Skip to content

Perform cleanup after building. #227

Perform cleanup after building.

Perform cleanup after building. #227

name: Docker Baseimage CI/CD
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
DOCKER_IMAGE_NAME: jlesage/baseimage-gui
on:
push:
branches: '*'
tags:
- v[0-9]+.[0-9]+.[0-9]+
- v[0-9]+.[0-9]+.[0-9]+-pre.[0-9]+
pull_request:
jobs:
build:
name: Build image
runs-on: ubuntu-20.04
services:
registry:
image: registry:2
ports:
- 5000:5000
strategy:
fail-fast: false
matrix:
info:
- '{ "tag_prefix": "alpine-3.16", "baseimage": "jlesage/baseimage:alpine-3.16-v3.6.1", "platforms": "linux/amd64,linux/386,linux/arm/v6,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "alpine-3.17", "baseimage": "jlesage/baseimage:alpine-3.17-v3.6.1", "platforms": "linux/amd64,linux/386,linux/arm/v6,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "alpine-3.18", "baseimage": "jlesage/baseimage:alpine-3.18-v3.6.1", "platforms": "linux/amd64,linux/386,linux/arm/v6,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "alpine-3.19", "baseimage": "jlesage/baseimage:alpine-3.19-v3.6.1", "platforms": "linux/amd64,linux/386,linux/arm/v6,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "alpine-3.20", "baseimage": "jlesage/baseimage:alpine-3.20-v3.6.1", "platforms": "linux/amd64,linux/386,linux/arm/v6,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "debian-10", "baseimage": "jlesage/baseimage:debian-10-v3.6.1", "platforms": "linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "debian-11", "baseimage": "jlesage/baseimage:debian-11-v3.6.1", "platforms": "linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "ubuntu-16.04", "baseimage": "jlesage/baseimage:ubuntu-16.04-v3.6.1", "platforms": "linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "ubuntu-18.04", "baseimage": "jlesage/baseimage:ubuntu-18.04-v3.6.1", "platforms": "linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "ubuntu-20.04", "baseimage": "jlesage/baseimage:ubuntu-20.04-v3.6.1", "platforms": "linux/amd64,linux/arm/v7,linux/arm64/v8" }'
- '{ "tag_prefix": "ubuntu-22.04", "baseimage": "jlesage/baseimage:ubuntu-22.04-v3.6.1", "platforms": "linux/amd64,linux/arm/v7,linux/arm64/v8" }'
steps:
- name: Free disk space
uses: jlumbroso/free-disk-space@main
with:
tool-cache: true
android: true
dotnet: true
haskell: true
large-packages: true
docker-images: true
swap-storage: false
- name: Prepare
id: prep
run: |
# Determine the Docker container version.
VERSION=unknown
if [[ $GITHUB_REF =~ refs/tags/* ]]; then
# Git tag pushed: use tag as the version.
VERSION=${GITHUB_REF#refs/tags/}
elif [[ $GITHUB_REF =~ refs/heads/* ]]; then
# Git commit pushed: use the commit SHA as the version.
VERSION=${GITHUB_SHA::8}
elif [[ $GITHUB_REF =~ refs/pull/* ]]; then
# Pull request: use PR number as the version.
VERSION=pr-${{ github.event.number }}
else
echo "::error::Unexpected GITHUB_REF: $GITHUB_REF"
exit 1
fi
# Determine the version to put in container label.
LABEL_VERSION=${VERSION}
if [[ $GITHUB_REF =~ refs/tags/* ]]; then
LABEL_VERSION=${VERSION:1}
fi
# Determine the Docker container tags.
TAGS="${{ env.DOCKER_IMAGE_NAME }}:${{ fromJSON(matrix.info).tag_prefix }}-${VERSION}"
if [[ $VERSION =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
# For version with format vX.Y.Z, we want to add additional tags:
# - vX.Y
# - vX
V=${VERSION:1}
MAJOR_MINOR=${V%.*}
MAJOR=${MAJOR_MINOR%.*}
TAGS="$TAGS,${{ env.DOCKER_IMAGE_NAME }}:${{ fromJSON(matrix.info).tag_prefix }}-v${MAJOR_MINOR}"
TAGS="$TAGS,${{ env.DOCKER_IMAGE_NAME }}:${{ fromJSON(matrix.info).tag_prefix }}-v${MAJOR}"
fi
# Determine the release type.
if [[ $GITHUB_REF =~ refs/tags/* ]]; then
IS_RELEASE=yes
if [[ $GITHUB_REF =~ -pre\.[0-9]+ ]]; then
RELEASE_TYPE="pre"
else
RELEASE_TYPE="standard"
fi
else
IS_RELEASE=no
RELEASE_TYPE="n/a"
fi
# Print results.
echo "::group::Results"
echo "Github reference: $GITHUB_REF"
echo "Release: $IS_RELEASE"
echo "Release type: $RELEASE_TYPE"
echo "Docker container version: $VERSION"
echo "Docker container version label: $LABEL_VERSION"
echo "Docker container tag(s): $TAGS"
echo "::endgroup::"
# Export outputs.
echo "is_release=${IS_RELEASE}" >> $GITHUB_OUTPUT
echo "release_type=${RELEASE_TYPE}" >> $GITHUB_OUTPUT
echo "version=${VERSION}" >> $GITHUB_OUTPUT
echo "label_version=${LABEL_VERSION}" >> $GITHUB_OUTPUT
echo "tags=${TAGS}" >> $GITHUB_OUTPUT
#echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
- name: Checkout
uses: actions/checkout@v4
- name: Setup BATS
uses: mig4/setup-bats@v1
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: arm,arm64,ppc64le,mips64,s390x
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host
- name: Build and push to local registry
uses: docker/build-push-action@v5
continue-on-error: true
with:
push: true
pull: true
provenance: false
no-cache: true
platforms: ${{ fromJSON(matrix.info).platforms }}
tags: localhost:5000/${{ env.DOCKER_IMAGE_NAME }}:github-ci
build-args: |
BASEIMAGE=${{ fromJSON(matrix.info).baseimage }}
IMAGE_VERSION=${{ steps.prep.outputs.label_version }}
#cache-from: type=gha,scope=${{ fromJSON(matrix.info).tag_prefix }}
#cache-to: type=gha,mode=max,scope=${{ fromJSON(matrix.info).tag_prefix }}
- name: Disk space
run: |
docker system df
df -h
- name: Inspect
id: inspect
run: |
docker buildx imagetools inspect localhost:5000/${{ env.DOCKER_IMAGE_NAME }}:github-ci
echo "raw=$(docker buildx imagetools inspect --raw localhost:5000/${{ env.DOCKER_IMAGE_NAME }}:github-ci | tr -d '\n')" >> $GITHUB_OUTPUT
- name: Test image
run: |
for SHA in ${{ join(fromJSON(steps.inspect.outputs.raw).manifests.*.digest, ' ') }}
do
export DOCKER_IMAGE=localhost:5000/${{ env.DOCKER_IMAGE_NAME }}:github-ci@$SHA
docker pull $DOCKER_IMAGE
docker run --rm $DOCKER_IMAGE sh -c 'echo Testing image on $(uname -m)...'
bats tests
done
- name: Login to DockerHub
if: ${{ steps.prep.outputs.is_release == 'yes' }}
uses: docker/#-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Build and push to Dockerhub
# NOTE: The `--load` option of `buildx` only works with a single
# platform. Thus, we cannot build the image with `--load`, test
# the image and then `docker push` it. We need to build the image
# twice, with different tags. The second build should however
# be very fast because of cache. See:
# - https://github.com/docker/buildx/issues/59
# - https://github.com/docker/build-push-action/issues/132
if: ${{ steps.prep.outputs.is_release == 'yes' }}
uses: docker/build-push-action@v5
with:
push: true
provenance: false
platforms: ${{ fromJSON(matrix.info).platforms }}
tags: ${{ steps.prep.outputs.tags }}
build-args: |
BASEIMAGE=${{ fromJSON(matrix.info).baseimage }}
IMAGE_VERSION=${{ steps.prep.outputs.label_version }}
#cache-from: type=gha,scope=${{ fromJSON(matrix.info).tag_prefix }}
post-build:
name: Post-build
needs: [ build ]
runs-on: ubuntu-20.04
steps:
- name: Prepare
id: prep
run: |
# Determine the release type.
if [[ $GITHUB_REF =~ refs/tags/* ]]; then
IS_RELEASE=yes
if [[ $GITHUB_REF =~ -pre\.[0-9]+ ]]; then
RELEASE_TYPE="pre"
else
RELEASE_TYPE="standard"
fi
else
IS_RELEASE=no
RELEASE_TYPE="n/a"
fi
# Print results.
echo "::group::Results"
echo "Github reference: $GITHUB_REF"
echo "Release: $IS_RELEASE"
echo "Release type: $RELEASE_TYPE"
echo "::endgroup::"
# Export outputs.
echo "is_release=${IS_RELEASE}" >> $GITHUB_OUTPUT
echo "release_type=${RELEASE_TYPE}" >> $GITHUB_OUTPUT
- name: Checkout
uses: actions/checkout@v4
- name: Dockerhub description
if: ${{ steps.prep.outputs.release_type == 'standard' }}
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
repository: ${{ env.DOCKER_IMAGE_NAME }}
readme-filepath: DOCKERHUB.md
notification:
name: Notification
needs: [ build, post-build ]
runs-on: ubuntu-20.04
if: ${{ always() }}
steps:
- name: Pushover notification
uses: desiderati/github-action-pushover@v1
with:
job-status: ${{ needs.build.result }}
pushover-api-token: ${{ secrets.PUSHOVER_API_TOKEN }}
pushover-user-key: ${{ secrets.PUSHOVER_USER_KEY }}