build(deps): Bump arm64v8/ruby in /cmd/fluent-watcher/fluentd (#1032) #72
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Building Fluentd image | |
on: | |
push: | |
branches: | |
- 'master' | |
tags: | |
- 'v*' | |
paths: | |
- ".github/workflows/build-fd-image.yaml" | |
- "cmd/fluent-watcher/fluentd/**" | |
- "cmd/fluent-watcher/hooks/**" | |
- "pkg/filenotify/**" | |
env: | |
DOCKER_REPO: 'kubesphere' | |
DOCKER_IMAGE: 'fluentd' | |
GITHUB_IMAGE: '${{ github.repository }}/fluentd' | |
permissions: | |
contents: read | |
packages: write | |
jobs: | |
build-amd64-prod-image-metadata: | |
runs-on: ubuntu-latest | |
name: Build prod image metadata for amd64 | |
outputs: | |
IMG_NAME: ${{ steps.set-outputs.outputs.IMAGE_NAME }} | |
version: ${{ steps.image-metadata.outputs.version }} | |
tags: ${{ steps.image-metadata.outputs.tags }} | |
labels: ${{ steps.image-metadata.outputs.labels }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: docker metadata for amd64 | |
id: image-metadata | |
uses: docker/metadata-action@v5 | |
with: | |
images: "ghcr.io/${{ env.GITHUB_IMAGE }}" | |
flavor: | | |
latest=false | |
suffix=-amd64 | |
tags: | | |
raw,latest | |
type=ref,event=branch | |
type=ref,event=pr | |
type=ref,event=tag | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
- name: Set outputs | |
id: set-outputs | |
run: | | |
echo "IMAGE_NAME=${{ env.GITHUB_IMAGE }}" >> $GITHUB_OUTPUT | |
build-arm64-prod-image-metadata: | |
runs-on: ubuntu-latest | |
name: Build prod image metadata for arm64 | |
outputs: | |
IMG_NAME: ${{ steps.set-outputs.outputs.IMAGE_NAME }} | |
version: ${{ steps.image-metadata.outputs.version }} | |
tags: ${{ steps.image-metadata.outputs.tags }} | |
labels: ${{ steps.image-metadata.outputs.labels }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: docker metadata for arm64 | |
id: image-metadata | |
uses: docker/metadata-action@v5 | |
with: | |
images: "ghcr.io/${{ env.GITHUB_IMAGE }}" | |
flavor: | | |
latest=false | |
suffix=-arm64 | |
tags: | | |
raw,latest | |
type=ref,event=branch | |
type=ref,event=pr | |
type=ref,event=tag | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
- name: Set outputs | |
id: set-outputs | |
run: | | |
echo "IMAGE_NAME=${{ env.GITHUB_IMAGE }}" >> $GITHUB_OUTPUT | |
build-arm64-base-image-metadata: | |
runs-on: ubuntu-latest | |
name: Build prod image metadata for arm64 base image | |
outputs: | |
IMG_NAME: ${{ steps.set-outputs.outputs.IMAGE_NAME }} | |
DOCKER_IMG_NAME: ${{ steps.set-outputs.outputs.DOCKER_IMG_NAME }} | |
version: ${{ steps.image-metadata.outputs.version }} | |
tags: ${{ steps.image-metadata.outputs.tags }} | |
labels: ${{ steps.image-metadata.outputs.labels }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: docker metadata for arm64 base image | |
id: image-metadata | |
uses: docker/metadata-action@v5 | |
with: | |
images: "ghcr.io/${{ env.GITHUB_IMAGE }}" | |
flavor: | | |
latest=false | |
suffix=-arm64-base | |
tags: | | |
raw,latest | |
type=ref,event=branch | |
type=ref,event=pr | |
type=ref,event=tag | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
- name: Set outputs | |
id: set-outputs | |
run: | | |
echo "IMAGE_NAME=${{ env.GITHUB_IMAGE }}" >> $GITHUB_OUTPUT | |
echo "DOCKER_IMG_NAME=${{env.DOCKER_REPO}}/${{ env.DOCKER_IMAGE }}" >> $GITHUB_OUTPUT | |
build-amd64: | |
runs-on: ubuntu-latest | |
needs: build-amd64-prod-image-metadata | |
timeout-minutes: 30 | |
name: Build amd64 Image for Fluentd | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.21 | |
- uses: actions/cache@v3 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build and Push amd64 base Image for Fluentd | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: cmd/fluent-watcher/fluentd/Dockerfile.amd64 | |
push: true | |
platforms: linux/amd64 | |
tags: ${{ needs.build-amd64-prod-image-metadata.outputs.tags }} | |
labels: ${{ needs.build-amd64-prod-image-metadata.outputs.labels }} | |
build-arm64-base: | |
runs-on: ubuntu-latest | |
needs: build-arm64-base-image-metadata | |
timeout-minutes: 90 | |
name: Build arm64 base Image for Fluentd | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.21 | |
- uses: actions/cache@v3 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build and Push arm64 base Image for Fluentd | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: cmd/fluent-watcher/fluentd/Dockerfile.arm64.base | |
push: true | |
platforms: linux/arm64 | |
tags: ${{ needs.build-arm64-base-image-metadata.outputs.tags }} | |
labels: ${{ needs.build-arm64-base-image-metadata.outputs.labels }} | |
release-arm64-base-image-to-docker-hub: | |
if: ${{ github.event_name != 'pull_request' }} | |
name: Release Image to Docker Hub | |
uses: ./.github/workflows/clone-docker-image-action.yaml | |
needs: | |
- build-arm64-base-image-metadata | |
- build-arm64-base | |
with: | |
source_image: "${{ needs.build-arm64-base-image-metadata.outputs.IMG_NAME }}" | |
source_registry: ghcr.io | |
target_image: "${{ needs.build-arm64-base-image-metadata.outputs.DOCKER_IMG_NAME }}" | |
target_registry: docker.io | |
platforms: "['linux/arm64']" | |
is_latest: false | |
suffix: "-arm64-base" | |
secrets: | |
source_registry_username: ${{ github.actor }} | |
source_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
target_registry_username: ${{ secrets.REGISTRY_USER }} | |
target_registry_token: ${{ secrets.REGISTRY_PASSWORD }} | |
build-arm64: | |
runs-on: ubuntu-latest | |
needs: | |
- build-arm64-prod-image-metadata | |
- build-arm64-base-image-metadata | |
- build-arm64-base | |
timeout-minutes: 90 | |
name: Build arm64 Image for Fluentd | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.21 | |
- uses: actions/cache@v3 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build and Push arm64 base Image for Fluentd | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: cmd/fluent-watcher/fluentd/Dockerfile.arm64.quick | |
push: true | |
platforms: linux/arm64 | |
tags: ${{ needs.build-arm64-prod-image-metadata.outputs.tags }} | |
labels: ${{ needs.build-arm64-prod-image-metadata.outputs.labels }} | |
build-args: | | |
BASE_IMAGE_TAG=${{ needs.build-arm64-base-image-metadata.outputs.version }} | |
BASE_IMAGE=ghcr.io/${{needs.build-arm64-base-image-metadata.outputs.IMG_NAME}} | |
prod-image-manifest: | |
needs: | |
- build-amd64-prod-image-metadata | |
- build-arm64-prod-image-metadata | |
- build-amd64 | |
- build-arm64 | |
runs-on: ubuntu-latest | |
name: Create image manifest | |
outputs: | |
IMG_NAME: ${{ steps.set-outputs.outputs.IMAGE_NAME }} | |
DOCKER_IMG_NAME: ${{ steps.set-outputs.outputs.DOCKER_IMG_NAME }} | |
version: ${{ steps.image-metadata.outputs.version }} | |
tags: ${{ steps.image-metadata.outputs.tags }} | |
labels: ${{ steps.image-metadata.outputs.labels }} | |
steps: | |
- uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: docker metadata for manifest | |
id: image-metadata | |
uses: docker/metadata-action@v5 | |
with: | |
images: "ghcr.io/${{ env.GITHUB_IMAGE }}" | |
tags: | | |
raw,latest | |
type=ref,event=branch | |
type=ref,event=pr | |
type=ref,event=tag | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
- name: Set outputs | |
id: set-outputs | |
run: | | |
echo "IMAGE_NAME=${{ env.GITHUB_IMAGE }}" >> $GITHUB_OUTPUT | |
echo "DOCKER_IMG_NAME=${{env.DOCKER_REPO}}/${{ env.DOCKER_IMAGE }}" >> $GITHUB_OUTPUT | |
- name: Create image manifest | |
uses: int128/docker-manifest-create-action@v2 | |
with: | |
push: true | |
tags: ${{ steps.image-metadata.outputs.tags }} | |
sources: | | |
ghcr.io/${{ needs.build-amd64-prod-image-metadata.outputs.IMG_NAME }}:${{ needs.build-amd64-prod-image-metadata.outputs.version }} | |
ghcr.io/${{ needs.build-arm64-prod-image-metadata.outputs.IMG_NAME }}:${{ needs.build-arm64-prod-image-metadata.outputs.version }} | |
scan-image: | |
needs: | |
- prod-image-manifest | |
name: Scan Fluentd Image | |
uses: ./.github/workflows/scan-docker-image-action.yaml | |
with: | |
source_image: "${{ needs.prod-image-manifest.outputs.IMG_NAME }}:${{ needs.prod-image-manifest.outputs.version }}" | |
source_registry: ghcr.io | |
platforms: "['linux/arm64', 'linux/amd64']" | |
secrets: | |
registry_username: ${{ github.actor }} | |
registry_password: ${{ secrets.GITHUB_TOKEN }} | |
release-images-to-docker-hub: | |
if: ${{ github.event_name != 'pull_request' }} | |
name: Release Image to Docker Hub | |
uses: ./.github/workflows/clone-docker-image-action.yaml | |
needs: | |
- prod-image-manifest | |
- scan-image | |
with: | |
source_image: "${{ needs.prod-image-manifest.outputs.IMG_NAME }}" | |
source_registry: ghcr.io | |
target_image: "${{ needs.prod-image-manifest.outputs.DOCKER_IMG_NAME }}" | |
target_registry: docker.io | |
platforms: "['linux/arm64', 'linux/amd64']" | |
is_latest: true | |
secrets: | |
source_registry_username: ${{ github.actor }} | |
source_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
target_registry_username: ${{ secrets.REGISTRY_USER }} | |
target_registry_token: ${{ secrets.REGISTRY_PASSWORD }} |