Bump google-github-actions/auth from 1 to 2 #2440
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker build | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
tags: | |
- "v*" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
docker: | |
name: ${{ matrix.docker_images.label }} (${{ matrix.targets.target_suffix }}${{ matrix.targets.debug_suffix }}) | |
runs-on: ubuntu-latest-m | |
permissions: | |
packages: write | |
contents: read | |
strategy: | |
fail-fast: false | |
matrix: | |
targets: | |
# example: livepeer/catalyst:latest | |
# primary multi-platform stripped build | |
- platforms: linux/amd64, linux/arm64 | |
target: stripped | |
target_suffix: "" | |
debug_suffix: "" | |
# example: livepeer/catalyst:latest-amd64 | |
# primarily useful so we can deploy the amd64 version prior to the slow, emulated arm64 build to succeed | |
- platforms: linux/amd64 | |
target: stripped | |
target_suffix: "-amd64" | |
debug_suffix: "" | |
# example: livepeer/catalyst:latest-arm64 | |
- platforms: linux/arm64 | |
target: stripped | |
target_suffix: "-arm64" | |
debug_suffix: "" | |
# example: livepeer/catalyst:latest-amd64-debug | |
# unstripped binaries for use with gdb coredump debugging | |
- platforms: linux/amd64 | |
target: full | |
target_suffix: "-amd64" | |
debug_suffix: "-debug" | |
# example: livepeer/catalyst:latest-arm64-debug | |
- platforms: linux/arm64 | |
target: full | |
target_suffix: "-arm64" | |
debug_suffix: "-debug" | |
docker_images: | |
- target: catalyst | |
label: livepeer/catalyst | |
refs: | | |
livepeer/catalyst-lite | |
livepeerci/catalyst | |
- target: livepeer-in-a-box | |
label: livepeer/in-a-box | |
refs: | | |
livepeer/in-a-box | |
livepeer/catalyst | |
steps: | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }} | |
with: | |
username: ${{ secrets.CI_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.CI_DOCKERHUB_TOKEN }} | |
- name: Log in to the Container registry | |
if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }} | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ github.token }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
flavor: | | |
suffix=${{ matrix.targets.target_suffix }}${{ matrix.targets.debug_suffix }},onlatest=true | |
images: | | |
${{ matrix.docker_images.refs }} | |
tags: | | |
type=ref,event=branch | |
type=ref,event=tag | |
type=ref,event=pr | |
type=sha | |
type=sha,format=long | |
type=semver,pattern={{version}},prefix=v | |
type=semver,pattern={{major}}.{{minor}},prefix=v | |
type=raw,value=latest,enable={{is_default_branch}} | |
type=raw,value=${{ (github.event_name == 'pull_request' && github.head_ref) || github.ref_name }} | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
platforms: ${{ matrix.targets.platforms }} | |
push: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }} | |
target: ${{ matrix.docker_images.target }} | |
build-args: | | |
GIT_VERSION=${{ github.ref_type == 'tag' && github.ref_name || github.event.pull_request.head.sha || github.sha }} | |
BUILD_TARGET=${{ matrix.targets.target }} | |
FROM_LOCAL_PARENT=scratch | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Notify new build upload | |
if: ${{ matrix.targets.target_suffix == '-amd64' && matrix.targets.target == 'stripped' }} | |
run: curl -X POST https://holy-bread-207a.livepeer.workers.dev | |
# https://brunoscheufler.com/blog/2022-04-09-the-required-github-status-check-that-wasnt | |
after-docker: | |
needs: docker # run after docker | |
runs-on: ubuntu-latest | |
if: success() # only run when all shards have passed | |
# store success output flag for ci job | |
outputs: | |
success: ${{ steps.setoutput.outputs.success }} | |
steps: | |
- id: setoutput | |
run: echo "::set-output name=success::true" | |
ci: | |
runs-on: ubuntu-latest | |
if: always() # always run, so we never skip the check | |
needs: [docker, after-docker] | |
steps: | |
- run: | | |
passed="${{ needs.after-docker.outputs.success }}" | |
if [[ $passed == "true" ]]; then | |
echo "Docker builds passed!" | |
exit 0 | |
else | |
echo "Docker builds failed; check the CI tasks adjacent to this one for the actual cause of failure. Sometimes if a runner runs out of disk space it shows up as 'Skipped'." | |
exit 1 | |
fi |