Skip to content

Build and Publish Images #50

Build and Publish Images

Build and Publish Images #50

name: Build and Publish Images
on:
workflow_dispatch:
inputs:
target_platforms:
type: choice
description: Platforms
options:
- linux/amd64
- linux/arm64
- linux/amd64,linux/arm64
push:
tags:
- "[0-9]+.[0-9]+.[0-9]+"
- "[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+"
- "[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+"
- "[0-9]+.[0-9]+.[0-9]+-rc.[0-9]+"
jobs:
publish-generic-images:
name: Publish
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- image: docker-registry
- image: pause-container
- image: session-manager
- image: training-portal
- image: secrets-manager
- image: tunnel-manager
- image: image-cache
- image: assets-server
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Calculate platforms
shell: bash
run: |
TARGET_PLATFORMS="${{github.event.inputs.target_platforms}}"
if [ -z "$TARGET_PLATFORMS" ]; then
TARGET_PLATFORMS="${{secrets.TARGET_PLATFORMS}}"
fi
if [ -z "$TARGET_PLATFORMS" ]; then
IS_FORK=$(if [[ $GITHUB_EVENT_NAME == 'push' && $GITHUB_EVENT_PATH ]]; then jq -r .repository.fork <<< $(cat $GITHUB_EVENT_PATH); else echo false; fi)
if [ $IS_FORK == "true" ]; then
TARGET_PLATFORMS="linux/amd64"
else
TARGET_PLATFORMS="linux/amd64,linux/arm64"
fi
fi
echo "TARGET_PLATFORMS=${TARGET_PLATFORMS}" >>${GITHUB_ENV}
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=${REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker buildx
uses: docker/setup-buildx-action@v3
# related issues for pinning buildkit
# https://github.com/docker/build-push-action/issues/761
# https://github.com/containerd/containerd/issues/7972
# https://github.com/containerd/containerd/pull/6995
with:
driver-opts: |
image=moby/buildkit:v0.10.6
- name: Restore Docker cache (amd64)
if: ${{ (matrix.image == 'secrets-manager') || (matrix.image == 'session-manager') || (matrix.image == 'training-portal') || (matrix.image == 'tunnel-manager') }}
uses: actions/cache/restore@v3
with:
path: /tmp/.buildx-cache-amd64
key: ${{runner.os}}-buildx-cache-amd64-${{matrix.image}}-${{github.sha}}
restore-keys: |
${{runner.os}}-buildx-cache-amd64-${{matrix.image}}-
- name: Restore Docker cache (arm64)
if: ${{ (matrix.image == 'secrets-manager') || (matrix.image == 'session-manager') || (matrix.image == 'training-portal') || (matrix.image == 'tunnel-manager') }}
uses: actions/cache/restore@v3
with:
path: /tmp/.buildx-cache-arm64
key: ${{runner.os}}-buildx-cache-arm64-${{matrix.image}}-${{github.sha}}
restore-keys: |
${{runner.os}}-buildx-cache-arm64-${{matrix.image}}-
- name: Generate container image metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/${{env.REPOSITORY_OWNER}}/educates-${{matrix.image}}
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha
- name: Login to GitHub container registry
uses: docker/login-action@v3
with:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
registry: ghcr.io
- name: Build and push ${{matrix.image}} image
uses: docker/build-push-action@v5
with:
context: ${{matrix.image}}
platforms: ${{env.TARGET_PLATFORMS}}
tags: ${{steps.meta.outputs.tags}}
cache-from: |
type=local,src=/tmp/.buildx-cache-arm64
type=local,src=/tmp/.buildx-cache-amd64
push: true
- name: Cache build ${{matrix.image}} (amd64)
if: contains(env.TARGET_PLATFORMS, 'linux/amd64')
uses: docker/build-push-action@v5
with:
context: ${{matrix.image}}
platforms: linux/amd64
cache-from: type=local,src=/tmp/.buildx-cache-amd64
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-amd64-new
push: false
- name: Cache build ${{matrix.image}} (arm64)
if: contains(env.TARGET_PLATFORMS, 'linux/arm64')
uses: docker/build-push-action@v5
with:
context: ${{matrix.image}}
platforms: linux/arm64
cache-from: type=local,src=/tmp/.buildx-cache-arm64
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-arm64-new
push: false
- name: Dump cache directory sizes
if: ${{ (matrix.image == 'secrets-manager') || (matrix.image == 'session-manager') || (matrix.image == 'training-portal') || (matrix.image == 'tunnel-manager') }}
run: |
du -ks /tmp/.buildx-cache-*
- name: Save Docker cache (amd64)
if: ${{ (matrix.image == 'secrets-manager') || (matrix.image == 'session-manager') || (matrix.image == 'training-portal') || (matrix.image == 'tunnel-manager') }}
uses: actions/cache/save@v3
with:
path: /tmp/.buildx-cache-amd64-new
key: ${{runner.os}}-buildx-cache-amd64-${{matrix.image}}-${{github.sha}}
- name: Save Docker cache (arm64)
if: ${{ (matrix.image == 'secrets-manager') || (matrix.image == 'session-manager') || (matrix.image == 'training-portal') || (matrix.image == 'tunnel-manager') }}
uses: actions/cache/save@v3
with:
path: /tmp/.buildx-cache-arm64-new
key: ${{runner.os}}-buildx-cache-arm64-${{matrix.image}}-${{github.sha}}
publish-workshop-base-image:
name: Publish (base-environment)
runs-on: ubuntu-latest
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Calculate platforms
shell: bash
run: |
TARGET_PLATFORMS="${{github.event.inputs.target_platforms}}"
if [ -z "$TARGET_PLATFORMS" ]; then
TARGET_PLATFORMS="${{secrets.TARGET_PLATFORMS}}"
fi
if [ -z "$TARGET_PLATFORMS" ]; then
IS_FORK=$(if [[ $GITHUB_EVENT_NAME == 'push' && $GITHUB_EVENT_PATH ]]; then jq -r .repository.fork <<< $(cat $GITHUB_EVENT_PATH); else echo false; fi)
if [ $IS_FORK == "true" ]; then
TARGET_PLATFORMS="linux/amd64"
else
TARGET_PLATFORMS="linux/amd64,linux/arm64"
fi
fi
echo "TARGET_PLATFORMS=${TARGET_PLATFORMS}" >>${GITHUB_ENV}
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=${REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker buildx
uses: docker/setup-buildx-action@v3
# related issues for pinning buildkit
# https://github.com/docker/build-push-action/issues/761
# https://github.com/containerd/containerd/issues/7972
# https://github.com/containerd/containerd/pull/6995
with:
driver-opts: |
image=moby/buildkit:v0.10.6
- name: Restore Docker cache
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{runner.os}}-buildx-base-environment-${{github.sha}}
restore-keys: |
${{runner.os}}-buildx-base-environment-
- name: Generate container image metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/${{env.REPOSITORY_OWNER}}/educates-base-environment
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha
- name: Login to GitHub container registry
uses: docker/login-action@v3
with:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
registry: ghcr.io
- name: Build and push base-environment image
uses: docker/build-push-action@v5
with:
context: workshop-images/base-environment
platforms: ${{env.TARGET_PLATFORMS}}
tags: ${{steps.meta.outputs.tags}}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
push: true
- name: Save Docker cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
du -ks /tmp/.buildx-cache
publish-workshop-images:
name: Publish
runs-on: ubuntu-latest
needs:
- publish-workshop-base-image
strategy:
fail-fast: false
matrix:
include:
- image: jdk8-environment
- image: jdk11-environment
- image: jdk17-environment
- image: conda-environment
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Calculate platforms
shell: bash
run: |
TARGET_PLATFORMS="${{github.event.inputs.target_platforms}}"
if [ -z "$TARGET_PLATFORMS" ]; then
TARGET_PLATFORMS="${{secrets.TARGET_PLATFORMS}}"
fi
if [ -z "$TARGET_PLATFORMS" ]; then
IS_FORK=$(if [[ $GITHUB_EVENT_NAME == 'push' && $GITHUB_EVENT_PATH ]]; then jq -r .repository.fork <<< $(cat $GITHUB_EVENT_PATH); else echo false; fi)
if [ $IS_FORK == "true" ]; then
TARGET_PLATFORMS="linux/amd64"
else
TARGET_PLATFORMS="linux/amd64,linux/arm64"
fi
fi
echo "TARGET_PLATFORMS=${TARGET_PLATFORMS}" >>${GITHUB_ENV}
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=${REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
echo "REPOSITORY_SHA_TAG=sha-${GITHUB_SHA::7}" >>${GITHUB_ENV}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker buildx
uses: docker/setup-buildx-action@v3
# related issues for pinning buildkit
# https://github.com/docker/build-push-action/issues/761
# https://github.com/containerd/containerd/issues/7972
# https://github.com/containerd/containerd/pull/6995
with:
driver-opts: |
image=moby/buildkit:v0.10.6
- name: Restore Docker cache
if: ${{ (matrix.image == 'conda-environment') }}
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{runner.os}}-buildx-${{matrix.image}}-${{github.sha}}
restore-keys: |
${{runner.os}}-buildx-${{matrix.image}}-
- name: Generate container image metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/${{env.REPOSITORY_OWNER}}/educates-${{matrix.image}}
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha
- name: Login to GitHub container registry
uses: docker/login-action@v3
with:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
registry: ghcr.io
- name: Build and push ${{matrix.image}} image
uses: docker/build-push-action@v5
with:
context: workshop-images/${{matrix.image}}
platforms: ${{env.TARGET_PLATFORMS}}
build-args: |
IMAGE_REPOSITORY=ghcr.io/${{env.REPOSITORY_OWNER}}
BASE_IMAGE_NAME=educates-base-environment
PACKAGE_VERSION=${{env.REPOSITORY_SHA_TAG}}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
tags: ${{steps.meta.outputs.tags}}
push: true
- name: Save Docker cache
if: ${{ (matrix.image == 'conda-environment') }}
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
du -ks /tmp/.buildx-cache
publish-carvel-bundles:
name: Bundle
runs-on: ubuntu-latest
needs:
- publish-generic-images
- publish-workshop-images
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Install Carvel tools
shell: bash
run: curl -L https://carvel.dev/install.sh | bash
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=${REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
echo "REPOSITORY_TAG=${GITHUB_REF##*/}" >>${GITHUB_ENV}
echo "REPOSITORY_SHA_TAG=sha-${GITHUB_SHA::7}" >>${GITHUB_ENV}
- name: Publish educates-cluster-essentials bundle
shell: bash
run: |
ytt -f carvel-packages/cluster-essentials/bundle/config | kbld -f - \
--imgpkg-lock-output carvel-packages/cluster-essentials/bundle/.imgpkg/images.yml
imgpkg push \
-b ghcr.io/${{env.REPOSITORY_OWNER}}/educates-cluster-essentials:${{env.REPOSITORY_TAG}} \
-f carvel-packages/cluster-essentials/bundle \
--registry-username=${{github.actor}} \
--registry-password=${{secrets.GITHUB_TOKEN}}
ytt -f carvel-packages/cluster-essentials/bundle \
--data-values-schema-inspect -o openapi-v3 > educates-cluster-essentials-schema-openapi.yaml
ytt -f carvel-packages/cluster-essentials/config/package.yaml \
-f carvel-packages/cluster-essentials/config/schema.yaml \
-v version=${{env.REPOSITORY_TAG}} \
-v releasedAt=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \
--data-value-file openapi=educates-cluster-essentials-schema-openapi.yaml \
-v imageRegistry.host=ghcr.io \
-v imageRegistry.namespace=${{env.REPOSITORY_OWNER}} > package-repository/packages/cluster-essentials.educates.dev/educates-cluster-essentials-${{env.REPOSITORY_TAG}}.yaml
- name: Save educates-cluster-essentials.yaml
uses: actions/upload-artifact@v3
with:
name: educates-cluster-essentials-${{env.REPOSITORY_TAG}}.yaml
path: package-repository/packages/cluster-essentials.educates.dev/educates-cluster-essentials-${{env.REPOSITORY_TAG}}.yaml
- name: Publish educates-training-platform bundle
shell: bash
run: |
ytt -f carvel-packages/training-platform/config/images.yaml \
-f carvel-packages/training-platform/config/schema.yaml \
-v version=${{env.REPOSITORY_TAG}} \
-v imageRegistry.host=ghcr.io \
-v imageRegistry.namespace=${{env.REPOSITORY_OWNER}} \
> carvel-packages/training-platform/bundle/kbld-images.yaml
cat carvel-packages/training-platform/bundle/kbld-images.yaml | kbld -f - \
--imgpkg-lock-output carvel-packages/training-platform/bundle/.imgpkg/images.yml
imgpkg push \
-b ghcr.io/${{env.REPOSITORY_OWNER}}/educates-training-platform:${{env.REPOSITORY_TAG}} \
-f carvel-packages/training-platform/bundle \
--registry-username=${{github.actor}} \
--registry-password=${{secrets.GITHUB_TOKEN}}
ytt -f carvel-packages/training-platform/bundle \
--data-values-schema-inspect -o openapi-v3 > educates-training-platform-schema-openapi.yaml
ytt -f carvel-packages/training-platform/config/package.yaml \
-f carvel-packages/training-platform/config/schema.yaml \
-v version=${{env.REPOSITORY_TAG}} \
-v releasedAt=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \
--data-value-file openapi=educates-training-platform-schema-openapi.yaml \
-v imageRegistry.host=ghcr.io \
-v imageRegistry.namespace=${{env.REPOSITORY_OWNER}} > package-repository/packages/training-platform.educates.dev/educates-training-platform-${{env.REPOSITORY_TAG}}.yaml
- name: Save educates-training-platform.yaml
uses: actions/upload-artifact@v3
with:
name: educates-training-platform-${{env.REPOSITORY_TAG}}.yaml
path: package-repository/packages/training-platform.educates.dev/educates-training-platform-${{env.REPOSITORY_TAG}}.yaml
- name: Publish educates-training-platform package repository
shell: bash
run: |
ytt -f package-repository/packages | kbld -f - --imgpkg-lock-output package-repository/.imgpkg/images.yml
imgpkg push --debug -b ghcr.io/${{env.REPOSITORY_OWNER}}/educates-packages:${{env.REPOSITORY_TAG}} -f package-repository --registry-username=${{github.actor}} --registry-password=${{secrets.GITHUB_TOKEN}}
ytt -f carvel-packages/repository.yaml -v packageRepository=ghcr.io/${{env.REPOSITORY_OWNER}} -v repositoryVersion=${{env.REPOSITORY_TAG}} > educates-packagerepository.yaml
- name: Save educates-training-platform repository.yaml
uses: actions/upload-artifact@v3
with:
name: educates-packagerepository.yaml
path: educates-packagerepository.yaml
- name: Save educates-training-platform package repository
uses: actions/upload-artifact@v3
with:
name: package-repository
path: package-repository
build-client-programs-linux-amd64:
name: Build (clients) / amd64@linux
runs-on: ubuntu-latest
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=${REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: "1.19.0"
cache-dependency-path: |
client-programs/go.sum
- name: Build educates client program
shell: bash
run: |
rm -rf client-programs/pkg/renderer/files
mkdir client-programs/pkg/renderer/files
cp -rp workshop-images/base-environment/opt/eduk8s/etc/themes client-programs/pkg/renderer/files/
cd client-programs
REPOSITORY_TAG=${GITHUB_REF##*/}
IMAGE_REPOSITORY=ghcr.io/${{env.REPOSITORY_OWNER}}
go build -o educates-linux-amd64 -ldflags "-X 'main.projectVersion=$REPOSITORY_TAG' -X 'main.imageRepository=$IMAGE_REPOSITORY'" cmd/educates/main.go
- uses: actions/upload-artifact@v3
with:
name: educates-linux-amd64
path: client-programs/educates-linux-amd64
build-client-programs-linux-arm64:
name: Build (clients) / arm64@linux
runs-on: ubuntu-latest
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=${REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: "1.19.0"
cache-dependency-path: |
client-programs/go.sum
- name: Build educates client program
shell: bash
run: |
rm -rf client-programs/pkg/renderer/files
mkdir client-programs/pkg/renderer/files
cp -rp workshop-images/base-environment/opt/eduk8s/etc/themes client-programs/pkg/renderer/files/
cd client-programs
REPOSITORY_TAG=${GITHUB_REF##*/}
IMAGE_REPOSITORY=ghcr.io/${{env.REPOSITORY_OWNER}}
GOOS=linux GOARCH=arm64 go build -o educates-linux-arm64 -ldflags "-X 'main.projectVersion=$REPOSITORY_TAG' -X 'main.imageRepository=$IMAGE_REPOSITORY'" cmd/educates/main.go
- uses: actions/upload-artifact@v3
with:
name: educates-linux-arm64
path: client-programs/educates-linux-arm64
build-client-programs-darwin-amd64:
name: Build (clients) / amd64@darwin
runs-on: macos-latest
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=$(echo "$REPOSITORY_OWNER" | tr '[:upper:]' '[:lower:]')" >>${GITHUB_ENV}
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: '>=1.20.0-rc.3'
cache-dependency-path: |
client-programs/go.sum
- name: Build educates client program
shell: bash
run: |
rm -rf client-programs/pkg/renderer/files
mkdir client-programs/pkg/renderer/files
cp -rp workshop-images/base-environment/opt/eduk8s/etc/themes client-programs/pkg/renderer/files/
cd client-programs
REPOSITORY_TAG=${GITHUB_REF##*/}
IMAGE_REPOSITORY=ghcr.io/${{env.REPOSITORY_OWNER}}
# DO NOT USE GOOS/GOARCH for native build as it appears to produce a
# binary which is different and cannot create a Kind cluster which can
# run both AMD and ARM images. Version with GOOS/GOARCH only retained
# here for documentation purposes.
# GOOS=darwin GOARCH=amd64 go build -o educates-darwin-amd64 -ldflags "-X 'main.projectVersion=$REPOSITORY_TAG' -X 'main.imageRepository=$IMAGE_REPOSITORY'" cmd/educates/main.go
go build -o educates-darwin-amd64 -ldflags "-X 'main.projectVersion=$REPOSITORY_TAG' -X 'main.imageRepository=$IMAGE_REPOSITORY'" cmd/educates/main.go
- uses: actions/upload-artifact@v3
with:
name: educates-darwin-amd64
path: client-programs/educates-darwin-amd64
build-client-programs-darwin-arm64:
name: Build (clients) / arm64@darwin
runs-on: macos-latest
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=$(echo "$REPOSITORY_OWNER" | tr '[:upper:]' '[:lower:]')" >>${GITHUB_ENV}
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: '>=1.20.0-rc.3'
cache-dependency-path: |
client-programs/go.sum
- name: Build educates client program
shell: bash
run: |
rm -rf client-programs/pkg/renderer/files
mkdir client-programs/pkg/renderer/files
cp -rp workshop-images/base-environment/opt/eduk8s/etc/themes client-programs/pkg/renderer/files/
cd client-programs
REPOSITORY_TAG=${GITHUB_REF##*/}
IMAGE_REPOSITORY=ghcr.io/${{env.REPOSITORY_OWNER}}
GOOS=darwin GOARCH=arm64 go build -o educates-darwin-arm64 -ldflags "-X 'main.projectVersion=$REPOSITORY_TAG' -X 'main.imageRepository=$IMAGE_REPOSITORY'" cmd/educates/main.go
- uses: actions/upload-artifact@v3
with:
name: educates-darwin-arm64
path: client-programs/educates-darwin-arm64
publish-client-programs:
name: Programs
runs-on: ubuntu-latest
needs:
- build-client-programs-linux-amd64
- build-client-programs-linux-arm64
- build-client-programs-darwin-amd64
- build-client-programs-darwin-arm64
steps:
- name: Restore educates-linux-amd64
uses: actions/download-artifact@v3
with:
name: educates-linux-amd64
path: client-programs
- name: Restore educates-linux-arm64
uses: actions/download-artifact@v3
with:
name: educates-linux-arm64
path: client-programs
- name: Restore educates-darwin-amd64
uses: actions/download-artifact@v3
with:
name: educates-darwin-amd64
path: client-programs
- name: Restore educates-darwin-arm64
uses: actions/download-artifact@v3
with:
name: educates-darwin-arm64
path: client-programs
- name: Install Carvel tools
shell: bash
run: curl -L https://carvel.dev/install.sh | bash
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=${REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
echo "REPOSITORY_TAG=${GITHUB_REF##*/}" >>${GITHUB_ENV}
- name: Publish client programs
shell: bash
run: |
chmod +x client-programs/*
imgpkg push \
-i ghcr.io/${{env.REPOSITORY_OWNER}}/educates-client-programs:${{env.REPOSITORY_TAG}} \
-f client-programs \
--registry-username=${{github.actor}} \
--registry-password=${{secrets.GITHUB_TOKEN}}
publish-docker-extension:
name: Extension
runs-on: ubuntu-latest
needs:
- publish-client-programs
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Calculate variables
shell: bash
run: |
REPOSITORY_OWNER=${{github.repository_owner}}
echo "REPOSITORY_OWNER=${REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker buildx
uses: docker/setup-buildx-action@v3
# related issues for pinning buildkit
# https://github.com/docker/build-push-action/issues/761
# https://github.com/containerd/containerd/issues/7972
# https://github.com/containerd/containerd/pull/6995
with:
driver-opts: |
image=moby/buildkit:v0.10.6
- name: Generate container image metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/${{env.REPOSITORY_OWNER}}/educates-docker-extension
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha
- name: Login to GitHub container registry
uses: docker/login-action@v3
with:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
registry: ghcr.io
- name: Calculate variables
shell: bash
run: |
echo "REPOSITORY_TAG=${GITHUB_REF##*/}" >>${GITHUB_ENV}
- name: Build and push docker-extension image
uses: docker/build-push-action@v5
with:
context: docker-extension
platforms: ${{env.TARGET_PLATFORMS}}
build-args: |
REPOSITORY=ghcr.io/${{env.REPOSITORY_OWNER}}
TAG=${{env.REPOSITORY_TAG}}
tags: ${{steps.meta.outputs.tags}}
push: true
release-artifacts:
name: Release
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/')
needs:
- publish-carvel-bundles
- build-client-programs-linux-amd64
- build-client-programs-linux-arm64
- build-client-programs-darwin-amd64
- build-client-programs-darwin-arm64
- publish-docker-extension
steps:
- name: Calculate variables
shell: bash
run: |
REPOSITORY_TAG=${GITHUB_REF##*/}
if [[ "$REPOSITORY_TAG" == *-* ]]; then
PRERELEASE=true
else
PRERELEASE=false
fi
echo "REPOSITORY_TAG=${REPOSITORY_TAG}" >>${GITHUB_ENV}
echo "PRERELEASE=${PRERELEASE}" >>${GITHUB_ENV}
- name: Restore packagerepository.yaml
uses: actions/download-artifact@v3
with:
name: educates-packagerepository.yaml
- name: Restore educates-cluster-essentials.yaml
uses: actions/download-artifact@v3
with:
name: educates-cluster-essentials-${{env.REPOSITORY_TAG}}.yaml
- name: Restore educates-training-platform.yaml
uses: actions/download-artifact@v3
with:
name: educates-training-platform-${{env.REPOSITORY_TAG}}.yaml
- name: Restore educates-linux-amd64
uses: actions/download-artifact@v3
with:
name: educates-linux-amd64
- name: Restore educates-linux-arm64
uses: actions/download-artifact@v3
with:
name: educates-linux-arm64
- name: Restore educates-darwin-amd64
uses: actions/download-artifact@v3
with:
name: educates-darwin-amd64
- name: Restore educates-darwin-arm64
uses: actions/download-artifact@v3
with:
name: educates-darwin-arm64
- name: Generate file checksums for CLI binaries
shell: bash
run: |
sha256sum educates-cluster-essentials-${{env.REPOSITORY_TAG}}.yaml >> checksums.txt
sha256sum educates-darwin-amd64 >> checksums.txt
sha256sum educates-darwin-arm64 >> checksums.txt
sha256sum educates-linux-amd64 >> checksums.txt
sha256sum educates-linux-arm64 >> checksums.txt
sha256sum educates-packagerepository.yaml >> checksums.txt
sha256sum educates-training-platform-${{env.REPOSITORY_TAG}}.yaml >> checksums.txt
echo 'File Checksums' >> release-notes.md
echo '--------------' >> release-notes.md
echo '```' >> release-notes.md
cat checksums.txt >> release-notes.md
echo '```' >> release-notes.md
- uses: actions/upload-artifact@v3
with:
name: checksums.txt
path: checksums.txt
- uses: actions/upload-artifact@v3
with:
name: release-notes.md
path: release-notes.md
- name: Create release
id: create_release
uses: softprops/action-gh-release@v1
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
with:
tag_name: ${{env.REPOSITORY_TAG}}
name: "educates:${{env.REPOSITORY_TAG}}"
draft: false
prerelease: ${{env.PRERELEASE}}
body_path: release-notes.md
files: |
checksums.txt
educates-packagerepository.yaml
educates-cluster-essentials-${{env.REPOSITORY_TAG}}.yaml
educates-training-platform-${{env.REPOSITORY_TAG}}.yaml
educates-linux-amd64
educates-linux-arm64
educates-darwin-amd64
educates-darwin-arm64
commit-packages:
name: Commit
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/')
needs:
- release-artifacts
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Calculate variables
shell: bash
run: |
IS_FORK=$(if [[ $GITHUB_EVENT_NAME == 'push' && $GITHUB_EVENT_PATH ]]; then jq -r .repository.fork <<< $(cat $GITHUB_EVENT_PATH); else echo false; fi)
REPOSITORY_TAG=${GITHUB_REF##*/}
if [[ "$REPOSITORY_TAG" == *-* ]]; then
PRERELEASE=true
else
PRERELEASE=false
fi
echo "IS_FORK=${IS_FORK}" >>${GITHUB_ENV}
echo "PRERELEASE=${PRERELEASE}" >>${GITHUB_ENV}
echo "REPOSITORY_TAG=${REPOSITORY_TAG}" >>${GITHUB_ENV}
- name: Restore educates-cluster-essentials.yaml
uses: actions/download-artifact@v3
with:
name: educates-cluster-essentials-${{env.REPOSITORY_TAG}}.yaml
path: package-repository/packages/cluster-essentials.educates.dev/
- name: Restore educates-training-platform.yaml
uses: actions/download-artifact@v3
with:
name: educates-training-platform-${{env.REPOSITORY_TAG}}.yaml
path: package-repository/packages/training-platform.educates.dev/
- name: Create pull request for package repository files
if: ${{ (env.IS_FORK == 'false') && (env.PRERELEASE == 'false') }}
uses: peter-evans/create-pull-request@v5
with:
add-paths: |
package-repository
commit-message: "Add package files for version ${{env.REPOSITORY_TAG}}."
branch: release/patch
base: develop
title: "Add package files for version ${{env.REPOSITORY_TAG}}."
body: >
This is an automated pull request to add the package files for
version ${{env.REPOSITORY_TAG}} to the repository. If the release is
successful and you are working in the main Educates repository, this
needs to be merged to the `develop` branch before making a further
release. You should avoid merging this pull request if working in a
fork of the main Educates repository as it will result in changes to
the `develop` branch which have details specific to your fork, which
should never end up back in the main Educates repository.