[ci][fix] INFRAPRJ-7379: Use proper push switcher in context of 'image' output #49
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Build speculos-builder and push the resulting docker image to GitHub Packages | |
name: Speculos Builder | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- master | |
paths: | |
- .github/workflows/speculos-builder.yml | |
- build.Dockerfile | |
pull_request: | |
branches: | |
- master | |
paths: | |
- .github/workflows/speculos-builder.yml | |
- build.Dockerfile | |
jobs: | |
build: | |
name: Build and push speculos-builder image | |
strategy: | |
matrix: | |
include: | |
- platform: linux/amd64 | |
runner: ubuntu-latest | |
- platform: linux/arm64 | |
runner: speculos-builder-2c-arm64-ubuntu_2404 | |
runs-on: ${{ matrix.runner }} | |
permissions: | |
packages: write | |
steps: | |
- name: Prepare | |
run: | | |
platform=${{ matrix.platform }} | |
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
if [[ "${{ github.event_name }}" == 'push' && "${{ github.ref }}" == 'refs/heads/master' ]]; then | |
PUSH_FLAG='true' | |
else | |
PUSH_FLAG='false' | |
fi | |
echo "PUSH_FLAG=${PUSH_FLAG}" >> $GITHUB_ENV | |
- name: Clone | |
uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push speculos-builder to GitHub Packages by digest | |
uses: docker/build-push-action@v6 | |
id: build | |
with: | |
file: build.Dockerfile | |
platforms: ${{ matrix.platform }} | |
outputs: type=image,name=ghcr.io/ledgerhq/speculos-builder,push-by-digest=true,name-canonical=true,push=${{ env.PUSH_FLAG }} | |
- name: Export digest | |
run: | | |
mkdir -p /tmp/digests | |
digest="${{ steps.build.outputs.digest }}" | |
touch "/tmp/digests/${digest#sha256:}" | |
- name: Upload digest | |
uses: actions/upload-artifact@v4 | |
with: | |
name: digests-${{ env.PLATFORM_PAIR }} | |
path: /tmp/digests/* | |
if-no-files-found: error | |
retention-days: 1 | |
merge: | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }} | |
needs: | |
- build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download digests | |
uses: actions/download-artifact@v4 | |
with: | |
path: /tmp/digests | |
pattern: digests-* | |
merge-multiple: true | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Create manifest list and push | |
working-directory: /tmp/digests | |
run: | | |
docker buildx imagetools create --tag ghcr.io/ledgerhq/speculos-builder:latest $(printf 'ghcr.io/ledgerhq/speculos-builder@sha256:%s ' *) | |
- name: Inspect image | |
run: | | |
docker buildx imagetools inspect ghcr.io/ledgerhq/speculos-builder:latest |