WIP: stagex ci #9
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: stagex-build | |
on: | |
push: | |
tags: | |
- v*.*.* | |
branches: | |
- main | |
pull_request: | |
workflow_dispatch: # Allows manual invocation | |
jobs: | |
build: | |
name: build artifacts | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- target: qos_client.tar | |
- target: qos_host.tar | |
- target: qos_client.tar | |
steps: | |
- name: Setup Latest docker | |
shell: 'script -q -e -c "bash {0}"' | |
run: | | |
# This script basically always needs root | |
[[ $EUID -ne 0 ]] && exec sudo /bin/sh "$0" "$@" | |
# uninstall all conflicting packages: | |
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done | |
# Add Docker's official GPG key: | |
sudo apt-get update | |
sudo apt-get install ca-certificates curl | |
sudo install -m 0755 -d /etc/apt/keyrings | |
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc | |
sudo chmod a+r /etc/apt/keyrings/docker.asc | |
# Add the repository to Apt sources: | |
echo \ | |
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ | |
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ | |
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null | |
sudo apt-get update | |
cat << EOF >/etc/docker/daemon.json | |
{ | |
"features": { | |
"containerd-snapshotter": true | |
} | |
} | |
EOF | |
# Install required packages | |
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin | |
systemctl restart docker | |
docker buildx create --driver docker-container --bootstrap --name build --use | |
- name: Check Docker Version | |
run: docker --version | |
- name: Checkout sources | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
fetch-depth: 0 | |
submodules: true | |
- name: Run `make` | |
shell: 'script -q -e -c "bash {0}"' | |
run: | | |
make out/${{ matrix.target }} | |
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: ${{ matrix.target }} | |
path: out/${{ matrix.target }} | |
retention-days: 1 | |
upload_to_ghcr: | |
name: Upload toolchain artifacts to GHCR | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Download Artifacts | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
- name: Upload images to GHCR | |
env: | |
images: >- | |
qos_client | |
qos_enclave | |
qos_host | |
tags: >- | |
${{ github.ref == format('refs/heads/{0}', 'main') && 'latest' || '' }} | |
${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.number) || '' }} | |
${{ github.event_name == 'push' && github.ref_name || '' }} | |
run: | | |
skopeo login \ | |
--username "${{ github.actor }}" \ | |
--password "${{ secrets.GITHUB_TOKEN }}" \ | |
ghcr.io | |
for image in ${images}; do | |
skopeo copy --all \ | |
"oci-archive:./${image}.tar/${image}.tar" \ | |
"docker://ghcr.io/tkhq/${image}:sha-${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}" | |
for tag in ${tags}; do | |
skopeo copy --all \ | |
"docker://ghcr.io/tkhq/${image}:sha-${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}" \ | |
"docker://ghcr.io/tkhq/${image}:${tag}" | |
done | |
done |