Migrate away from GCR for local preview container image #49625
Assignees
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
Comments
k8s-ci-robot
added
the
needs-triage
|
This issue is currently awaiting triage. SIG Docs takes a lead on issue triage for this website, but any Kubernetes member can accept issues by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/assign |
|
@sftim, Before pushing the image to any of this platform, is there any some kind of discussion of which one to choose among the following hosting platform? |
Here's the history of the discussion so far (ie, none really). You could start a discussion on this @utkarsh-singh1. |
|
Feel free to adapt and use next code to build and publish your docker image in GHCR.io #
name: Create and publish a Docker image
on:
push:
branches:
- '**'
- '!dependabot/**'
tags:
- 'v*.*.*'
pull_request:
branches:
- 'master'
- 'main'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-{{ github.head_ref || github.ref }}
cancel-in-progress: false
# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds.
env:
REGISTRY: ghcr.io
# IMAGE_NAME: ${{ github.repository }}
IMAGE_NAME: <your-custom-image-name>
# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu.
jobs:
build-and-push-image:
runs-on: ubuntu-latest
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
permissions:
contents: read
packages: write
attestations: write
id-token: write
#
steps:
- name: Checkout repository
uses: actions/checkout@v4
# The action can be useful if you want to add emulation support with QEMU to be able to build against more platforms.
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
# The action will create and boot a builder using by default the docker-container driver. This is not required but recommended using it to be able to build multi-platform images, export cache, etc.
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
# images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
context: git
flavor: |
latest=true
tags: | # add other tag options below
type=ref,event=branch
type=ref,prefix=pr-,event=pr
type=ref,event=tag
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
type=raw,value={{date 'YYYYMMDDHHmmssSSS'}}
# This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
# It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
# It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
- name: Build and push Docker image
id: push
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64 # add extra platfroms here
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
# This step generates an artifact attestation for the image, which is an unforgeable statement about where and how it was built. It increases supply chain security for people who consume the image. For more information, see "[AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds)."
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
# subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-name: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is a Feature Request
What would you like to be added
Publish the container image for local previews of our website to a new location, such as:
Why is this needed
https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr
Comments
The text was updated successfully, but these errors were encountered: