diff --git a/.github/workflows/build-docker-images.yml b/.github/workflows/build-docker-images.yml index e421921..615d397 100644 --- a/.github/workflows/build-docker-images.yml +++ b/.github/workflows/build-docker-images.yml @@ -6,7 +6,7 @@ on: env: REGISTRY: ghcr.io - IMAGE_NAME: "ghcr.io/silitics/rugpi-bakery:latest" + IMAGE_NAME: "ghcr.io/silitics/rugpi-bakery" PI_BASE_IMAGE: "https://downloads.raspberrypi.org/raspios_lite_arm64/images/raspios_lite_arm64-2023-05-03/2023-05-03-raspios-bullseye-arm64-lite.img.xz" jobs: @@ -19,9 +19,15 @@ jobs: steps: - uses: actions/checkout@v3 + - name: Docker Meta + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.IMAGE_NAME }} + - name: Set up QEMU uses: docker/setup-qemu-action@v2 - + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 @@ -31,22 +37,79 @@ jobs: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - + - name: Build and Push Image + id: build uses: docker/build-push-action@v4 with: context: . file: docker/Dockerfile.rugpi-bakery platforms: ${{ matrix.platform }} + labels: ${{ steps.meta.outputs.labels }} push: true tags: ${{ env.IMAGE_NAME }} cache-from: type=gha cache-to: type=gha,mode=max - + outputs: type=image,name=${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true + + - name: Export Digest + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + + - name: Upload Digest + uses: actions/upload-artifact@v3 + with: + name: digests + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + merge-docker-images: + runs-on: ubuntu-latest + name: Merge Docker Images + needs: + - build-docker-images + steps: + - name: Download Digests + uses: actions/download-artifact@v3 + with: + name: digests + path: /tmp/digests + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Docker Meta + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} + + - name: Login to Container Registry + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Create Manifest List and Push + working-directory: /tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.IMAGE_NAME }}@sha256:%s ' *) + + - name: Inspect Image + run: | + docker buildx imagetools inspect ${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} + build-template-image: name: Build Image runs-on: ubuntu-latest - needs: [build-docker-images] + needs: [merge-docker-images] steps: - uses: actions/checkout@v3 with: @@ -55,18 +118,18 @@ jobs: - name: List Files working-directory: ./template run: ls -l - + - name: Install QEMU run: docker run --privileged --rm tonistiigi/binfmt --install arm64 - name: Extract Image working-directory: ./template run: ./run-bakery extract ${{ env.PI_BASE_IMAGE }} build/base.tar - + - name: Customize System working-directory: ./template run: ./run-bakery customize build/base.tar build/customized.tar - + - name: Bake Image working-directory: ./template run: ./run-bakery bake build/customized.tar build/customized.img