ci: switch to use cloud builders for native multi-arch support #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Automatically build Docker images using a cloud builder and publish them to a | |
# container registry using HCL Bake file. | |
name: Build Docker Images | |
on: | |
workflow_dispatch: | |
pull_request: | |
branches: ['main'] | |
# push: | |
# branches: ['main'] | |
# tags: ['*'] | |
jobs: | |
# When pushing into main will build the regular multi-arch image | |
# For pull requests will use the default target to only | |
# generate local architecture version | |
bake-target: | |
name: Determine bake target | |
runs-on: ubuntu-22.04 # don't use the big runners for this small step | |
outputs: | |
target: ${{ steps.generate.outputs.bake_target }} | |
steps: | |
- name: Determine target | |
id: generate | |
run: | | |
if [[ '${{ github.event_name }}' == 'pull_request' ]]; then | |
TGT=askem-julia-base | |
else | |
TGT=askem-julia | |
fi | |
echo "$TGT" | |
echo "bake_target=${TGT,,}" >> ${GITHUB_OUTPUT} | |
- name: Show Generated Tag | |
run: echo ${{ steps.generate.outputs.bake_target }} | |
bake-build: | |
name: bake-build | |
runs-on: ubuntu-22.04 | |
# always run this job but bail out if any of the dependencies were failures (skips are okay) | |
# and targets list is not empty | |
permissions: | |
packages: write | |
contents: read | |
# this job depends on the 'targets' job | |
needs: | |
- bake-target | |
steps: | |
# 2.1 - Checkout the repository | |
- name: Checkout the repository | |
uses: actions/checkout@v4 | |
# 2.2 - Generate Image Metadata | |
# Automatically generates the defaul OCI labels that can be extended | |
# Automatically determine the version tag to use based by the following | |
# priority list: | |
# - if tag is semantic version compliant use the version (strip prefix/suffix) | |
# - if tagged but not semver, use tag directly | |
# - if neither of the above and is default branch then use latest | |
# NOTE: that all 3 may be generated as tags but te priority for the version | |
# to be embedded within the image label is top to bottom | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5.5.0 | |
with: | |
images: ghcr.io/${{ github.repository }}/${{ needs.bake-target.outputs.target }} | |
tags: | | |
type=semver,pattern={{version}} | |
type=ref,event=pr | |
# set latest tag for default branch | |
type=raw,value=latest,enable={{is_default_branch}} | |
# 2.4 - Login against the docker registry | |
- name: Login to registry GHCR | |
uses: docker/login-action@v3.0.0 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# 2.5 - Login against the Docker registry | |
- name: Login to registry Docker Cloud | |
uses: docker/login-action@v3.0.0 | |
with: | |
username: ${{ secrets.DOCKER_CLOUD_BUILD_USERNAME }} | |
password: ${{ secrets.DOCKER_CLOUD_BUILD_TOKEN }} | |
# 2.6 - Setup Docker BuildX for multi platform Cloud building | |
# NOTE: Experimental | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3.0.0 | |
with: | |
version: "lab:latest" | |
driver: cloud | |
endpoint: "${{ secrets.DOCKER_CLOUD_BUILD_ENDPOINT }}" | |
# 2.7 - Build Docker Images | |
- name: Build Images using BuildX Bake | |
uses: docker/bake-action@v4.1.0 | |
with: | |
files: | | |
"docker/docker-bake.hcl" | |
${{ steps.meta.outputs.bake-file }} | |
targets: ${{ needs.bake-target.outputs.target }} | |
push: false | |