diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index dea0d65..c8670e7 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -3,40 +3,70 @@ name: Docker Image on: push: - tags: [ '*.*.*' ] +# tags: [ '*.*.*' ] env: REGISTRY_IMAGE: ghcr.io/rgrizzell/circuitpython jobs: + prepare: + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.platforms.outputs.matrix }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Create matrix + id: platforms + run: | + echo "matrix=$(docker buildx bake runtime --print | jq -cr '.target."runtime".platforms')" >>${GITHUB_OUTPUT} + + - name: Show matrix + run: | + echo ${{ steps.platforms.outputs.matrix }} + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + + - name: Rename meta bake definition file + run: | + mv "${{ steps.meta.outputs.bake-file }}" "/tmp/bake-meta.json" + mv "${{ steps.meta.outputs.bake-file-annotations }}" "/tmp/bake-annotations.json" + + - name: Upload meta bake definition + uses: actions/upload-artifact@v4 + with: + name: bake-meta + path: /tmp/bake-*.json + if-no-files-found: error + retention-days: 1 + build: runs-on: ubuntu-latest + needs: + - prepare strategy: fail-fast: false matrix: - platform: - - linux/amd64 - - linux/arm64 + platform: ${{ fromJson(needs.prepare.outputs.matrix) }} steps: - name: Prepare run: | platform=${{ matrix.platform }} - echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - name: Checkout uses: actions/checkout@v4 - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 + - name: Download meta bake definition + uses: actions/download-artifact@v4 with: - images: ${{ env.REGISTRY_IMAGE }} - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + name: bake-meta + path: /tmp - name: Login to GitHub Container Registry uses: docker/login-action@v3 @@ -45,20 +75,31 @@ jobs: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push by digest - id: build - uses: docker/build-push-action@v5 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build + id: bake + uses: docker/bake-action@v5 with: - context: . - platforms: ${{ matrix.platform }} - labels: ${{ steps.meta.outputs.labels }} - outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true,annotation-index.org.opencontainers.image.description=CircuitPython for Linux,annotation-index.org.opencontainers.image.license=MIT + files: | + ./docker-bake.hcl + /tmp/bake-meta.json + /tmp/bake-annotations.json + targets: runtime + set: | + *.tags= + *.platform=${{ matrix.platform }} + *.output=type=image,"name=${{ env.REGISTRY_IMAGE }}",push-by-digest=true,name-canonical=true,push=true - name: Export digest run: | mkdir -p /tmp/digests - digest="${{ steps.build.outputs.digest }}" - touch "/tmp/digests/${digest#sha256:}" + digest="${{ fromJSON(steps.bake.outputs.metadata).image['containerimage.digest'] }}" + touch "/tmp/digests/${digest#sha256:}" - name: Upload digest uses: actions/upload-artifact@v4 @@ -73,6 +114,12 @@ jobs: needs: - build steps: + - name: Download meta bake definition + uses: actions/download-artifact@v4 + with: + name: bake-meta + path: /tmp + - name: Download digests uses: actions/download-artifact@v4 with: @@ -80,15 +127,6 @@ jobs: pattern: digests-* merge-multiple: true - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY_IMAGE }} - - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: @@ -96,12 +134,15 @@ jobs: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Create manifest list and push working-directory: /tmp/digests run: | - docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ - $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) + docker buildx imagetools create $(jq -cr '.target."docker-metadata-action".tags | map(select(startswith("${{ env.REGISTRY_IMAGE }}")) | "-t " + .) | join(" ")' /tmp/bake-meta.json) \ + $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) - name: Inspect image run: | - docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} + docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:$(jq -r '.target."docker-metadata-action".args.DOCKER_META_VERSION' /tmp/bake-meta.json) \ No newline at end of file diff --git a/docker-bake.hcl b/docker-bake.hcl new file mode 100644 index 0000000..346c824 --- /dev/null +++ b/docker-bake.hcl @@ -0,0 +1,36 @@ +variable "DEFAULT_TAG" { + default = "rgrizzell/circuitpython:9.2.1" +} + +// Special target: https://github.com/docker/metadata-action#bake-definition +target "docker-metadata-action" { + tags = ["${DEFAULT_TAG}"] +} + +// Default target if none specified +group "default" { + targets = ["local"] +} + +target "image" { + inherits = ["docker-metadata-action"] +} + +target "local" { + inherits = ["image"] + output = ["type=docker"] +} + +target "base" { + inherits = ["image"] + target = "base" + platforms = [ + "linux/amd64", + "linux/arm64" + ] +} + +target "runtime" { + inherits = ["base"] + target = "runtime" +}