podvm on pull #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# (C) Copyright Confidential Containers Contributors | |
# SPDX-License-Identifier: Apache-2.0 | |
name: "build golang-fedora container image" | |
on: | |
push: | |
branches: | |
- main | |
paths: | |
- "hack/Dockerfile.golang" | |
- "hack/update-go-container.sh" | |
workflow_dispatch: | |
inputs: | |
registry: | |
description: "The container registry to push the image to. Must be either 'ghcr.io' or 'quay.io'" | |
default: "quay.io" | |
image_repository: | |
description: "The name of the container image repository to push the image to." | |
default: "confidential-containers" | |
image_name: | |
description: "The name the container image should be tagged with" | |
default: "golang-fedora" | |
image_tag: | |
description: "The tag part of the container image name" | |
default: "" | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout cloud-api-adaptor repository | |
uses: actions/checkout@v3 | |
- name: Container tags from input and repository state | |
id: tags | |
run: | | |
if [[ -n "${{ inputs.registry }}" ]]; then | |
if [[ "${{ inputs.registry }}" != "ghcr.io" && "${{ inputs.registry }}" != "quay.io" ]]; then | |
echo "Invalid registry '${{ inputs.registry }}'. Must be either 'ghcr.io' or 'quay.io'" | |
exit 1 | |
fi | |
registry="${{ inputs.registry }}" | |
else | |
registry="quay.io" | |
fi | |
echo "registry=${registry}" | tee "$GITHUB_OUTPUT" | |
if [[ -n "${{ inputs.image_repository }}" ]]; then | |
repository="${{ inputs.image_repository }}" | |
else | |
repository="confidential-containers" | |
fi | |
echo "repository=${repository}" | tee -a "$GITHUB_OUTPUT" | |
if [[ -n "${{ inputs.image_name }}" ]]; then | |
name="${{ inputs.image_name }}" | |
else | |
name="golang-fedora" | |
fi | |
echo "name=${name}" | tee -a "$GITHUB_OUTPUT" | |
if [[ -n "${{ inputs.image_tag }}" ]]; then | |
tag="${{ inputs.image_tag }}" | |
else | |
goVersion=$(grep GO_VERSION= hack/Dockerfile.golang | cut -d= -f2) | |
if [[ -z "${goVersion}" ]]; then | |
echo "Failed to determine GO_VERSION from hack/Dockerfile.golang" | |
exit 1 | |
fi | |
fedoraVersion=$(grep BASE_IMAGE= hack/Dockerfile.golang | cut -d: -f2) | |
if [[ -z "${fedoraVersion}" ]]; then | |
echo "Failed to determine Fedora version from BASE_IMAGE variable in hack/Dockerfile.golang" | |
exit 1 | |
fi | |
tag="${goVersion}-${fedoraVersion}" | |
fi | |
echo "tag=${tag}" | tee -a "$GITHUB_OUTPUT" | |
echo "fullImageName=${registry}/${repository}/${name}:${tag}" | tee -a "$GITHUB_OUTPUT" | |
echo "fullImageNameGitSha=${registry}/${repository}/${name}:${tag}-${{ github.sha }}" | tee -a "$GITHUB_OUTPUT" | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Login to the ghcr Container registry | |
if: steps.tags.outputs.registry == 'ghcr.io' | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Login to quay Container Registry | |
if: steps.tags.outputs.registry == 'quay.io' | |
uses: docker/login-action@v2 | |
with: | |
registry: quay.io | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
- name: Build the container image | |
uses: docker/build-push-action@v4 | |
with: | |
context: ./hack | |
file: ./hack/Dockerfile.golang | |
platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x | |
tags: | | |
${{ steps.tags.outputs.fullImageName }} | |
${{ steps.tags.outputs.fullImageNameGitSha }} | |
push: true |