Skip to content

Commit

Permalink
Simplify build matrix and fix digests
Browse files Browse the repository at this point in the history 
Consolidated the build matrix by removing explicit registry enumeration,
thereby streamlining the cross-platform build process. Reworked Docker
meta steps to unify definition and handling for DockerHub and GHCR,
preventing repetition and potential misconfigurations. The manifest list
creation and image inspection have been adapted to follow the new matrix
simplification.

Further, resolved an issue where individual runners might overwrite each
other's images by standardizing digest upload and download paths,
ensuring uniqueness per build/platform. This change keeps digest
management consistent and avoids conflicts during parallel operations.

Removed now-unused strategy section in the merge-and-deploy job, which
simplifies the workflow and aligns with the new matrix setup.

These modifications make the CI pipeline more maintainable and less
error-prone, while also ensuring that digest handling remains accurate
and concurrent build jobs do not interfere with each other.

Signed-off-by: Adam Warner <[email protected]>
  • Loading branch information
@PromoFaux
PromoFaux committed Jan 7, 2024
1 parent 50b8c64 commit 0ae5b0b
Showing 1 changed file with 32 additions and 34 deletions.
66 changes: 32 additions & 34 deletions .github/workflows/build-and-publish.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,16 +16,12 @@ jobs:
strategy:
fail-fast: false
matrix:
registry: [dockerhub, ghcr]
platform: [linux/amd64, linux/386, linux/arm/v6, linux/arm/v7, linux/arm64]
alpine_version: [3.19]
include:
- registry: dockerhub
platform: linux/riscv64
alpine_version: edge
- registry: ghcr
platform: linux/riscv64
- platform: linux/riscv64
alpine_version: edge

steps:
- name: Prepare name for digest up/download
run: |
Expand All @@ -35,13 +31,14 @@ jobs:
- name: Checkout Repo
uses: actions/checkout@v4

- name: Docker meta (Docker Hub and GitHub Container Registry)
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
images: |
${{ env[matrix.registry] }}
${{ env.dockerhub }}
${{ env.ghcr }}
flavor: |
latest=false
tags: |
Expand All @@ -59,10 +56,11 @@ jobs:
uses: docker/setup-qemu-action@v3
with:
platforms: ${{ matrix.platform}}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Build container and push by digest (${{ matrix.registry }})
- name: Build container and push by digest
id: build
uses: docker/build-push-action@v5
with:
Expand All @@ -73,18 +71,18 @@ jobs:
alpine_version=${{ matrix.alpine_version }}
labels: ${{ steps.meta.outputs.labels }}
outputs: |
type=image,name=${{ env[matrix.registry] }},push-by-digest=true,name-canonical=true,push=true
type=image,name=${{ env.dockerhub }},push-by-digest=true,name-canonical=true,push=true
- name: Export digests
run: |
mkdir -p /tmp/digests/${{ matrix.registry }}
mkdir -p /tmp/digests
digest_docker="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${{ matrix.registry }}/${digest_docker#sha256:}"
touch "/tmp/digests/${digest_docker#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ matrix.registry }}-${{ env.PLATFORM_PAIR }}
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
Expand All @@ -93,10 +91,6 @@ jobs:
# If we would push immediately above, the individual runners would overwrite each other's images
# https://docs.docker.com/build/ci/github-actions/multi-platform/#distribute-build-across-multiple-runners
merge-and-deploy:
strategy:
fail-fast: false
matrix:
registry: [dockerhub, ghcr]
runs-on: ubuntu-latest
needs:
- build
Expand All @@ -107,39 +101,43 @@ jobs:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests/${{ matrix.registry }}
pattern: digests-${{ matrix.registry }}-*
path: /tmp/digests
pattern: digests-*
merge-multiple: true

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to DockerHub and GitHub Container Registry
uses: ./.github/actions/login-repo
with:
docker_username: ${{ secrets.DOCKERHUB_USER }}
docker_password: ${{ secrets.DOCKERHUB_PASS }}
ghcr_username: ${{ github.repository_owner }}
ghcr_password: ${{ secrets.GITHUB_TOKEN }}

- name: Docker meta (Docker Hub and GitHub Container Registry)
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
images: |
${{ env[matrix.registry] }}
${{ env.dockerhub }}
${{ env.ghcr }}
flavor: |
latest=false
tags: |
development-v6
- name: Create manifest list and push (${{ matrix.registry }})
working-directory: /tmp/digests/${{ matrix.registry }}
- name: Login to DockerHub and GitHub Container Registry
uses: ./.github/actions/login-repo
with:
docker_username: ${{ secrets.DOCKERHUB_USER }}
docker_password: ${{ secrets.DOCKERHUB_PASS }}
ghcr_username: ${{ github.repository_owner }}
ghcr_password: ${{ secrets.GITHUB_TOKEN }}

- name: Create manifest list and push (DockerHub and GitHub Container Registry)
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env[matrix.registry] }}@sha256:%s ' *)
$(printf '${{ env.dockerhub }}@sha256:%s ' *)
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.ghcr }}@sha256:%s ' *)
- name: Inspect image
- name: Inspect images
run: |
docker buildx imagetools inspect ${{ env[matrix.registry] }}:${{ steps.meta.outputs.version }}
docker buildx imagetools inspect ${{ env.dockerhub }}:${{ steps.meta.outputs.version }}
docker buildx imagetools inspect ${{ env.ghcr }}:${{ steps.meta.outputs.version }}

0 comments on commit 0ae5b0b

Please sign in to comment.