[WIP] .github: workflows: Use buildah #69
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - testing-main | |
| - v*-branch | |
| tags: | |
| - v* | |
| pull_request: | |
| branches: | |
| - testing-main | |
| - v*-branch | |
| permissions: | |
| packages: write | |
| concurrency: | |
| group: ${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| name: Build (${{ matrix.variant.platform }}) | |
| runs-on: | |
| group: ${{ matrix.variant.builder }} | |
| container: | |
| image: ghcr.io/zephyrproject-rtos/image-build:v1.0.0 | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| variant: | |
| - platform: linux/amd64 | |
| arch: amd64 | |
| builder: zephyr-runner-v2-linux-x64-4xlarge | |
| - platform: linux/arm64 | |
| arch: arm64 | |
| builder: zephyr-runner-v2-linux-arm64-4xlarge | |
| env: | |
| DOCKERHUB_BASE: docker.io/zephyrprojectrtos | |
| GHCR_BASE: ghcr.io/zephyrproject-rtos | |
| BASE_IMAGE_NAME: ci-base-testing | |
| CI_IMAGE_NAME: ci-testing | |
| DEVELOPER_IMAGE_NAME: zephyr-build-testing | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| # - name: Set up build environment | |
| # run: | | |
| # # Install Podman. | |
| # dnf -y install podman | |
| # # Use VFS storage driver because FUSE is not available inside | |
| # # unprivileged runner containers. | |
| # sed -i 's/driver = .*/driver = "vfs"/' /etc/containers/storage.conf | |
| # # Set XDG_RUNTIME_DIR to ensure that Podman correctly resolves temporary | |
| # # directory path. | |
| # export XDG_RUNTIME_DIR="/tmp/users/$(id -u)" | |
| # mkdir -p $XDG_RUNTIME_DIR | |
| # echo "XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR" >> $GITHUB_ENV | |
| # # Create a dummy Docker config file because podman-login action | |
| # # requires it. | |
| # mkdir -p $HOME/.docker | |
| # echo '{ "auths": {} }' > $HOME/.docker/config.json | |
| - name: Login to DockerHub | |
| if: ${{ github.event_name != 'pull_request' }} | |
| uses: redhat-actions/podman-login@v1 | |
| with: | |
| registry: docker.io | |
| username: ${{ vars.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GitHub Container Registry | |
| if: ${{ github.event_name != 'pull_request' }} | |
| uses: redhat-actions/podman-login@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Generate metadata for base image | |
| if: ${{ github.event_name != 'pull_request' }} | |
| id: meta_ci_base | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| ${{ env.DOCKERHUB_BASE }}/${{ env.BASE_IMAGE_NAME }} | |
| ${{ env.GHCR_BASE }}/${{ env.BASE_IMAGE_NAME }} | |
| flavor: | | |
| latest=false | |
| suffix=-${{ matrix.variant.arch }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| - name: Generate metadata for CI image | |
| if: ${{ github.event_name != 'pull_request' }} | |
| id: meta_ci | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| ${{ env.DOCKERHUB_BASE }}/${{ env.CI_IMAGE_NAME }} | |
| ${{ env.GHCR_BASE }}/${{ env.CI_IMAGE_NAME }} | |
| flavor: | | |
| latest=false | |
| suffix=-${{ matrix.variant.arch }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| - name: Generate metadata for Developer image | |
| if: ${{ github.event_name != 'pull_request' }} | |
| id: meta_developer | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| ${{ env.DOCKERHUB_BASE }}/${{ env.DEVELOPER_IMAGE_NAME }} | |
| ${{ env.GHCR_BASE }}/${{ env.DEVELOPER_IMAGE_NAME }} | |
| flavor: | | |
| latest=false | |
| suffix=-${{ matrix.variant.arch }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| - name: Build base image | |
| uses: redhat-actions/buildah-build@v2 | |
| with: | |
| context: . | |
| containerfiles: Dockerfile.base | |
| tags: ${{ steps.meta_ci_base.outputs.tags }} | |
| labels: ${{ steps.meta_ci_base.outputs.labels }} | |
| # - name: Build CI image | |
| # uses: docker/build-push-action@v3 | |
| # with: | |
| # context: . | |
| # file: Dockerfile.ci | |
| # platforms: ${{ matrix.variant.platform }} | |
| # push: true | |
| # tags: ${{ steps.meta_ci.outputs.tags }} | |
| # labels: ${{ steps.meta_ci.outputs.labels }} | |
| # build-args: | | |
| # BASE_IMAGE=localhost:5000/zephyrproject-rtos/ci-base-testing:${{ steps.meta_ci_base.outputs.version }} | |
| # - name: Build Developer image | |
| # uses: docker/build-push-action@v3 | |
| # with: | |
| # context: . | |
| # file: Dockerfile.devel | |
| # platforms: ${{ matrix.variant.platform }} | |
| # push: true | |
| # tags: ${{ steps.meta_developer.outputs.tags }} | |
| # labels: ${{ steps.meta_developer.outputs.labels }} | |
| # build-args: | | |
| # BASE_IMAGE=localhost:5000/zephyrproject-rtos/ci-testing:${{ steps.meta_ci.outputs.version }} | |
| - name: Push base image | |
| uses: redhat-actions/push-to-registry@v2 | |
| with: | |
| tags: ${{ steps.meta_ci_base.outputs.tags }} | |
| merge: | |
| name: Merge | |
| runs-on: | |
| group: zephyr-runner-v2-linux-x64-4xlarge | |
| container: | |
| image: ghcr.io/zephyrproject-rtos/image-build:v1.0.0 | |
| needs: build | |
| if: ${{ github.event_name != 'pull_request' }} | |
| steps: | |
| # - name: Set up build environment | |
| # run: | | |
| # # Install Podman. | |
| # dnf -y install podman | |
| # # Use VFS storage driver because FUSE is not available inside | |
| # # unprivileged runner containers. | |
| # sed -i 's/driver = .*/driver = "vfs"/' /etc/containers/storage.conf | |
| # # Set XDG_RUNTIME_DIR to ensure that Podman correctly resolves temporary | |
| # # directory path. | |
| # export XDG_RUNTIME_DIR="/tmp/users/$(id -u)" | |
| # mkdir -p $XDG_RUNTIME_DIR | |
| # echo "XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR" >> $GITHUB_ENV | |
| # # Create a dummy Docker config file because podman-login action | |
| # # requires it. | |
| # mkdir -p $HOME/.docker | |
| # echo '{ "auths": {} }' > $HOME/.docker/config.json | |
| - name: Login to DockerHub | |
| if: ${{ github.event_name != 'pull_request' }} | |
| uses: redhat-actions/podman-login@v1 | |
| with: | |
| registry: docker.io | |
| username: ${{ vars.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GitHub Container Registry | |
| if: ${{ github.event_name != 'pull_request' }} | |
| uses: redhat-actions/podman-login@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Generate metadata for base image | |
| id: meta_ci_base | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| ${{ env.DOCKERHUB_BASE }}/${{ env.BASE_IMAGE_NAME }} | |
| ${{ env.GHCR_BASE }}/${{ env.BASE_IMAGE_NAME }} | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Generate metadata for CI image | |
| id: meta_ci | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| ${{ env.DOCKERHUB_BASE }}/${{ env.CI_IMAGE_NAME }} | |
| ${{ env.GHCR_BASE }}/${{ env.CI_IMAGE_NAME }} | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Generate metadata for Developer image | |
| id: meta_developer | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| ${{ env.DOCKERHUB_BASE }}/${{ env.DEVELOPER_IMAGE_NAME }} | |
| ${{ env.GHCR_BASE }}/${{ env.DEVELOPER_IMAGE_NAME }} | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Create multi-architecture image | |
| run: | | |
| archs=(amd64 arm64) | |
| ci_base_image="${{ env.GHCR_BASE }}/${{ env.BASE_IMAGE_NAME }}:${{ steps.meta_ci_base.outputs.version }}" | |
| ci_image="${{ env.GHCR_BASE }}/${{ env.CI_IMAGE_NAME }}:${{ steps.meta_ci.outputs.version }}" | |
| developer_image="${{ env.GHCR_BASE }}/${{ env.DEVELOPER_IMAGE_NAME }}:${{ steps.meta_developer.outputs.version }}" | |
| # Pull architecture-specific images | |
| for arch in ${archs[@]}; do | |
| podman pull ${ci_base_image}-${arch} | |
| podman pull ${ci_image}-${arch} | |
| podman pull ${developer_image}-${arch} | |
| done | |
| # Create multi-architecture image | |
| for arch in ${archs[@]}; do | |
| ci_base_image_amend_flags+="--amend ${ci_base_image}-${arch} " | |
| ci_image_amend_flags+="--amend ${ci_image}-${arch} " | |
| developer_image_amend_flags+="--amend ${developer_image}-${arch} " | |
| done | |
| podman manifest create ${ci_base_image} ${ci_base_image_amend_flags} | |
| podman manifest create ${ci_image} ${ci_image_amend_flags} | |
| podman manifest create ${developer_image} ${developer_image_amend_flags} | |
| podman manifest push ${ci_base_image} | |
| podman manifest push ${ci_image} | |
| podman manifest push ${developer_image} | |
| # - name: Push base docker image | |
| # uses: stephanosio/[email protected] | |
| # with: | |
| # src: ghcr.io/zephyrproject-rtos/ci-base-testing:${{ steps.meta_ci_base_push.outputs.version }} | |
| # dst: ${{ steps.meta_ci_base_push.outputs.tags }} | |
| # - name: Push CI docker image | |
| # uses: stephanosio/[email protected] | |
| # with: | |
| # src: ghcr.io/zephyrproject-rtos/ci-testing:${{ steps.meta_ci_push.outputs.version }} | |
| # dst: ${{ steps.meta_ci_push.outputs.tags }} | |
| # - name: Push Developer docker image | |
| # uses: stephanosio/[email protected] | |
| # with: | |
| # src: ghcr.io/zephyrproject-rtos/zephyr-build-testing:${{ steps.meta_developer_push.outputs.version }} | |
| # dst: ${{ steps.meta_developer_push.outputs.tags }} |