More visibility into expected tags #62
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: DockerPublish | |
on: | |
workflow_dispatch: | |
push: | |
jobs: | |
prepare: | |
runs-on: ubuntu-latest | |
outputs: | |
commit_time: ${{ steps.prepare.outputs.COMMIT_TIMESTAMP }} | |
registry_image: ${{ steps.prepare.outputs.REGISTRY_IMAGE }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Prepare various metadata | |
id: prepare | |
run: | | |
# Get the commit timestamp | |
export "COMMIT_TIMESTAMP=$(git log -1 --pretty=%ct)" | |
echo "COMMIT_TIMESTAMP=${COMMIT_TIMESTAMP}" >> $GITHUB_OUTPUT | |
# Lowercase the repository name | |
UNSANITIZED_REGISTRY_IMAGE="ghcr.io/${{ github.repository }}/indev" | |
echo "REGISTRY_IMAGE=${UNSANITIZED_REGISTRY_IMAGE,,}" >> $GITHUB_OUTPUT | |
# Print it for our audience | |
cat $GITHUB_OUTPUT | |
build-minrobot: | |
runs-on: ubuntu-latest | |
needs: | |
- prepare | |
env: | |
SOURCE_DATE_EPOCH: ${{ needs.prepare.outputs.commit_time }} | |
REGISTRY_IMAGE: ${{ needs.prepare.outputs.registry_image }} | |
outputs: | |
# So we can `FROM` this image in the next build | |
digest: ${{ steps.build.outputs.digest }} | |
steps: | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.REGISTRY_IMAGE }} | |
tags: | | |
# commit sha | |
type=sha,prefix=,suffix=,format=long | |
- name: Login to Github Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push by digest | |
id: build | |
uses: docker/build-push-action@v6 | |
with: | |
#platforms: linux/amd64,linux/arm64 | |
annotations: ${{ steps.meta.outputs.annotations }} | |
build-args: | | |
SOURCE_DATE_EPOCH=${{ env.SOURCE_DATE_EPOCH }} | |
file: docker/moos-ivp/Dockerfile | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
tags: ${{ steps.meta.outputs.tags }} | |
push: true | |
build-gui: | |
runs-on: ubuntu-latest | |
needs: | |
- prepare | |
- build-minrobot | |
env: | |
FLAVOR: "-gui" | |
SOURCE_DATE_EPOCH: ${{ needs.prepare.outputs.commit_time }} | |
REGISTRY_IMAGE: ${{ needs.prepare.outputs.registry_image }} | |
outputs: | |
digest: ${{ steps.build.outputs.digest }} | |
steps: | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.REGISTRY_IMAGE }} | |
tags: | | |
# commit sha | |
type=sha,prefix=,suffix=${{ env.FLAVOR }},format=long | |
- name: Login to Github Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push by digest | |
id: build | |
uses: docker/build-push-action@v6 | |
with: | |
#platforms: linux/amd64,linux/arm64 | |
annotations: ${{ steps.meta.outputs.annotations }} | |
build-args: | | |
FROM=${{ env.REGISTRY_IMAGE }}@${{ needs.build-minrobot.outputs.digest }} | |
SOURCE_DATE_EPOCH=${{ env.SOURCE_DATE_EPOCH }} | |
file: docker/moos-ivp-gui/Dockerfile | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
tags: ${{ steps.meta.outputs.tags }} | |
push: true | |
test-unittests: | |
runs-on: ubuntu-latest | |
needs: | |
- prepare | |
- build-gui | |
container: | |
image: ${{ needs.prepare.outputs.registry_image }}@${{ needs.build-gui.outputs.digest }} | |
steps: | |
- name: Check for expected binaries | |
run: | | |
ls | |
echo "Checking for build binaries" | |
./build-check.sh | |
- name: Run unit tests | |
run: | | |
# Run the unit tests | |
ls | |
echo "Running automated mission tests" | |
./build-utests.sh | |
cd ivp/src_unit_tests/ | |
./alltest.sh | |
push-to-registry: | |
runs-on: ubuntu-latest | |
# Only push images on forks or the main branch | |
if: ${{ (github.ref_name == 'main') || (github.repository_owner != 'moos-ivp') }} | |
needs: | |
- prepare | |
- build-minrobot | |
- build-gui | |
env: | |
REGISTRY_IMAGE: ${{ needs.prepare.outputs.registry_image }} | |
strategy: | |
fail-fast: false | |
matrix: | |
registry: [docker.io, quay.io, ghcr.io] | |
steps: | |
- name: Sanitize some things | |
id: prepare | |
run: | | |
# Sanitize org and repo names | |
ORG="${{ github.organization }}" | |
if [[ ${{ matrix.registry }} != "ghcr.io" ]]; then | |
# Quay & DockerHub don't support dashes in the repository name | |
ORG="${ORG//\-/}" # Remove dashes from the repository name | |
fi | |
REPO="${ORG}/${{ github.repository_name }}" | |
REPO="${REPO,,}" # lowercase | |
echo "REPOSITORY=${{ matrix.registry }}/${REPO}" | tee -a $GITHUB_OUTPUT | |
# Sanitize the registry name for use by secrets | |
REGISTRY="${{ matrix.registry }}" | |
REGISTRY="${REGISTRY//[^A-Za-z0-9]/_}" # replace non-alphanumeric with _ | |
echo "REGISTRY=${REGISTRY}" | tee -a $GITHUB_OUTPUT | |
- name: Prepare Credentials | |
id: credentials | |
run: | | |
if [[ ${{ matrix.registry }} == "ghcr.io" ]]; then | |
REGISTRY_USERNAME="${{ github.actor }}" | |
REGISTRY_PASSWORD="${{ secrets.GITHUB_TOKEN }}" | |
else | |
# Write the username and password to job outputs | |
REGISTRY_USERNAME="${{ secrets[format('REGISTRY_USERNAME_{0}', steps.prepare.outputs.REGISTRY)] }}" | |
REGISTRY_PASSWORD="${{ secrets[format('REGISTRY_PASSWORD_{0}', steps.prepare.outputs.REGISTRY)] }}" | |
fi | |
if [[ -z "${REGISTRY_USERNAME}" && -z "${REGISTRY_PASSWORD}" ]]; then | |
# If we don't have the relevant credentials, we can't push. Warn the user, but don't fail. | |
echo "::warning::Pushing to ${{ matrix.registry }} is disabled; we can't find credentials" | |
echo "REGISTRY_READY=false" | tee -a $GITHUB_OUTPUT | |
else | |
echo "REGISTRY_USERNAME=${REGISTRY_USERNAME}" >> $GITHUB_OUTPUT | |
echo "REGISTRY_PASSWORD=${REGISTRY_PASSWORD}" >> $GITHUB_OUTPUT | |
echo "REGISTRY_READY=true" | tee -a $GITHUB_OUTPUT | |
fi | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ steps.prepare.outputs.REPOSITORY }} | |
tags: | | |
# branch event | |
type=ref,enable=true,event=branch | |
# tag event | |
type=ref,enable=true,event=tag | |
# commit sha | |
type=sha,prefix=,format=short | |
- name: Login to ${{ matrix.registry }} | |
uses: docker/login-action@v3 | |
if: steps.credentials.outputs.REGISTRY_READY == 'true' | |
with: | |
registry: ${{ matrix.registry }} | |
username: ${{ steps.credentials.outputs.REGISTRY_USERNAME }} | |
password: ${{ steps.credentials.outputs.REGISTRY_PASSWORD }} | |
- name: Push to ${{ matrix.registry }} | |
id: check | |
if: steps.credentials.outputs.REGISTRY_READY == 'true' | |
run: | | |
BASE_TAGS=$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") | |
GUI_TAGS=$(jq -cr '.tags | map("-t " + .) | join("-gui ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") | |
echo "Base Tags: ${BASE_TAGS}" | |
echo "GUI Tags: ${GUI_TAGS}" | |
docker buildx imagetools create $BASE_TAGS \ | |
${{ env.REGISTRY_IMAGE }}@${{ needs.build-minrobot.outputs.digest }} | |
docker buildx imagetools create $GUI_TAGS \ | |
${{ env.REGISTRY_IMAGE }}@${{ needs.build-gui.outputs.digest }} |