Skip to content

Commit

Permalink
Merge pull request #34 from wayofdev/feat/docker-bake
Browse files Browse the repository at this point in the history
feat!: migrate to docker-bake.hcl approach
  • Loading branch information
lotyp authored Sep 14, 2024
2 parents e8ae9cf + bf18890 commit 7f93389
Show file tree
Hide file tree
Showing 6 changed files with 389 additions and 91 deletions.
17 changes: 17 additions & 0 deletions .dive-ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
---

rules:
# If the efficiency is measured below X%, mark as failed.
# Expressed as a ratio between 0-1.
lowestEfficiency: 0.95

# If the amount of wasted space is at least X or larger than X, mark as failed.
# Expressed in B, KB, MB, and GB.
highestWastedBytes: 20MB

# If the amount of wasted space makes up for X% or more of the image, mark as failed.
# Note: the base image layer is NOT included in the total image size.
# Expressed as a ratio between 0-1; fails if the threshold is met or crossed.
highestUserWastedPercent: 0.20

...
42 changes: 0 additions & 42 deletions .github/workflows/build-latest.yml

This file was deleted.

49 changes: 0 additions & 49 deletions .github/workflows/build-release.yml

This file was deleted.

204 changes: 204 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,204 @@
---

on: # yamllint disable-line rule:truthy
workflow_dispatch:
push:
branches:
- master
release:
types:
- released
schedule:
- cron: "30 10 * * *"

env:
DOCKER_NAMESPACE: wayofdev/nginx
GHCR_NAMESPACE: ghcr.io/wayofdev/docker-nginx

name: 🚀 Build docker images with latest tag

concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true

jobs:
build:
strategy:
fail-fast: false
matrix:
os_name: ["alpine"]
nginx_type: ["dev", "k8s"]
builder: [{arch: "amd64", os: "ubuntu-latest"}, {arch: "arm64", os: "ubuntu-latest"}]
runs-on: ${{ matrix.builder.os }}
steps:

- name: 🌎 Set environment variables
run: |
tag="${{ matrix.nginx_type }}-${{ matrix.os_name }}-${{ matrix.builder.arch }}"
target="nginx-${{ matrix.nginx_type }}-${{ matrix.os_name }}"
echo "TARGET=${target}" >> "$GITHUB_ENV"
echo "PLATFORM_CACHE_TAG=${tag}" >> "$GITHUB_ENV"
- name: 📦 Check out the codebase
uses: actions/[email protected]

- name: 🤖 Generate dist files
run: ansible-playbook src/playbook.yml -l ${{ matrix.nginx_type }}-${{ matrix.os_name }}

- name: 🖥️ Setup docker QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/${{ matrix.builder.arch }}

- name: 🛠️ Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
platforms: linux/${{ matrix.builder.arch }}
buildkitd-flags: "--debug"

- name: 🐳 Extract docker meta data
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.DOCKER_NAMESPACE }}
${{ env.GHCR_NAMESPACE }}
tags: |
type=raw,event=branch,value=latest
type=ref,event=tag
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
flavor: |
latest=false
prefix=${{ matrix.nginx_type }}-${{ matrix.os_name }}-
- name: ⚙️ Rename meta bake definition file
run: |
mv "${{ steps.meta.outputs.bake-file }}" "/tmp/bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json"
- name: 📤 Upload meta bake definition
uses: actions/upload-artifact@v4
with:
name: bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json
path: /tmp/bake-meta-*.json
if-no-files-found: error
retention-days: 1

- name: 🔑 Login to docker-hub
uses: docker/login-action@v3
with:
registry: docker.io
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}

- name: 🔑 Login to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: 🚀 Bake image and push to docker-hub and GHCR
id: bake
uses: docker/[email protected]
with:
targets: ${{ env.TARGET }}
files: |
./docker-bake.hcl
/tmp/bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json
set: |
*.tags=
*.platform=linux/${{ matrix.builder.arch }}
*.cache-from=type=gha,scope=build-${{ env.PLATFORM_CACHE_TAG }}
*.cache-to=type=gha,scope=build-${{ env.PLATFORM_CACHE_TAG }}
*.output=type=image,"name=${{ env.DOCKER_NAMESPACE }},${{ env.GHCR_NAMESPACE }}",push-by-digest=true,name-canonical=true,push=true
- name: 📥 Export digest
run: |
mkdir -p /tmp/digests
echo "Bake Metadata: ${{ steps.bake.outputs.metadata }}"
digest=$(echo '${{ steps.bake.outputs.metadata }}' | jq -r '.["${{ env.TARGET }}"]["containerimage.digest"]')
if [[ -z "$digest" || "$digest" == "null" ]]; then
echo "Digest not found."
exit 1
fi
echo "Digest: $digest"
touch "/tmp/digests/${digest#sha256:}"
- name: 📤 Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ env.PLATFORM_CACHE_TAG }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1

merge:
needs: build
runs-on: ubuntu-latest
steps:

- name: 📥 Download meta bake definitions
uses: actions/download-artifact@v4
with:
pattern: bake-meta-*
path: /tmp
merge-multiple: true

- name: 📥 Download meta bake definitions
uses: actions/download-artifact@v4
with:
pattern: digests-*
path: /tmp/digests

- name: 🔑 Login to docker-hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}

- name: 🔑 Login to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: 🖥️ Setup docker QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64,linux/arm64

- name: 🛠️ Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
platforms: linux/amd64,linux/arm64
buildkitd-flags: "--debug"

- name: 📦 Check out the codebase
uses: actions/[email protected]

- name: 🚀 Create manifest list and push
working-directory: /tmp
run: |
variants=($(ls bake-meta-*.json | sed -E 's/bake-meta-//; s/-amd64.json|-arm64.json//g' | sort -u))
for variant in "${variants[@]}"; do
# Fetch digests for amd64 and arm64 architectures
DIGEST_AMD64=$(basename $(ls /tmp/digests/digests-${variant}-amd64/*))
DIGEST_ARM64=$(basename $(ls /tmp/digests/digests-${variant}-arm64/*))
echo "Digest AMD64: $DIGEST_AMD64"
echo "Digest ARM64: $DIGEST_ARM64"
# Create the manifest list for Docker Hub
docker buildx imagetools create $(jq -cr ".target.\"docker-metadata-action\".tags | map(select(startswith(\"${DOCKER_NAMESPACE}\")) | \"-t \" + .) | join(\" \")" /tmp/bake-meta-${variant}-amd64.json) \
"${DOCKER_NAMESPACE}@sha256:${DIGEST_AMD64}" \
"${DOCKER_NAMESPACE}@sha256:${DIGEST_ARM64}"
# Create the manifest list for GHCR
docker buildx imagetools create $(jq -cr ".target.\"docker-metadata-action\".tags | map(select(startswith(\"${GHCR_NAMESPACE}\")) | \"-t \" + .) | join(\" \")" /tmp/bake-meta-${variant}-amd64.json) \
"${GHCR_NAMESPACE}@sha256:${DIGEST_AMD64}" \
"${GHCR_NAMESPACE}@sha256:${DIGEST_ARM64}"
done
...
Loading

0 comments on commit 7f93389

Please sign in to comment.