-
Notifications
You must be signed in to change notification settings - Fork 1.2k
99 lines (97 loc) · 3.65 KB
/
nightly.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
---
name: Nightly
on:
workflow_dispatch:
inputs:
branch:
description: 'Claircore branch to reference'
required: false
tag:
description: 'Tag to push resulting image to'
required: false
schedule:
- cron: '30 5 * * *'
jobs:
build:
name: Build and Push container
runs-on: 'ubuntu-latest'
steps:
- name: Setup
id: setup
env:
QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }}
QUAY_API_TOKEN: ${{ secrets.QUAY_API_TOKEN }}
# This step uses defaults written in the shell script instead of the
# nicer workflow inputs so that the cron trigger works.
run: |
br=$(test -n "${{github.event.inputs.branch}}" && echo "${{github.event.inputs.branch}}" || echo main)
: "${repo:=$GITHUB_REPOSITORY}"
test "${repo%%/*}" = quay && repo="projectquay/${repo##*/}" ||:
cat <<. >>$GITHUB_OUTPUT
push=${{ env.QUAY_TOKEN != '' }}
api=${{ env.QUAY_API_TOKEN != '' }}
date=$(date -u '+%Y-%m-%d')
tag=$(test -n "${{github.event.inputs.tag}}" && echo "${{github.event.inputs.tag}}" || echo nightly)
claircore_branch=${br}
repo=${repo}
.
# Environment variables
printf 'CLAIRCORE_BRANCH=%s\n' "${br}" >> $GITHUB_ENV
- uses: docker/setup-qemu-action@v3
with:
platforms: all
- uses: docker/setup-buildx-action@v3
- uses: actions/checkout@v4
with:
fetch-depth: 0
- id: setup-go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
check-latest: true
- name: Warm cache
if: steps.setup-go.outputs.cache-hit != 'true'
run: |
# go mod download
find . -name go.mod -type f -execdir go mod download \;
- id: mod
run: ./.github/script/nightly-module.sh
- id: novelty
uses: actions/cache@v4
with:
path: go.sum
key: novelty-${{ github.sha }}-${{ hashFiles('./go.*') }}
- uses: docker/login-action@v3
if: steps.setup.outputs.push && steps.novelty.outputs.cache-hit != 'true'
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Export
if: steps.novelty.outputs.cache-hit != 'true'
# This exports the current state of the main branch, and appends our modified go module files.
run: |
mkdir "${{ runner.temp }}/build"
git archive --add-file=go.mod --add-file=go.sum origin/main |
tar -x -C "${{ runner.temp }}/build"
(
cd "${{ runner.temp }}/build"
go mod vendor
)
- uses: docker/build-push-action@v6
if: steps.novelty.outputs.cache-hit != 'true'
with:
cache-from: type=gha
cache-to: type=gha,mode=max
context: ${{ runner.temp }}/build
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
push: ${{ steps.setup.outputs.push && steps.novelty.outputs.cache-hit != 'true' }}
tags: |
quay.io/${{ steps.setup.outputs.repo }}:${{ steps.setup.outputs.tag }}
quay.io/${{ steps.setup.outputs.repo }}:${{ steps.setup.outputs.tag }}-${{ steps.setup.outputs.date }}
- uses: ./.github/actions/set-image-expiration
if: steps.setup.outputs.push && steps.setup.outputs.api && steps.novelty.outputs.cache-hit != 'true'
with:
repo: ${{ steps.setup.outputs.repo }}
tag: ${{ steps.setup.outputs.tag }}-${{ steps.setup.outputs.date }}
token: ${{ secrets.QUAY_API_TOKEN }}