-
Notifications
You must be signed in to change notification settings - Fork 0
130 lines (111 loc) · 3.82 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: Build and push image
on:
push:
branches: ["main", "renovate/*"]
pull_request:
branches: ["main"]
env:
# Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup S3 bucket
run: docker run -d -e MINIO_DEFAULT_BUCKETS=producer -p 9000:9000 bitnami/minio:latest
- name: Run tests
run: go test ./server
env:
PRODUCER_S3_ENDPOINT: localhost:9000
PRODUCER_S3_KEYID: minio
PRODUCER_S3_SECRET: miniosecret
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
config:
- GOOS: linux
GOARCH: amd64
platform: linux/amd64
- GOOS: linux
GOARCH: arm64
platform: linux/arm64
- GOOS: linux
GOARCH: riscv64
platform: linux/riscv64
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Build producer
run: GOOS=${{ matrix.config.GOOS }} GOARCH=${{ matrix.config.GOARCH }} ci/build.sh producer
- name: Docker Metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.IMAGE_NAME }}
tags: |
type=sha
type=ref,event=branch
type=ref,event=pr
type=ref,event=tag
type=schedule
- name: Build image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
platforms: ${{ matrix.config.platform }}
image: ${{ env.IMAGE_NAME }}
tags: ${{ github.sha }}-${{ matrix.config.arch }}
labels: ${{ steps.meta.outputs.labels }}
containerfiles: ci/ContainerFile
- name: Push image
id: push-image
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
push_manifest:
needs: [build, test]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- uses: actions/checkout@v4
- name: Podman login
uses: redhat-actions/podman-login@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: create and push manifest for supported platforms
run: |
image_base_raw=${{ env.IMAGE_NAME }}
image_base=${image_base_raw@L}
image_base_sha=${image_base_raw@L}:${{ github.sha }}
podman manifest create $image_base
podman pull ${{ env.REGISTRY }}/$image_base_sha-x86_64
podman pull ${{ env.REGISTRY }}/$image_base_sha-aarch64
podman pull ${{ env.REGISTRY }}/$image_base_sha-riscv64
podman manifest add $image_base ${{ env.REGISTRY }}/$image_base_sha-x86_64
podman manifest add $image_base ${{ env.REGISTRY }}/$image_base_sha-aarch64
podman manifest add $image_base ${{ env.REGISTRY }}/$image_base_sha-riscv64
podman manifest push $image_base ${{ env.REGISTRY }}/$image_base_sha
- name: push branch manifest
if: github.ref == 'refs/heads/main'
run: |
image_base_raw=${{ env.IMAGE_NAME }}
image_base=${image_base_raw@L}
podman manifest push $image_base ${{ env.REGISTRY }}/$image_base:${{ github.ref_name }}