Skip to content

upload signatures right next to binaries (#223) #36

upload signatures right next to binaries (#223)

upload signatures right next to binaries (#223) #36

Workflow file for this run

name: docker
on:
push:
branches:
- unstable
- stable
tags:
- v*
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/siren
jobs:
# Extract the VERSION which is either `latest` or `vX.Y.Z`, and the VERSION_SUFFIX
# which is either empty or `-unstable`.
#
# It would be nice if the arch didn't get spliced into the version between `latest` and
# `unstable`, but for now we keep the two parts of the version separate for backwards
# compatibility.
extract-version:
runs-on: ubuntu-22.04
steps:
- name: Extract version (if stable)
if: github.event.ref == 'refs/heads/stable'
run: |
echo "VERSION=latest" >> $GITHUB_ENV
echo "VERSION_SUFFIX=" >> $GITHUB_ENV
- name: Extract version (if unstable)
if: github.event.ref == 'refs/heads/unstable'
run: |
echo "VERSION=latest" >> $GITHUB_ENV
echo "VERSION_SUFFIX=-unstable" >> $GITHUB_ENV
- name: Extract version (if tagged release)
if: startsWith(github.event.ref, 'refs/tags')
run: |
echo "VERSION=$(echo ${GITHUB_REF#refs/tags/})" >> $GITHUB_ENV
echo "VERSION_SUFFIX=" >> $GITHUB_ENV
outputs:
VERSION: ${{ env.VERSION }}
VERSION_SUFFIX: ${{ env.VERSION_SUFFIX }}
build-html:
name: build html
runs-on: ubuntu-22.04
needs: [extract-version]
steps:
- name: Checkout sources
uses: actions/checkout@v3
- name: Use node 18
uses: actions/setup-node@v3
with:
node-version: 18
cache: 'yarn'
- name: Install dependencies
env:
NODE_ENV: development
run: |
yarn
- name: Build Siren
env:
NODE_ENV: production
run: yarn build
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: html
path: build/
build-docker-single-arch:
name: build-docker-${{ matrix.binary }}
runs-on: ubuntu-22.04
strategy:
matrix:
binary: [aarch64, x86_64]
needs: [extract-version, build-html]
env:
# We need to enable experimental docker features in order to use `docker buildx`
DOCKER_CLI_EXPERIMENTAL: enabled
VERSION: ${{ needs.extract-version.outputs.VERSION }}
VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }}
steps:
- uses: actions/checkout@v3
- uses: docker/setup-qemu-action@v2
- name: Dockerhub login
run: |
echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin
- name: Map aarch64 to arm64 short arch
if: startsWith(matrix.binary, 'aarch64')
run: echo "SHORT_ARCH=arm64" >> $GITHUB_ENV
- name: Map x86_64 to amd64 short arch
if: startsWith(matrix.binary, 'x86_64')
run: echo "SHORT_ARCH=amd64" >> $GITHUB_ENV;
- name: Download artifacts
uses: actions/download-artifact@v3
with:
name: html
path: html/
- name: Build Dockerfile and push
run: |
docker buildx build \
--platform=linux/${SHORT_ARCH} \
--file ./Dockerfile.release . \
--tag ${IMAGE_NAME}:${VERSION}-${SHORT_ARCH}${VERSION_SUFFIX} \
--provenance=false \
--push
build-docker-multiarch:
name: build-docker-multiarch
runs-on: ubuntu-22.04
needs: [build-docker-single-arch, extract-version]
env:
# We need to enable experimental docker features in order to use `docker manifest`
DOCKER_CLI_EXPERIMENTAL: enabled
VERSION: ${{ needs.extract-version.outputs.VERSION }}
VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }}
steps:
- name: Dockerhub login
run: |
echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin
- name: Create and push multiarch manifest
run: |
docker manifest create ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX} \
--amend ${IMAGE_NAME}:${VERSION}-arm64${VERSION_SUFFIX} \
--amend ${IMAGE_NAME}:${VERSION}-amd64${VERSION_SUFFIX};
docker manifest push ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX}