Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat (rebuild): restructure #27

Merged
merged 19 commits into from
Oct 15, 2023
58 changes: 0 additions & 58 deletions .github/workflows/builder-mock.yaml

This file was deleted.

159 changes: 159 additions & 0 deletions .github/workflows/containers.build.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,159 @@
name: "Containers: Test-and-Build"

on:
workflow_dispatch:
push:
branches:
- main
paths:
- "apps/**"
- "dev/**"
- "base/**"
- ".github/workflows/containers.build.yaml"
pull_request:
paths:
- "apps/**"
- "dev/**"
- "base/**"
- ".github/workflows/containers.build.yaml"

# Detect which folders in project-root (which contain the containers) contain changes
jobs:
changes:
name: Get changes
runs-on: ubuntu-latest
outputs:
matrix: '{"container": ${{ env.containers }} }'
steps:
- name: Checkout
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4
- uses: dorny/paths-filter@v2
id: filter
with:
list-files: json
filters: |
changed:
- 'apps/**'
- 'dev/**'
- 'base/**'
- run: echo '${{ toJson(steps.filter.outputs) }}' > changes.json
- id: reduce
run: |
CONTAINERS=$(jq --raw-output '.changed_files | fromjson | .[] |= sub("(?<filepath>(?<first_directory>(?<root1>[/]?)[^/]+/)(?<second_directory>(?<root2>[/]?)[^/]+)(?<extra_paths>.+))"; "\(.second_directory)") | unique' changes.json)
echo "containers<<EOF" >> $GITHUB_ENV
echo "${CONTAINERS}" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV

hadolint:
name: Run hadolint
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4
- name: hadolint
uses: reviewdog/action-hadolint@f7d29ec6dd89022747bd18b5a151b62ac2f1555e # v1.36.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
reporter: github-pr-review
filter_mode: diff_context
fail_on_error: true

build:
permissions:
actions: read # for detecting the Github Actions environment.
packages: write # for uploading attestations.
name: Build
runs-on: ubuntu-latest
needs:
- hadolint
- changes
strategy:
matrix: ${{ fromJson(needs.changes.outputs.matrix) }}
fail-fast: false
if: "!contains(github.event.head_commit.message, '[ci-skip]')"
steps:
- name: Checkout
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4

# Define if tests and push should be run against which versions/platforms
- name: Prepare
id: prep
run: |
if test -f "./apps/${{ matrix.container }}/Dockerfile"; then
CATEGORY="apps"
VERSION=$(cat ./${CATEGORY}/${{ matrix.container }}/VERSION || echo "undef")
PLATFORM=$(cat ./${CATEGORY}/${{ matrix.container }}/PLATFORM || echo "linux/amd64")
fi
echo "category=${CATEGORY}" >> $GITHUB_OUTPUT
echo "version=${VERSION}" >> $GITHUB_OUTPUT
echo "platform=${PLATFORM}" >> $GITHUB_OUTPUT
if test -f "./${CATEGORY}/${{ matrix.container }}/goss.yaml"; then
echo 'goss=true' >> $GITHUB_OUTPUT
else
echo 'goss=false' >> $GITHUB_OUTPUT
fi
if [ "${{github.event_name}}" == "pull_request" ]; then
echo 'push=false' >> $GITHUB_OUTPUT
echo 'cache_from="type=registry,ref=ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}:buildcache"' >> $GITHUB_OUTPUT || echo 'cache_from=""' >> $GITHUB_OUTPUT
echo 'cache_to=""' >> $GITHUB_OUTPUT
else
echo 'push=true' >> $GITHUB_OUTPUT
echo 'cache_from="type=registry,ref=ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}:buildcache"' >> $GITHUB_OUTPUT
echo 'cache_to="type=registry,ref=ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}:buildcache,mode=max"' >> $GITHUB_OUTPUT
fi

- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3

- name: Log into registry GHCR
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3
if: github.event_name != 'pull_request'
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Docker metadata
id: meta
uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5
with:
images: |
ghcr.io/${{ github.repository_owner }}/${{ matrix.container }}

- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3
with:
install: true
version: latest
driver-opts: image=moby/buildkit:latest

# Push if not a PR, otherwise just test the build process for all requested platforms
- name: Build and Push
id: push
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5
with:
build-args: |
VERSION=${{ steps.prep.outputs.version }}
CONTAINER_NAME=${{ matrix.container }}
CONTAINER_VER=${{ steps.prep.outputs.version }}
context: .
platforms: ${{ steps.prep.outputs.platform }}
file: ./${{ steps.prep.outputs.category }}/${{ matrix.container }}/Dockerfile
push: ${{ steps.prep.outputs.push }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: ${{ steps.prep.outputs.cache_from }}
cache-to: ${{ steps.prep.outputs.cache_to }}
tags: ${{ steps.meta.outputs.tags }}

container-build-complete:
needs: [build]
name: Container Build Completed
runs-on: ubuntu-latest
steps:
- name: complete message
run: echo "Container Build and Tests Completed Successfully"

# NOTE
# many of this code was copied from the great workflow of truechats/containers
# https://github.com/truecharts/containers/blob/master/.github/workflows/containers.build.yaml
File renamed without changes.