This repository has been archived by the owner on Oct 6, 2023. It is now read-only.
Publish Build Artifacts #442
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Build Artifacts | |
| on: | |
| schedule: | |
| # Trigger the pipeline each day at 6am. | |
| - cron: '0 6 * * *' | |
| push: | |
| branches: | |
| - gadget | |
| pull_request: | |
| jobs: | |
| publish_images: | |
| # Optionally publish container images, guarded by the GitHub secret | |
| # QUAY_PUBLISH. | |
| # To set this up, sign up for quay.io (you can connect it to your github) | |
| # then create a robot user with write access user called "bcc_buildbot", | |
| # and add the secret token for it to GitHub secrets as: | |
| # - QUAY_TOKEN = <token from quay.io> | |
| name: Publish to quay.io | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| env: | |
| #- NAME: bionic-release | |
| # OS_RELEASE: 18.04 | |
| - NAME: focal-release | |
| OS_RELEASE: 20.04 | |
| steps: | |
| - uses: actions/checkout@v1 | |
| - name: Initialize workflow variables | |
| id: vars | |
| shell: bash | |
| run: | | |
| if [ -n "${QUAY_TOKEN}" ];then | |
| echo "Quay token is set, will push an image" | |
| echo ::set-output name=QUAY_PUBLISH::true | |
| else | |
| echo "Quay token not set, skipping" | |
| fi | |
| env: | |
| QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} | |
| - name: Authenticate with quay.io docker registry | |
| if: > | |
| steps.vars.outputs.QUAY_PUBLISH && github.ref != 'refs/heads/gadget' | |
| env: | |
| QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} | |
| run: ./scripts/docker/auth.sh ${{ github.repository }} | |
| ## If we are pushing on gadget branch, we rather use github action than bcc | |
| # scripts. | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v1 | |
| if: github.ref == 'refs/heads/gadget' | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v1 | |
| if: github.ref == 'refs/heads/gadget' | |
| - name: Login to Container Registry | |
| uses: docker/login-action@v1 | |
| if: github.ref == 'refs/heads/gadget' | |
| with: | |
| # Try to be compatible with what does auth.sh. | |
| registry: quay.io | |
| username: kinvolk+bcc_buildbot | |
| password: ${{ secrets.QUAY_TOKEN }} | |
| - name: Build container for amd64 and arm64 | |
| uses: docker/build-push-action@v2 | |
| # We cross build only on when pushing to gadget branch because it takes a | |
| # lot of time. | |
| if: github.ref == 'refs/heads/gadget' | |
| with: | |
| context: . | |
| file: docker/Dockerfile.ubuntu | |
| push: true | |
| # We only use a matrix with one job, so it is fine to hardcode gadget | |
| # here. | |
| tags: | | |
| quay.io/kinvolk/bcc:${{ github.sha }}-${{ matrix.env['NAME'] }} | |
| quay.io/kinvolk/bcc:gadget | |
| build-args: OS_TAG=${{ matrix.env['OS_RELEASE'] }} | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache-new | |
| # For the moment, we only support these two platforms. | |
| platforms: linux/amd64,linux/arm64 | |
| - name: Package docker image and push to quay.io | |
| if: > | |
| steps.vars.outputs.QUAY_PUBLISH && github.ref != 'refs/heads/gadget' | |
| run: > | |
| ./scripts/docker/push.sh | |
| ${{ github.repository }} | |
| ${{ github.ref }} | |
| ${{ github.sha }} | |
| ${{ matrix.env['NAME'] }} | |
| ${{ matrix.env['OS_RELEASE'] }} | |
| # Uploads the packages built in docker to the github build as an artifact for convenience | |
| - uses: actions/upload-artifact@v1 | |
| if: > | |
| steps.vars.outputs.QUAY_PUBLISH && github.ref != 'refs/heads/gadget' | |
| with: | |
| name: ${{ matrix.env['NAME'] }} | |
| path: output | |
| # Optionally publish container images to custom docker repository, | |
| # guarded by presence of all required github secrets. | |
| # GitHub secrets can be configured as follows: | |
| # - DOCKER_IMAGE = docker.io/myorg/bcc | |
| # - DOCKER_USERNAME = username | |
| # - DOCKER_PASSWORD = password | |
| publish_dockerhub: | |
| name: Publish To Dockerhub | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v1 | |
| - name: Initialize workflow variables | |
| id: vars | |
| shell: bash | |
| run: | | |
| if [ -n "${DOCKER_IMAGE}" ] && \ | |
| [ -n "${DOCKER_USERNAME}" ] && \ | |
| [ -n "${DOCKER_PASSWORD}" ];then | |
| echo "Custom docker credentials set, will push an image" | |
| echo ::set-output name=DOCKER_PUBLISH::true | |
| else | |
| echo "Custom docker credentials not, skipping" | |
| fi | |
| env: | |
| DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build container image and publish to registry | |
| id: publish-registry | |
| uses: elgohr/Publish-Docker-Github-Action@2.8 | |
| if: ${{ steps.vars.outputs.DOCKER_PUBLISH }} | |
| with: | |
| name: ${{ secrets.DOCKER_IMAGE }} | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| workdir: . | |
| dockerfile: docker/Dockerfile.ubuntu | |
| snapshot: true | |
| cache: ${{ github.event_name != 'schedule' }} | |
| buildargs: ARG OS_TAG=20.04 |