.image-with-tag }}$1"
sleep 3
podman logs searchd
podman run --pod-id-file=podid --rm --entrypoint "/bin/env" mysql:8 -- mysql -h 127.0.0.1 -P 9306 -e "SELECT * FROM account limit 1;"
podman rm -f searchd
}
if [ x$( sed -E -e 's#[^/]##g' <<< $platforms ) != "x/" ]; then
# if we are here, user has selected more than one build platform
arch_tags=$( tr ',' ' ' <<< $platforms | tr -d '/' )
# removed slashes to produce "linuxamd64 linuxs390x linuxppc64le"
for tag in $arch_tags; do test_tag -$tag; done
else
# if we are here, user has selected a single build platform
test_tag
fi
- name: Push To Container Registry
id: push-to-container-registry
uses: redhat-actions/push-to-registry@v2
if: github.event_name != 'pull_request'
with:
tags: ${{ steps.build-image.outputs.tags }}
- name: Print image url
run: echo "Image pushed to ${{ steps.push-to-container-registry.outputs.registry-paths }}"