build-images #18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build-images | |
on: | |
workflow_dispatch: | |
push: | |
tags: | |
- "v*" | |
paths: | |
- cmd/** | |
- infrastructure-templates/** | |
- terraform/** | |
- ".github/workflows/*" | |
- ".github/actions/**" | |
- Dockerfile | |
permissions: | |
contents: read | |
packages: write | |
jobs: | |
build-images: | |
strategy: | |
fail-fast: true | |
matrix: | |
name: | |
- iac-job | |
- aws-spot-node-terminator | |
- gcp-spot-node-terminator | |
runs-on: ubuntu-latest | |
name: build container images | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: setup nix (with cachix) | |
uses: kloudlite/actions/setup-nix-cachix@v1 | |
with: | |
flake_lock: ${{ inputs.working_directory }}/flake.lock | |
nix_develop_arguments: ${{ inputs.working_directory }}#default | |
cachix_cache_name: ${{ secrets.CACHIX_CACHE_NAME }} | |
cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
- name: setup docker | |
uses: kloudlite/actions/setup-docker@v1 | |
with: | |
docker_registry: "ghcr.io" | |
docker_username: ${{ github.actor }} | |
docker_password: ${{ secrets.GITHUB_TOKEN }} | |
- name: generate image tag | |
uses: kloudlite/actions/generate-image-tag@v1 | |
- name: builds iac job image | |
if: ${{ matrix.name == 'iac-job' }} | |
working-directory: "./" | |
shell: bash | |
run: | | |
task local:build:iac-job Image="ghcr.io/${{ github.repository }}/iac-job:${IMAGE_TAG}" | |
- name: builds gcp-spot-node-terminator | |
if: ${{ matrix.name == 'gcp-spot-node-terminator' }} | |
working-directory: ./cmd/gcp-spot-node-terminator | |
shell: bash | |
run: | | |
task container:build-and-push image="ghcr.io/${{github.repository}}/cmd/gcp-spot-node-terminator:$IMAGE_TAG" push=true dockerArgs="" | |
- name: builds aws spot node terminator | |
if: ${{ matrix.name == 'aws-spot-node-terminator'}} | |
working-directory: ./cmd/aws-spot-node-terminator | |
shell: bash | |
run: | | |
task container:build-and-push image="ghcr.io/${{ github.repository }}/cmd/aws-spot-node-terminator:$IMAGE_TAG" push=true dockerArgs="" | |
# - uses: ./.github/actions/build-container-images | |
# with: | |
# github_token: ${{ secrets.GITHUB_TOKEN }} | |
# cachix_cache_name: ${{ secrets.CACHIX_CACHE_NAME }} | |
# cachix_auth_token: "${{ secrets.CACHIX_AUTH_TOKEN }}" | |
# working_directory: "." | |
# | |
# builds_iac_job: ${{ matrix.name == 'iac-job' }} | |
# builds_aws_spot_node_terminator: ${{ matrix.name == 'aws-spot-node-terminator' }} | |
# builds_gcp_spot_node_terminator: ${{ matrix.name == 'gcp-spot-node-terminator' }} | |
build-k3s-runner-and-binary: | |
runs-on: ubuntu-latest | |
env: | |
k3s_version: "v1.30.5+k3s1" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: setup nix (with cachix) | |
uses: kloudlite/actions/setup-nix-cachix@v1 | |
with: | |
flake_lock: ${{ inputs.working_directory }}/flake.lock | |
nix_develop_arguments: ${{ inputs.working_directory }}#default | |
cachix_cache_name: ${{ secrets.CACHIX_CACHE_NAME }} | |
cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
- name: build k3s runner | |
shell: bash | |
working-directory: ./cmd/k3s-runner | |
run: |+ | |
GOARCH=amd64 task build | |
GOARCH=arm64 task build | |
- name: download supported k3s binary | |
shell: bash | |
working-directory: ./cmd/k3s-runner | |
run: |+ | |
echo "$PWD" | |
mkdir -p ./bin | |
curl -L0 "https://github.com/k3s-io/k3s/releases/download/$k3s_version/k3s" > ./bin/k3s-amd64 | |
curl -L0 "https://github.com/k3s-io/k3s/releases/download/$k3s_version/k3s-arm64" > ./bin/k3s-arm64 | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: k3s | |
path: ./cmd/k3s-runner/bin/* | |
releasing-binaries: | |
runs-on: ubuntu-latest | |
needs: build-k3s-runner-and-binary | |
permissions: | |
contents: write | |
packages: write | |
steps: | |
- name: Download all artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
path: ${{ github.workspace }}/binaries | |
name: k3s | |
- name: flattening all the artifacts | |
shell: bash | |
run: |+ | |
ls -R ${{ github.workspace }}/binaries | |
mkdir -p ${{ github.workspace }}/upload/binaries | |
shopt -s globstar | |
file ./** | grep 'executable,' | awk -F: '{print $1}' | xargs -I {} cp {} ${{ github.workspace }}/upload/binaries | |
shopt -u globstar | |
- uses: nxtcoder17/actions/generate-image-tag@v1 | |
id: tag_name | |
- name: running for master branch | |
if: startsWith(github.ref, 'refs/heads/master') | |
run: |+ | |
echo "IMAGE_TAG=nightly" | tee -a $GITHUB_ENV | tee -a $GITHUB_OUTPUT | |
- name: ensure github release exists | |
shell: bash | |
env: | |
GH_TOKEN: ${{ github.token }} | |
run: |+ | |
set +e | |
gh release list -R ${{ github.repository }} | awk '{print $3}' | grep -i "$IMAGE_TAG" | |
exit_code=$? | |
if [ $exit_code -ne 0 ]; then | |
gh release create $IMAGE_TAG -R ${{ github.repository }} --generate-notes --prerelease --draft=false | |
fi | |
- name: upload to github release | |
shell: bash | |
env: | |
GH_TOKEN: ${{ github.token }} | |
run: |+ | |
extra_args="" | |
if [ "$IMAGE_TAG" = "nightly" ]; then | |
extra_args="--clobber" | |
fi | |
gh release upload $IMAGE_TAG -R ${{github.repository}} $extra_args ${{github.workspace}}/upload/binaries/* | |
- name: mark release as latest | |
if: startsWith(github.ref, 'refs/tags/') | |
env: | |
GH_TOKEN: ${{ github.token }} | |
shell: bash | |
run: |+ | |
gh release edit $IMAGE_TAG -R ${{ github.repository }} --latest | |