mirror of
https://git.flexiblyrigid.au/actions/bake-action.git
synced 2025-12-06 07:48:05 +08:00
247 lines
5.9 KiB
YAML
247 lines
5.9 KiB
YAML
name: ci
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
buildx-version:
|
|
description: 'Buildx version or Git context'
|
|
default: 'latest'
|
|
required: false
|
|
buildkit-image:
|
|
description: 'BuildKit image'
|
|
default: 'moby/buildkit:buildx-stable-1'
|
|
required: false
|
|
schedule:
|
|
- cron: '0 10 * * *'
|
|
push:
|
|
branches:
|
|
- 'master'
|
|
- 'releases/v*'
|
|
tags:
|
|
- 'v*'
|
|
pull_request:
|
|
|
|
env:
|
|
BUILDX_VERSION: latest
|
|
BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1
|
|
|
|
jobs:
|
|
bake:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
target:
|
|
- default
|
|
- release
|
|
services:
|
|
registry:
|
|
image: registry:2
|
|
ports:
|
|
- 5000:5000
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v2
|
|
-
|
|
name: Set up Docker Buildx
|
|
id: buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
with:
|
|
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
|
|
driver-opts: |
|
|
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
|
|
network=host
|
|
-
|
|
name: Build and push
|
|
uses: ./
|
|
with:
|
|
builder: ${{ steps.buildx.outputs.name }}
|
|
files: |
|
|
./test/config.hcl
|
|
targets: |
|
|
${{ matrix.target }}
|
|
push: false # set to true when https://github.com/docker/buildx/issues/179 is fixed
|
|
|
|
error-msg:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: Build
|
|
continue-on-error: true
|
|
uses: ./
|
|
with:
|
|
files: |
|
|
./test/config.hcl
|
|
set: |
|
|
*.platform=linux/amd64,linux/ppc64le,linux/s390x
|
|
|
|
error-check:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: Stop docker
|
|
run: |
|
|
sudo systemctl stop docker
|
|
-
|
|
name: Build
|
|
id: bake
|
|
continue-on-error: true
|
|
uses: ./
|
|
with:
|
|
files: |
|
|
./test/config.hcl
|
|
-
|
|
name: Check
|
|
run: |
|
|
echo "${{ toJson(steps.bake) }}"
|
|
if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then
|
|
echo "::error::Should have failed"
|
|
exit 1
|
|
fi
|
|
|
|
standalone:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: Uninstall moby cli
|
|
run: |
|
|
sudo apt-get purge -y moby-cli moby-buildx
|
|
-
|
|
name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
with:
|
|
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
|
|
driver-opts: |
|
|
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
|
|
-
|
|
name: Build
|
|
uses: ./
|
|
with:
|
|
files: |
|
|
./test/config.hcl
|
|
|
|
source:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: Build
|
|
uses: ./
|
|
with:
|
|
source: https://github.com/docker/buildx.git#v0.8.2
|
|
targets: update-docs
|
|
|
|
provenance:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
attrs:
|
|
- ''
|
|
- mode=max
|
|
- builder-id=foo
|
|
- false
|
|
- true
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
with:
|
|
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
|
|
driver-opts: |
|
|
network=host
|
|
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
|
|
-
|
|
name: Build
|
|
uses: ./
|
|
with:
|
|
workdir: ./test/go
|
|
targets: binary
|
|
provenance: ${{ matrix.attrs }}
|
|
set: |
|
|
*.output=type=oci,dest=/tmp/build.tar
|
|
*.cache-from=type=gha,scope=provenance
|
|
*.cache-to=type=gha,scope=provenance,mode=max
|
|
|
|
sbom:
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
DESTDIR: /tmp/bake-build
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- target: image
|
|
output: type=image,name=localhost:5000/name/app:latest,push=true
|
|
- target: binary
|
|
output: /tmp/bake-build
|
|
services:
|
|
registry:
|
|
image: registry:2
|
|
ports:
|
|
- 5000:5000
|
|
steps:
|
|
-
|
|
name: Checkout
|
|
uses: actions/checkout@v3
|
|
-
|
|
name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
with:
|
|
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
|
|
driver-opts: |
|
|
network=host
|
|
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
|
|
-
|
|
name: Build
|
|
uses: ./
|
|
with:
|
|
workdir: ./test/go
|
|
targets: ${{ matrix.target }}
|
|
sbom: true
|
|
set: |
|
|
*.output=${{ matrix.output }}
|
|
*.cache-from=type=gha,scope=attests-${{ matrix.target }}
|
|
*.cache-to=type=gha,scope=attests-${{ matrix.target }},mode=max
|
|
-
|
|
name: Inspect image
|
|
if: matrix.target == 'image'
|
|
run: |
|
|
docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
|
|
-
|
|
name: Check output folder
|
|
if: matrix.target == 'binary'
|
|
working-directory: ${{ env.DESTDIR }}
|
|
run: |
|
|
tree .
|
|
-
|
|
name: Print provenance
|
|
if: matrix.target == 'binary'
|
|
working-directory: ${{ env.DESTDIR }}
|
|
run: |
|
|
cat provenance.json | jq
|
|
-
|
|
name: Print SBOM
|
|
if: matrix.target == 'binary'
|
|
working-directory: ${{ env.DESTDIR }}
|
|
run: |
|
|
cat sbom.spdx.json | jq
|