Skip to content

Commit

Permalink
[OB] Build and push to outerbounds ECR
Browse files Browse the repository at this point in the history
  • Loading branch information
@josephsirak
josephsirak committed Jan 23, 2025
1 parent 05c5626 commit 02cb9f5
Showing 1 changed file with 49 additions and 30 deletions.
79 changes: 49 additions & 30 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,18 +7,20 @@ on:
branches:
- master
- dev-*
- release-*

defaults:
run:
shell: bash

permissions:
contents: read
id-token: write

jobs:
build-binaries:
runs-on: ubuntu-20.04
if: github.repository == 'argoproj/argo-events'
if: github.repository == 'outerbounds/argo-events'
name: Build binaries
steps:
- name: Checkout
Expand All @@ -27,7 +29,7 @@ jobs:
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: "1.23"
go-version: "1.22"

- name: Build binaries
run: |
Expand All @@ -36,50 +38,67 @@ jobs:
- name: Make checksums
run: make checksums
- name: store artifacts
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: binaries
path: dist

build-push-linux-multi:
name: Build & push linux/amd64 and linux/arm64
needs: [ build-binaries ]
runs-on: ubuntu-20.04
if: github.repository == 'argoproj/argo-events'
runs-on: ubuntu-latest
if: github.repository == 'outerbounds/argo-events'
strategy:
matrix:
target: [ argo-events ]
env:
ECR_REGISTRY: 006988687827.dkr.ecr.us-west-2.amazonaws.com
IMAGE_NAME: obp-argo-events
steps:
- uses: actions/checkout@v4

- name: Generate build ID
id: prep
run: |
branch=${GITHUB_REF##*/}
sha=${GITHUB_SHA::8}
ts=$(date +%s)
release_tag=$(git describe --tags --exact-match --match 'v*' || echo "dirty")
echo "BUILD_ID=${branch}-${sha}-${ts}" >> $GITHUB_ENV
echo "RELEASE_BRANCH=${branch}" >> $GITHUB_ENV
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::006988687827:role/obp-argo-events-image-pusher
aws-region: us-west-2

- run: aws sts get-caller-identity

- name: Login to ECR
uses: docker/login-action@v1
with:
registry: ${{ env.ECR_REGISTRY }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Download binaries
uses: actions/download-artifact@v3
with:
name: binaries
path: dist/

- name: Registry Login
uses: docker/login-action@v2
driver: docker-container
platforms: linux/amd64,linux/arm64
- name: Build and push Docker image
uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
registry: quay.io
username: ${{ secrets.QUAYIO_USERNAME }}
password: ${{ secrets.QUAYIO_PASSWORD }}

- name: set Version
id: version
run: |
tag=$(basename $GITHUB_REF)
if [ $tag = "master" ]; then
tag="latest"
fi
echo "VERSION=$tag" >> $GITHUB_OUTPUT
- name: Container build and push with arm64/amd64
run: |
IMAGE_NAMESPACE=${{ secrets.QUAYIO_ORG }} VERSION=${{ steps.version.outputs.VERSION }} DOCKER_PUSH=true make image-multi
platforms: linux/amd64,linux/arm64
context: ./
push: true
build-args: |
BUILD_ID=${{ env.BUILD_ID }}
VERSION=${{ env.RELEASE_BRANCH }}
secrets: |
GH_ACCESS_TOKEN=${{ secrets.OBDEPLOYBOT_PAT }}
tags: |
${{env.ECR_REGISTRY}}/${{ env.IMAGE_NAME }}:${{ env.BUILD_ID }}
${{env.ECR_REGISTRY}}/${{ env.IMAGE_NAME }}:${{ env.RELEASE_BRANCH }}
${{env.ECR_REGISTRY}}/${{ env.IMAGE_NAME }}:latest
bom:
runs-on: ubuntu-latest
Expand All @@ -104,7 +123,7 @@ jobs:
- run: bom generate --image quay.io/argoproj/argo-events:$VERSION -o /tmp/argo-events.spdx
# pack the boms into one file to make it easy to download
- run: cd /tmp && tar -zcf sbom.tar.gz *.spdx
- uses: actions/upload-artifact@v3
- uses: actions/upload-artifact@v4
with:
name: sbom.tar.gz
path: /tmp/sbom.tar.gz
Expand Down

0 comments on commit 02cb9f5

Please sign in to comment.