sporq/zmk-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7426042429
zmk-docker/.github/workflows/containers.yml
innovaker 7426042429 fix: refactor namespaces back into steps 
Further testing has suggested that GitHub Actions sanitizes any secrets in job outputs.  The namespace definitions must therefore be duplicated across each job that needs them.

PR: #47
See: b65d7974a2
See: 7cf9196c14
2021-05-19 13:52:00 +01:00

205 lines
9.3 KiB
YAML
Raw Blame History

name: Containers
env:
zephyr-version: 2.4.0
zephyr-sdk-version: 0.11.4
cache-repository-name: zmk-docker-cache
on:
push:
pull_request:
workflow_dispatch:
concurrency: ${{ github.workflow }}
jobs:
credentials:
runs-on: ubuntu-latest
outputs:
ghcr: ${{ steps.ghcr.outcome == 'success' }}
docker-hub: ${{ steps.docker-hub.outcome == 'success' }}
steps:
- name: Docker Hub
id: docker-hub
run: if [ ${{ secrets.DOCKER_HUB_USERNAME == null || secrets.DOCKER_HUB_TOKEN == null }} = true ]; then exit 1; fi
continue-on-error: true
- name: GitHub Container Registry
id: ghcr
run: if [ ${{ secrets.GHCR_USERNAME == null || secrets.GHCR_TOKEN == null }} = true ]; then exit 1; fi
continue-on-error: true
architectures:
runs-on: ubuntu-latest
outputs:
json: ${{ steps.import.outputs.json }}
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Import from architectures.yml
id: import
shell: python
run: |
import yaml, json
with open('architectures.yml', 'r') as file:
architectures = yaml.safe_load(file)
print('::set-output name=json::' + json.dumps(architectures))
tags:
runs-on: ubuntu-latest
outputs:
candidate: ${{ steps.definitions.outputs.candidate }}
versions: ${{ steps.definitions.outputs.versions }}
major-minor: ${{ steps.definitions.outputs.major-minor }}
latest: ${{ steps.definitions.outputs.latest }}
release-trigger: ${{ steps.definitions.outputs.release-trigger }}
steps:
- name: Definitions
id: definitions
env:
SHA: ${{ github.sha }}
ZEPHYR_VERSION: ${{ env.zephyr-version }}
ZEPHYR_SDK_VERSION: ${{ env.zephyr-sdk-version }}
run: |
CANDIDATE=${SHA}
VERSIONS=${ZEPHYR_VERSION}-${ZEPHYR_SDK_VERSION}
MAJOR=$(echo ${ZEPHYR_VERSION} | cut -d'.' -f 1)
MINOR=$(echo ${ZEPHYR_VERSION} | cut -d'.' -f 2)
MAJOR_MINOR=${MAJOR}.${MINOR}
LATEST=${MAJOR_MINOR}
RELEASE_TRIGGER=${ZEPHYR_VERSION}-${ZEPHYR_SDK_VERSION}
echo ::set-output name=candidate::${CANDIDATE}
echo ::set-output name=versions::${VERSIONS}
echo ::set-output name=major-minor::${MAJOR_MINOR}
echo ::set-output name=latest::${LATEST}
echo ::set-output name=release-trigger::${RELEASE_TRIGGER}
candidates:
needs:
- credentials
- architectures
- tags
if: ${{ !startsWith(github.ref, 'refs/tags') }}
runs-on: ubuntu-latest
strategy:
max-parallel: 1 # takes advantage of caching between jobs
matrix:
architecture: ${{ fromJSON(needs.architectures.outputs.json) }}
target: # ordered from biggest to smallest to take advantage of the registry cache
- dev
- build
steps:
- name: Login to Docker Hub
id: docker-hub-login
if: ${{ needs.credentials.outputs.docker-hub == 'true' }}
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Login to GitHub Container Registry
id: ghcr-login
if: ${{ needs.credentials.outputs.ghcr == 'true' }}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Define namespaces
id: namespaces
env:
DOCKER_HUB: ${{ secrets.DOCKER_HUB_NAMESPACE || github.repository_owner }}
GHCR: ${{ github.repository_owner }}
run: |
echo ::set-output name=docker-hub::${DOCKER_HUB}
echo ::set-output name=ghcr::${GHCR}
- name: Define repository
id: repository
run: echo ::set-output name=name::zmk-${{ matrix.target }}-${{ matrix.architecture }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Build and push (candidate)
id: build-push
uses: docker/build-push-action@v2
with:
target: ${{ matrix.target }}
build-args: |
ZEPHYR_VERSION=${{ env.zephyr-version }}
ARCHITECTURE=${{ matrix.architecture }}
ZEPHYR_SDK_VERSION=${{ env.zephyr-sdk-version }}
labels: |
org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
org.opencontainers.image.revision=${{ github.sha }}
tags: |
docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }}
cache-from: type=registry,ref=docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ env.cache-repository-name }}:dev
cache-to: ${{ (steps.docker-hub-login.outcome == 'success') && (matrix.target == 'dev') && format('type=registry,ref=docker.io/{0}/{1}:{2},mode=max', steps.namespaces.outputs.docker-hub, env.cache-repository-name, 'dev') || null }}
push: ${{ steps.docker-hub-login.outcome == 'success' }}
releases:
needs:
- credentials
- architectures
- tags
if: ${{ github.ref == format('refs/tags/{0}', needs.tags.outputs.release-trigger) }}
runs-on: ubuntu-latest
strategy:
matrix:
architecture: ${{ fromJSON(needs.architectures.outputs.json) }}
target:
- build
- dev
steps:
- name: Login to GitHub Container Registry
id: ghcr-login
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Login to Docker Hub
id: docker-hub-login
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Define namespaces
id: namespaces
env:
DOCKER_HUB: ${{ secrets.DOCKER_HUB_NAMESPACE || github.repository_owner }}
GHCR: ${{ github.repository_owner }}
run: |
echo ::set-output name=docker-hub::${DOCKER_HUB}
echo ::set-output name=ghcr::${GHCR}
- name: Repository name
id: repository
run: echo ::set-output name=name::zmk-${{ matrix.target }}-${{ matrix.architecture }}
- name: Release (pull candidate, tag, push)
run: |
docker pull docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }}
docker tag docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }} docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.versions }}
docker tag docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }} docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.latest }}
docker tag docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }} ghcr.io/${{ steps.namespaces.outputs.ghcr }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }}
docker tag docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }} ghcr.io/${{ steps.namespaces.outputs.ghcr }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.versions }}
docker tag docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }} ghcr.io/${{ steps.namespaces.outputs.ghcr }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.latest }}
docker push docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }}
docker push docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.versions }}
docker push docker.io/${{ steps.namespaces.outputs.docker-hub }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.latest }}
docker push ghcr.io/${{ steps.namespaces.outputs.ghcr }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.candidate }}
docker push ghcr.io/${{ steps.namespaces.outputs.ghcr }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.versions }}
docker push ghcr.io/${{ steps.namespaces.outputs.ghcr }}/${{ steps.repository.outputs.name }}:${{ needs.tags.outputs.latest }}
git-tag:
needs:
- tags
- releases
if: ${{ startsWith(github.ref, 'refs/tags') }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
if: ${{ github.ref == format('refs/tags/{0}', needs.tags.outputs.release-trigger) }}
- name: Tag
if: ${{ github.ref == format('refs/tags/{0}', needs.tags.outputs.release-trigger) }}
env:
TAG: ${{ needs.tags.outputs.major-minor }}
run: |
git tag ${TAG}
git push -f origin ${TAG}
Reference in New Issue View Git Blame Copy Permalink