ci #1076
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| buildx-version: | |
| description: 'Buildx version or Git context' | |
| default: 'latest' | |
| required: false | |
| buildkit-image: | |
| description: 'BuildKit image' | |
| default: 'moby/buildkit:buildx-stable-1' | |
| required: false | |
| schedule: | |
| - cron: '0 10 * * *' | |
| push: | |
| branches: | |
| - 'master' | |
| - 'releases/v*' | |
| tags: | |
| - 'v*' | |
| pull_request: | |
| env: | |
| BUILDX_VERSION: latest | |
| BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1 | |
| jobs: | |
| bake: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: | |
| - default | |
| - release | |
| services: | |
| registry: | |
| image: registry:2 | |
| ports: | |
| - 5000:5000 | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v3 | |
| - | |
| name: Set up QEMU | |
| uses: docker/setup-qemu-action@v2 | |
| - | |
| name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v2 | |
| with: | |
| version: ${{ inputs.buildx-version || env.BUILDX_VERSION }} | |
| driver-opts: | | |
| image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }} | |
| network=host | |
| - | |
| name: Build and push | |
| uses: ./ | |
| with: | |
| builder: ${{ steps.buildx.outputs.name }} | |
| files: | | |
| ./test/config.hcl | |
| targets: | | |
| ${{ matrix.target }} | |
| push: false # set to true when https://github.com/docker/buildx/issues/179 is fixed | |
| error-msg: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v3 | |
| - | |
| name: Build | |
| continue-on-error: true | |
| uses: ./ | |
| with: | |
| files: | | |
| ./test/config.hcl | |
| set: | | |
| *.platform=linux/amd64,linux/ppc64le,linux/s390x | |
| error-check: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v3 | |
| - | |
| name: Stop docker | |
| run: | | |
| sudo systemctl stop docker | |
| - | |
| name: Build | |
| id: bake | |
| continue-on-error: true | |
| uses: ./ | |
| with: | |
| files: | | |
| ./test/config.hcl | |
| - | |
| name: Check | |
| run: | | |
| echo "${{ toJson(steps.bake) }}" | |
| if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then | |
| echo "::error::Should have failed" | |
| exit 1 | |
| fi | |
| standalone: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v3 | |
| - | |
| name: Uninstall moby cli | |
| run: | | |
| sudo apt-get purge -y moby-cli moby-buildx | |
| - | |
| name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| with: | |
| version: ${{ inputs.buildx-version || env.BUILDX_VERSION }} | |
| driver-opts: | | |
| image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }} | |
| - | |
| name: Build | |
| uses: ./ | |
| with: | |
| files: | | |
| ./test/config.hcl | |
| source: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v3 | |
| - | |
| name: Build | |
| uses: ./ | |
| with: | |
| source: https://github.com/docker/buildx.git#v0.8.2 | |
| targets: update-docs | |
| provenance: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| attrs: | |
| - '' | |
| - mode=max | |
| - builder-id=foo | |
| - false | |
| - true | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v3 | |
| - | |
| name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| with: | |
| version: ${{ inputs.buildx-version || env.BUILDX_VERSION }} | |
| driver-opts: | | |
| network=host | |
| image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }} | |
| - | |
| name: Build | |
| uses: ./ | |
| with: | |
| workdir: ./test/go | |
| targets: binary | |
| provenance: ${{ matrix.attrs }} | |
| set: | | |
| *.output=type=oci,dest=/tmp/build.tar | |
| *.cache-from=type=gha,scope=provenance | |
| *.cache-to=type=gha,scope=provenance,mode=max | |
| sbom: | |
| runs-on: ubuntu-latest | |
| env: | |
| DESTDIR: /tmp/bake-build | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - target: image | |
| output: type=image,name=localhost:5000/name/app:latest,push=true | |
| - target: binary | |
| output: /tmp/bake-build | |
| services: | |
| registry: | |
| image: registry:2 | |
| ports: | |
| - 5000:5000 | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v3 | |
| - | |
| name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| with: | |
| version: ${{ inputs.buildx-version || env.BUILDX_VERSION }} | |
| driver-opts: | | |
| network=host | |
| image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }} | |
| - | |
| name: Build | |
| uses: ./ | |
| with: | |
| workdir: ./test/go | |
| targets: ${{ matrix.target }} | |
| sbom: true | |
| set: | | |
| *.output=${{ matrix.output }} | |
| *.cache-from=type=gha,scope=attests-${{ matrix.target }} | |
| *.cache-to=type=gha,scope=attests-${{ matrix.target }},mode=max | |
| - | |
| name: Inspect image | |
| if: matrix.target == 'image' | |
| run: | | |
| docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}' | |
| - | |
| name: Check output folder | |
| if: matrix.target == 'binary' | |
| working-directory: ${{ env.DESTDIR }} | |
| run: | | |
| tree . | |
| - | |
| name: Print provenance | |
| if: matrix.target == 'binary' | |
| working-directory: ${{ env.DESTDIR }} | |
| run: | | |
| cat provenance.json | jq | |
| - | |
| name: Print SBOM | |
| if: matrix.target == 'binary' | |
| working-directory: ${{ env.DESTDIR }} | |
| run: | | |
| cat sbom.spdx.json | jq |