Skip to content

Publish OCI Images #4636

Publish OCI Images

Publish OCI Images #4636

name: Publish OCI Images
on:
push:
branches:
- latest
schedule:
# * is a special character in YAML so you have to quote this string
- cron: '0 1 * * *'
workflow_dispatch:
env:
COLORTERM: 'yes'
TERM: 'xterm-256color'
PYTEST_ADDOPTS: '--color=yes'
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Download s6-overlay
run: |
wget https://github.com/just-containers/s6-overlay/releases/download/v3.1.2.1/s6-overlay-x86_64.tar.xz
wget https://github.com/just-containers/s6-overlay/releases/download/v3.1.2.1/s6-overlay-noarch.tar.xz
wget https://github.com/just-containers/s6-overlay/releases/download/v3.1.2.1/s6-overlay-symlinks-arch.tar.xz
wget https://github.com/just-containers/s6-overlay/releases/download/v3.1.2.1/s6-overlay-symlinks-noarch.tar.xz
unxz s6-overlay*.tar.xz
gzip s6-overlay*.tar
- name: Set version
run: |
version="${GITHUB_REF#refs/heads/}"
echo "Building and publishing $version."
echo "VERSION=$version" >> $GITHUB_ENV
- uses: actions/setup-python@v3
with:
python-version: "3.8"
- name: Install python dependencies
if: github.event_name == 'schedule'
run: |
echo ::group::PYDEPS
pip install gitpython requests packaging jinja2 pyyaml
echo ::endgroup::
- name: Dispatching
if: github.event_name == 'schedule'
run: python .ci/scripts/update_ci_branches.py
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
- name: Build the images
run: |
docker build --file s6_images/pulp_ci_centos/Containerfile --tag pulp/pulp-ci-centos:latest .
docker tag pulp/pulp-ci-centos:latest ghcr.io/pulp/pulp-ci-centos:latest
docker tag pulp/pulp-ci-centos:latest quay.io/pulp/pulp-ci-centos:latest
if [ "$VERSION" = "latest" ]; then
docker build --file s6_images/pulp_galaxy_ng/Containerfile --tag pulp/pulp-galaxy-ng:latest .
docker tag pulp/pulp-galaxy-ng:latest ghcr.io/pulp/pulp-galaxy-ng:latest
docker tag pulp/pulp-galaxy-ng:latest quay.io/pulp/all-in-one-galaxy:latest
# Be resilient if this fails
docker build --file s6_images/pulp_nightly/Containerfile --tag pulp/pulp:nightly . || true
docker tag pulp/pulp:nightly ghcr.io/pulp/pulp:nightly || true
docker tag pulp/pulp:nightly quay.io/pulp/all-in-one-pulp:nightly || true
else
docker tag pulp/pulp-ci-centos:latest pulp/pulp-ci-centos:$VERSION
docker tag pulp/pulp-ci-centos:latest ghcr.io/pulp/pulp-ci-centos:$VERSION
docker tag pulp/pulp-ci-centos:latest quay.io/pulp/pulp-ci-centos:$VERSION
fi
docker build --file s6_images/pulp/Containerfile --tag pulp/pulp:$VERSION .
docker tag pulp/pulp:$VERSION ghcr.io/pulp/pulp:$VERSION
docker tag pulp/pulp:$VERSION quay.io/pulp/all-in-one-pulp:$VERSION
- name: Test the images
run: s6_images/assets/test.sh "pulp/pulp:$VERSION"
- name: Github login
env:
PULP_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PULP_GITHUB_USERNAME: ${{ github.actor }}
run: echo "$PULP_GITHUB_TOKEN" | docker login -u "$PULP_GITHUB_USERNAME" --password-stdin ghcr.io
- name: Push ci image to github
run: |
docker push ghcr.io/pulp/pulp:$VERSION
docker push ghcr.io/pulp/pulp-ci-centos:$VERSION
if [ "$VERSION" = "latest" ]; then
docker push ghcr.io/pulp/pulp-galaxy-ng:latest
# Be resilient if this fails
docker push ghcr.io/pulp/pulp:nightly || true
fi
- name: Docker login
env:
DOCKER_BOT_PASSWORD: ${{ secrets.DOCKER_BOT_PASSWORD }}
DOCKER_BOT_USERNAME: ${{ secrets.DOCKER_BOT_USERNAME }}
run: echo "$DOCKER_BOT_PASSWORD" | docker login -u "$DOCKER_BOT_USERNAME" --password-stdin docker.io
- name: Push ci image to dockerhub
run: |
docker push docker.io/pulp/pulp:$VERSION
docker push docker.io/pulp/pulp-ci-centos:$VERSION
if [ "$VERSION" = "latest" ]; then
docker push docker.io/pulp/pulp-galaxy-ng:latest
# Be resilient if this fails
docker push docker.io/pulp/pulp:nightly || true
fi
- name: Quay login
env:
QUAY_BOT_PASSWORD: ${{ secrets.QUAY_BOT_PASSWORD }}
QUAY_BOT_USERNAME: ${{ secrets.QUAY_BOT_USERNAME }}
run: echo "$QUAY_BOT_PASSWORD" | docker login -u "$QUAY_BOT_USERNAME" --password-stdin quay.io
- name: Push ci image to quay
run: |
docker push quay.io/pulp/all-in-one-pulp:$VERSION
docker push quay.io/pulp/pulp-ci-centos:$VERSION
if [ "$VERSION" = "latest" ]; then
docker push quay.io/pulp/all-in-one-galaxy:latest
# Let this be the last thing so it can indicate failure without breaking anything else
docker push quay.io/pulp/all-in-one-pulp:nightly
fi
- name: Display log on error
if: failure()
run: docker logs pulp
ssl_publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Download s6-overlay
run: |
wget https://github.com/just-containers/s6-overlay/releases/download/v3.1.2.1/s6-overlay-x86_64.tar.xz
wget https://github.com/just-containers/s6-overlay/releases/download/v3.1.2.1/s6-overlay-noarch.tar.xz
wget https://github.com/just-containers/s6-overlay/releases/download/v3.1.2.1/s6-overlay-symlinks-arch.tar.xz
wget https://github.com/just-containers/s6-overlay/releases/download/v3.1.2.1/s6-overlay-symlinks-noarch.tar.xz
unxz s6-overlay*.tar.xz
gzip s6-overlay*.tar
- name: Set version
run: |
version="${GITHUB_REF#refs/heads/}-https"
echo "Building and publishing $version."
echo "VERSION=$version" >> $GITHUB_ENV
- name: Build the images
run: |
docker build --build-arg SCHEME="https" --file s6_images/pulp_ci_centos/Containerfile --tag pulp/pulp-ci-centos:https .
docker tag pulp/pulp-ci-centos:https ghcr.io/pulp/pulp-ci-centos:https
docker tag pulp/pulp-ci-centos:https quay.io/pulp/pulp-ci-centos:https
if [ "$VERSION" = "latest-https" ]; then
docker build --build-arg FROM_TAG="https" --file s6_images/pulp_galaxy_ng/Containerfile --tag pulp/pulp-galaxy-ng:https .
docker tag pulp/pulp-galaxy-ng:https ghcr.io/pulp/pulp-galaxy-ng:https
docker tag pulp/pulp-galaxy-ng:https quay.io/pulp/all-in-one-galaxy:https
docker build --build-arg FROM_TAG="https" --file s6_images/pulp/Containerfile --tag pulp/pulp:https .
docker tag pulp/pulp:https ghcr.io/pulp/pulp:https
docker tag pulp/pulp:https quay.io/pulp/all-in-one-pulp:https
else
docker tag pulp/pulp-ci-centos:https pulp/pulp-ci-centos:$VERSION
docker tag pulp/pulp-ci-centos:https ghcr.io/pulp/pulp-ci-centos:$VERSION
docker tag pulp/pulp-ci-centos:https quay.io/pulp/pulp-ci-centos:$VERSION
docker build --build-arg FROM_TAG="https" --file s6_images/pulp/Containerfile --tag pulp/pulp:$VERSION .
docker tag pulp/pulp:$VERSION ghcr.io/pulp/pulp:$VERSION
docker tag pulp/pulp:$VERSION quay.io/pulp/all-in-one-pulp:$VERSION
fi
- name: Test the images
run: |
if [ "$VERSION" = "latest-https" ]; then
s6_images/assets/test.sh "pulp/pulp:https" https
else
s6_images/assets/test.sh "pulp/pulp:$VERSION" https
fi
- name: Github login
env:
PULP_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DOCKER_BOT_USERNAME: ${{ secrets.DOCKER_BOT_USERNAME }}
run: echo "$PULP_GITHUB_TOKEN" | docker login -u "$DOCKER_BOT_USERNAME" --password-stdin ghcr.io
- name: Push ci image to github
run: |
if [ "$VERSION" = "latest-https" ]; then
docker push ghcr.io/pulp/pulp-ci-centos:https
docker push ghcr.io/pulp/pulp-galaxy-ng:https
docker push ghcr.io/pulp/pulp:https
else
docker push ghcr.io/pulp/pulp-ci-centos:$VERSION
docker push ghcr.io/pulp/pulp:$VERSION
fi
- name: Docker login
env:
DOCKER_BOT_PASSWORD: ${{ secrets.DOCKER_BOT_PASSWORD }}
DOCKER_BOT_USERNAME: ${{ secrets.DOCKER_BOT_USERNAME }}
run: echo "$DOCKER_BOT_PASSWORD" | docker login -u "$DOCKER_BOT_USERNAME" --password-stdin docker.io
- name: Push ci image to dockerhub
run: |
if [ "$VERSION" = "latest-https" ]; then
docker push docker.io/pulp/pulp-ci-centos:https
docker push docker.io/pulp/pulp-galaxy-ng:https
docker push docker.io/pulp/pulp:https
else
docker push docker.io/pulp/pulp:$VERSION
docker push docker.io/pulp/pulp-ci-centos:$VERSION
fi
- name: Quay login
env:
QUAY_BOT_PASSWORD: ${{ secrets.QUAY_BOT_PASSWORD }}
QUAY_BOT_USERNAME: ${{ secrets.QUAY_BOT_USERNAME }}
run: echo "$QUAY_BOT_PASSWORD" | docker login -u "$QUAY_BOT_USERNAME" --password-stdin quay.io
- name: Push ci image to quay
run: |
if [ "$VERSION" = "latest-https" ]; then
docker push quay.io/pulp/pulp-ci-centos:https
docker push quay.io/pulp/all-in-one-galaxy:https
docker push quay.io/pulp/all-in-one-pulp:https
else
docker push quay.io/pulp/pulp-ci-centos:$VERSION
docker push quay.io/pulp/all-in-one-pulp:$VERSION
fi
- name: Display log on error
if: failure()
run: docker logs pulp