Use builder image from registry #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: buildah-build-runtime | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "20 19 * * 0" # 20:19 UTC every Sunday | |
| push: | |
| paths: | |
| - .github/workflows/buildah-build-runtime.yml # Self-trigger | |
| - containers/esmini-runtime/Dockerfile | |
| env: | |
| REGISTRY: ghcr.io/bounverif | |
| IMAGE_NAME: esmini | |
| ESMINI_VERSION: latest | |
| # CONTAINERS_ROOT: /home/runner/.local/share/containers | |
| # TMPDIR: /home/runner/.local/share/containers/tmp | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| buildah-build: | |
| name: Build container images | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-24.04, ubuntu-24.04-arm] | |
| runs-on: ${{ matrix.os }} | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.os }} | |
| cancel-in-progress: true | |
| steps: | |
| - name: Install container tools | |
| run: sudo apt-get install podman buildah jq | |
| # - name: Maximize build space | |
| # uses: easimon/maximize-build-space@v10 | |
| # with: | |
| # root-reserve-mb: 2048 # Reserve disk space for repository | |
| # remove-dotnet: "true" | |
| # remove-android: "true" | |
| # remove-haskell: "true" | |
| # remove-codeql: "true" | |
| # remove-docker-images: "true" | |
| # build-mount-path: ${{ env.CONTAINERS_ROOT }} # The remaining space only for container build | |
| # - run: mkdir -p $TMPDIR | |
| - name: Prepare environment variables | |
| run: | | |
| arch=$(podman info --format='{{.Host.Arch}}') | |
| platform=$(podman info --format='{{.Version.OsArch}}' | sed 's/\//-/g') | |
| echo "PODMAN_ARCH=${arch}" >> $GITHUB_ENV | |
| echo "PLATFORM=${platform}" >> $GITHUB_ENV | |
| if [ "${{ env.ESMINI_VERSION }}" == "latest" ]; then | |
| echo "ESMINI_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV | |
| fi | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Log in to the GitHub Container registry | |
| uses: redhat-actions/podman-login@v1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build runtime container image | |
| id: build-runtime | |
| uses: redhat-actions/buildah-build@v2 | |
| with: | |
| context: ./containers | |
| image: ${{ env.IMAGE_NAME }} | |
| tags: ${{ env.ESMINI_VERSION }}-runtime ${{ env.ESMINI_VERSION }}-runtime-${{ env.PODMAN_ARCH }} | |
| layers: true | |
| oci: true | |
| build-args: | | |
| ESMINI_IMAGE_NAME=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| ESMINI_VERSION=${{ env.ESMINI_VERSION }} | |
| extra-args: | | |
| --target esmini-runtime | |
| containerfiles: | | |
| ./containers/esmini-runtime/Dockerfile | |
| - name: Push to GitHub Container Repository | |
| if: github.ref == 'refs/heads/multiarch-image' | |
| id: push-runtime-ghcr | |
| uses: redhat-actions/push-to-registry@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| image: ${{ steps.build-runtime.outputs.image }} | |
| tags: ${{ steps.build-runtime.outputs.tags }} | |
| digestfile: ${{ runner.temp }}/digest-esmini-runtime-${{ env.PLATFORM }} | |
| - name: Upload digests | |
| if: github.ref == 'refs/heads/multiarch-image' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digest-esmini-${{ env.ESMINI_VERSION }}-${{ env.PLATFORM }} | |
| path: ${{ runner.temp }}/digest-* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| compression-level: 0 # no compression | |
| buildah-merge: | |
| name: Merge container images | |
| runs-on: ubuntu-24.04 | |
| needs: buildah-build | |
| if: github.ref == 'refs/heads/multiarch-image' | |
| steps: | |
| # - run: mkdir -p $TMPDIR | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: ${{ runner.temp }}/digests | |
| pattern: digest-* | |
| merge-multiple: true | |
| - name: Log in to the GitHub Container registry | |
| uses: redhat-actions/podman-login@v1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get the latest version | |
| run: echo "ESMINI_LATEST_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV | |
| - name: Create and push manifest list for esmini-builder | |
| run: | | |
| MANIFEST=esmini-runtime | |
| FULL_IMAGE_NAME=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| buildah manifest create $MANIFEST | |
| for digest in ${{ runner.temp }}/digests/digest-esmini-runtime-*; do | |
| echo "Adding $(cat $digest)" | |
| buildah manifest add $MANIFEST $FULL_IMAGE_NAME@$(cat $digest) | |
| done | |
| buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:${{ env.ESMINI_VERSION }}-runtime | |
| if [ "${{ env.ESMINI_VERSION }}" == "${{ env.ESMINI_LATEST_VERSION }}" ]; then | |
| buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:latest-runtime | |
| buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:latest | |
| fi |