Skip to content

KubeEdge v1.16.1-1 release #14

KubeEdge v1.16.1-1 release

KubeEdge v1.16.1-1 release #14

Workflow file for this run

name: build release, release image to DockerHub
on:
release:
types:
- published
env:
CONTAINER_RUN_OPTIONS: " "
IMAGE_REPOSITORY: shelleyby
jobs:
release-assests:
name: release kubeedge components
runs-on: ubuntu-22.04
strategy:
matrix:
target: [kubeedge, edgesite, keadm]
os: [linux]
ARM_VERSION: [GOARM7, GOARM8, ""]
include:
- target: kubeedge
os: windows
ARM_VERSION: ""
- target: keadm
os: windows
ARM_VERSION: ""
outputs:
hash-kubeedge-linux-amd64: ${{ steps.hash.outputs.hash-kubeedge-linux-amd64 }}
hash-kubeedge-windows-amd64: ${{ steps.hash.outputs.hash-kubeedge-windows-amd64 }}
hash-kubeedge-linux-arm64: ${{ steps.hash.outputs.hash-kubeedge-linux-arm64 }}
hash-kubeedge-linux-arm: ${{ steps.hash.outputs.hash-kubeedge-linux-arm }}
hash-keadm-linux-amd64: ${{ steps.hash.outputs.hash-keadm-linux-amd64 }}
hash-keadm-linux-arm64: ${{ steps.hash.outputs.hash-keadm-linux-arm64 }}
hash-keadm-linux-arm: ${{ steps.hash.outputs.hash-keadm-linux-arm }}
hash-keadm-windows-amd64: ${{ steps.hash.outputs.hash-keadm-windows-amd64 }}
hash-edgesite-linux-amd64: ${{ steps.hash.outputs.hash-edgesite-linux-amd64 }}
hash-edgesite-linux-arm64: ${{ steps.hash.outputs.hash-edgesite-linux-arm64 }}
hash-edgesite-linux-arm: ${{ steps.hash.outputs.hash-edgesite-linux-arm }}
steps:
- name: checkout code
uses: actions/checkout@v3
with:
# fetch-depth:
# 0 indicates all history for all branches and tags.
# for `git describe --tags` in Makefile.
fetch-depth: 0
- name: Making and packaging
run: |
if [ "${{ matrix.os }}" == "linux" ]; then
docker pull kubeedge/build-tools:1.20.10-ke1
BUILD_CONTAINER=true
else
BUILD_CONTAINER=false
fi
make release WHAT=${{ matrix.target }} ARM_VERSION=${{ matrix.ARM_VERSION }} OS=${{ matrix.os }} BUILD_WITH_CONTAINER=$BUILD_CONTAINER
- name: Generate arch
run: |
if [ "${{ matrix.ARM_VERSION }}" = "GOARM7" ]; then echo "output_arch=arm" >> $GITHUB_ENV; elif [ ${{ matrix.ARM_VERSION }} = "GOARM8" ]; then echo "output_arch=arm64" >> $GITHUB_ENV; else echo "output_arch=amd64" >> $GITHUB_ENV; fi
- name: Generate hashes
shell: bash
id: hash
run: |
cp _output/release/${{ github.ref_name }}/${{ matrix.target }}-${{ github.ref_name }}-${{ matrix.os }}-${{ env.output_arch }}.tar.gz .
echo "hash-${{ matrix.target }}-${{ matrix.os }}-${{ env.output_arch }}=$( \
sha256sum ${{ matrix.target }}-${{ github.ref_name }}-${{ matrix.os }}-${{ env.output_arch}}.tar.gz | base64 -w0 \
)" >> "$GITHUB_OUTPUT"
- name: Uploading assets...
if: ${{ !env.ACT }}
uses: softprops/action-gh-release@v1
with:
files: |
_output/release/${{ github.ref_name }}/${{ matrix.target }}-${{ github.ref_name }}-${{ matrix.os }}-${{ env.output_arch }}.tar.gz
_output/release/${{ github.ref_name }}/checksum_${{ matrix.target }}-${{ github.ref_name }}-${{ matrix.os }}-${{ env.output_arch }}.tar.gz.txt
combine_hashes:
needs: [release-assests]
runs-on: ubuntu-22.04
outputs:
hashes: ${{ steps.hashes.outputs.hashes }}
env:
HASHES: ${{ toJSON(needs.release-assests.outputs) }}
steps:
- id: hashes
run: |
echo "$HASHES" | jq -r '.[] | @base64d' | sed "/^$/d" > hashes.txt
echo "hashes=$(cat hashes.txt | base64 -w0)" >> "$GITHUB_OUTPUT"
# This step calls the generic workflow to generate provenance.
provenance:
needs: [combine_hashes]
permissions:
actions: read
id-token: write
contents: write
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
with:
base64-subjects: "${{ needs.combine_hashes.outputs.hashes }}"
# Upload provenance to a new release
upload-assets: true
publish-image-to-dockerhub:
name: publish to DockerHub
strategy:
matrix:
target: [cloudcore, admission, edgesite-agent, edgesite-server, csidriver, iptables-manager, edgemark, installation-package, controller-manager, conformance, nodeconformance]
outputs:
hash-digest-cloudcore: ${{ steps.hash.outputs.hash-digest-cloudcore }}
hash-digest-admission: ${{ steps.hash.outputs.hash-digest-admission }}
hash-digest-edgesite-agent: ${{ steps.hash.outputs.hash-digest-edgesite-agent }}
hash-digest-edgesite-server: ${{ steps.hash.outputs.hash-digest-edgesite-server }}
hash-digest-csidriver: ${{ steps.hash.outputs.hash-digest-csidriver }}
hash-digest-iptables-manager: ${{ steps.hash.outputs.hash-digest-iptables-manager }}
hash-digest-edgemark: ${{ steps.hash.outputs.hash-digest-edgemark }}
hash-digest-installation-package: ${{ steps.hash.outputs.hash-digest-installation-package }}
hash-digest-controller-manager: ${{ steps.hash.outputs.hash-digest-controller-manager }}
hash-digest-conformance: ${{ steps.hash.outputs.hash-digest-conformance }}
hash-digest-nodeconformance: ${{ steps.hash.outputs.hash-digest-nodeconformance }}
runs-on: ubuntu-22.04
steps:
- name: checkout code
uses: actions/checkout@v3
with:
# fetch-depth:
# 0 indicates all history for all branches and tags.
# for `git describe --tags` in Makefile.
fetch-depth: 0
- name: install QEMU
uses: docker/setup-qemu-action@v1
- name: install Buildx
uses: docker/setup-buildx-action@v1
- name: login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USER_NAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: generate dockerfile path
run: |
echo "dockerfile_path=$(./hack/make-rules/imageprocess.sh dockerfile ${{ matrix.target }})" >> $GITHUB_ENV
- name: build and publish images
id: build
uses: docker/build-push-action@v3
with:
context: .
file: ${{ env.dockerfile_path }}
platforms: linux/amd64,linux/arm64,linux/arm/v7
push: true
tags: |
${{ env.IMAGE_REPOSITORY }}/${{ matrix.target }}:${{ github.ref_name }}
- name: generate digest
id: hash
run: |
echo "hash-digest-${{ matrix.target }}=${{ steps.build.outputs.digest }}" >> $GITHUB_OUTPUT
# This step calls the container workflow to generate provenance and push it to
# the container registry.
image-provenance:
needs: [publish-image-to-dockerhub]
strategy:
matrix:
target: [cloudcore, admission, edgesite-agent, edgesite-server, csidriver, iptables-manager, edgemark, installation-package, controller-manager, conformance, nodeconformance]
permissions:
actions: read # for detecting the Github Actions environment.
id-token: write # for creating OIDC tokens for signing.
packages: write # for uploading attestations.
if: startsWith(github.ref, 'refs/tags/')
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
with:
image: shelleyby/${{ matrix.target }}
registry-username: ${{ vars.DOCKERHUB_USER_NAME }}
digest: ${{ needs.publish-image-to-dockerhub.outputs[format('hash-digest-{0}', matrix.target)] }}
secrets:
registry-password: ${{ secrets.DOCKERHUB_TOKEN }}