build-ws-container #270
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build-ws-container | |
| on: | |
| # auto-refresh every day | |
| schedule: | |
| - cron: '0 2 * * *' | |
| # can be run manually on https://github.com/cockpit-project/cockpit/actions | |
| workflow_dispatch: | |
| inputs: | |
| FORCE_PUSH: | |
| description: 'Push the image even if an image with the same version already exists in the registry' | |
| type: boolean | |
| required: false | |
| default: false | |
| env: | |
| registry_repo: ${{ vars.REGISTRY_REPO || 'quay.io/cockpit/ws' }} | |
| jobs: | |
| build: | |
| strategy: | |
| matrix: | |
| build: | |
| - label: amd64 | |
| runner: ubuntu-24.04 | |
| - label: arm64 | |
| runner: ubuntu-24.04-arm | |
| runs-on: ${{ matrix.build.runner }} | |
| permissions: {} | |
| timeout-minutes: 20 | |
| outputs: | |
| VERSION: ${{ steps.build.outputs.VERSION }} | |
| SKIP_BUILD: ${{ steps.check_image.outputs.SKIP_BUILD }} | |
| steps: | |
| - name: Clone repository | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| ref: main | |
| # Dockerfile must correspond to latest release, not main | |
| - name: Check out latest tag | |
| run: | | |
| set -ex | |
| git checkout $(git describe --tags --abbrev=0 main) | |
| git describe | |
| - name: Build ws container | |
| id: build | |
| env: | |
| IMAGE_TAG: localhost/cockpit-ws:release-${{ matrix.build.label }} | |
| RUNC: podman | |
| run: | | |
| containers/ws/release.sh | |
| $RUNC save --format=oci-archive $IMAGE_TAG > cockpit-ws-${{ matrix.build.label }}.tar | |
| - name: Check for existing image | |
| id: check_image | |
| run: | | |
| if skopeo inspect docker://${{ env.registry_repo }}:${{ steps.build.outputs.VERSION }}; then | |
| echo "Image with version ${{ steps.build.outputs.VERSION }} already exists, skipping push unless forced." | |
| echo "SKIP_BUILD=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "Image with version ${{ steps.build.outputs.VERSION }} does not exist, proceeding to push image." | |
| echo "SKIP_BUILD=false" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Save image to artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: cockpit-ws-${{ matrix.build.label }} | |
| path: cockpit-ws-${{ matrix.build.label }}.tar | |
| manifest: | |
| needs: build | |
| environment: quay.io | |
| if: ${{ needs.build.outputs.SKIP_BUILD != 'true' || inputs.FORCE_PUSH == true }} | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| steps: | |
| - name: Login in to container registry | |
| run: podman login -u ${{ secrets.QUAY_BOTUSER }} -p ${{ secrets.QUAY_TOKEN }} $(echo ${{ env.registry_repo }} | cut -d/ -f1) | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v5 | |
| - name: Load images into Podman | |
| run: | | |
| for artifact in cockpit-ws-*; do | |
| podman load < $artifact/$artifact.tar | |
| done | |
| - name: Create manifest | |
| # containers-storage:localhost/ is a workaround for https://github.com/containers/common/issues/1896, will probably be fixed in Ubuntu 26.04 | |
| run: podman manifest create ws containers-storage:localhost/cockpit-ws:release-{amd64,arm64} | |
| - name: Push with versioned tag | |
| run: podman manifest push ws "${{ env.registry_repo }}:${{ needs.build.outputs.VERSION }}" | |
| - name: Push :latest tag | |
| run: podman manifest push ws "${{ env.registry_repo }}:latest" |