From 9dc747570bd887dc2c038043aa069bdcc7ac90df Mon Sep 17 00:00:00 2001 From: Matthias Wolf Date: Wed, 4 Dec 2024 17:16:54 +0100 Subject: [PATCH] Make things more complicated for GHCR --- .github/actions/build_container/action.yaml | 7 +++++++ .github/workflows/spacktainer.yaml | 12 +++++++++--- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/.github/actions/build_container/action.yaml b/.github/actions/build_container/action.yaml index 6c6cce2..999aca9 100644 --- a/.github/actions/build_container/action.yaml +++ b/.github/actions/build_container/action.yaml @@ -27,6 +27,12 @@ inputs: DOCKERHUB_PASSWORD: description: Password for Dockerhub authentication required: true + GHCR_USER: + description: Username for GHCR authentication + required: true + GHCR_TOKEN: + description: Token for GHCR authentication + required: true SPACK_DEPLOYMENT_KEY_PUB: description: Public key for spack deployments required: true @@ -50,6 +56,7 @@ runs: echo "${{ inputs.SPACK_DEPLOYMENT_KEY_PRIVATE }}" > ${{ inputs.BUILD_PATH }}/key aws ecr get-login-password --region us-east-1 | buildah login --username AWS --password-stdin ${{ inputs.AWS_ECR_URL }} buildah login --username ${{ inputs.DOCKERHUB_USER }} --password ${{ inputs.DOCKERHUB_PASSWORD }} docker.io + buildah login --username ${{ inputs.GHCR_USER }} --password ${{ inputs.GHCR_TOKEN }} ghcr.io # This is written like that in case $BUILDAH_EXTRA_ARGS has args that require spaces, # which is tricky with shell variable expansion. Similar to Kaniko, see also: # https://github.com/GoogleContainerTools/kaniko/issues/1803 diff --git a/.github/workflows/spacktainer.yaml b/.github/workflows/spacktainer.yaml index 350ef2c..5aa96cd 100644 --- a/.github/workflows/spacktainer.yaml +++ b/.github/workflows/spacktainer.yaml @@ -16,7 +16,9 @@ jobs: AWS_ECR_PATH: /spacktainers/builder AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_ECR_SECRET_ACCESS_KEY }} - GHCR_PATH: /BlueBrain/spack-builder + GHCR_USER: ${{ secrets.GHCR_USER }} + GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }} + GHCR_PATH: /bluebrain/spack-builder BUILD_PATH: builder BUILDAH_EXTRA_ARGS: --label org.opencontainers.image.revision="$GITHUB_SHA" --label org.opencontainers.image.authors="$GITHUB_TRIGGERING_ACTOR" --label @@ -44,7 +46,9 @@ jobs: AWS_ECR_PATH: /spacktainers/runtime AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_ECR_SECRET_ACCESS_KEY }} - GHCR_PATH: /BlueBrain/spack-runtime + GHCR_USER: ${{ secrets.GHCR_USER }} + GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }} + GHCR_PATH: /bluebrain/spack-runtime BUILD_PATH: runtime BUILDAH_EXTRA_ARGS: --label org.opencontainers.image.revision="$GITHUB_SHA" --label org.opencontainers.image.authors="$GITHUB_TRIGGERING_ACTOR" --label @@ -97,7 +101,9 @@ jobs: AWS_ECR_PATH: /spacktainers/${{ matrix.spacktainer }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_ECR_SECRET_ACCESS_KEY }} - GHCR_PATH: /BlueBrain/spack-${{ matrix.spacktainer }} + GHCR_USER: ${{ secrets.GHCR_USER }} + GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }} + GHCR_PATH: /bluebrain/spack-${{ matrix.spacktainer }} BUILD_PATH: container_definitions/amd64/${{ matrix.spacktainer }} BUILDAH_EXTRA_ARGS: --label org.opencontainers.image.revision="$GITHUB_SHA" --label org.opencontainers.image.authors="$GITHUB_TRIGGERING_ACTOR" --label