-
Notifications
You must be signed in to change notification settings - Fork 2
268 lines (252 loc) · 10.4 KB
/
buildx-platform.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
name: Docker Multiplatform Build ci
on:
push:
branches:
- 'master'
- 'develop'
- 'feature/php_versions'
# no concurrency, cancel previous running workflow
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
initStep:
runs-on: ubuntu-latest
steps:
- name: Remove old artifacts
# https://github.com/marketplace/actions/remove-artifacts
uses: c-hive/gha-remove-artifacts@v1
with:
age: '10 seconds'
-
name: Checkout
uses: actions/[email protected]
- name: Docker Lint
# https://github.com/marketplace/actions/hadolint-action
uses: hadolint/[email protected]
with:
dockerfile: build/Dockerfile
no-fail: true
verbose: true
jbuild:
# https://docs.docker.com/build/ci/github-actions/multi-platform/
# distributebuild across multiple runners
# This step build the same image on different runners / platforms
runs-on: ubuntu-latest
needs: initStep
strategy:
fail-fast: false
matrix:
debian: [bullseye, bookworm]
php: [7.3, 8.2]
# linux/amd64,linux/amd64/v2,linux/amd64/v3,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/mips64le,linux/mips64,linux/arm/v7,linux/arm/v6
platform: [amd64, arm64, arm/v6, arm/v7]
# jeedom: ["V4-stable", "beta"]
target: ["light", "full"]
xdebug: [true, false]
exclude:
- debian: bullseye
php: 8.2
- debian: bookworm
php: 7.3
env:
REGISTRY_IMAGE: pifou25/jeedom
TAG_NAME: ${{ matrix.debian }}-${{ matrix.php }}${{ matrix.target == 'light' && '-light' || '' }}${{ matrix.xdebug && '-debug' || '' }}${{ github.ref_name != 'master' && '-dev' || '' }}
TAG_LATEST_ENABLED: ${{ (matrix.debian == 'bullseye' && matrix.target == 'full' && matrix.target == 'full' && matrix.xdebug == 'false' && github.ref_name == 'master') }}
steps:
-
name: Prepare ${{ env.TAG_NAME }}:${{ matrix.platform }}
# replace / by - in platform value
run: |
platform=linux/${{ matrix.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-
name: Checkout
uses: actions/[email protected]
-
name: Docker meta
id: meta
# https://github.com/marketplace/actions/docker-metadata-action
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
${{ env.REGISTRY_IMAGE }}
ghcr.io/${{ env.REGISTRY_IMAGE }}
# generate Docker tags based on the following events/attributes
tags: |
type=raw,value=${{ env.TAG_NAME }}
# set latest tag for default branch
type=raw,value=latest,enable=${{ env.TAG_LATEST_ENABLED }}
# label chadburn for the "cron" container
labels: |
chadburn.enabled=true
chadburn.job-exec.jeedom-cron.schedule=@every 1m
chadburn.job-exec.jeedom-cron.command=/usr/local/bin/php /var/www/html/core/php/jeeCron.php >> /var/www/html/log/cron.log 2>&1
-
name: Set up QEMU
# https://github.com/marketplace/actions/docker-setup-qemu
# set up more platforms (default = all)
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
id: buildx
# https://github.com/marketplace/actions/docker-setup-buildx
# set up a multi-platform builder for Docker containers
uses: docker/setup-buildx-action@v3
-
name: Login to DockerHub
# https://github.com/marketplace/actions/docker-login
# login to DockerHub with secrets login & token
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Cache Docker layers
# https://github.com/marketplace/actions/cache
# this action allows caching dependancies and build output
uses: actions/cache@v4
id: cache
with:
path: /tmp/.buildx-cache
key: buildx-${{ runner.os }}-${{ matrix.platform }}
restore-keys: |
buildx-${{ runner.os }}-${{ matrix.platform }}
buildx-${{ runner.os }}
-
name: build ${{ env.TAG_NAME }}:${{ matrix.platform }}
# id required for next step that check success
id: buildJeedom
# https://github.com/marketplace/actions/build-and-push-docker-images
uses: docker/build-push-action@v5
# do every matrix combination, don't stop on errors
continue-on-error: true
with:
context: build
labels: ${{ steps.meta.outputs.labels }}
target: ${{ matrix.target }}_jeedom
build-args: |
DEBIAN=${{ matrix.debian }}
PHP=${{ matrix.php }}
JEEDOM_REPO=pifou25/jeedom-core
JEEDOM_VERSION=master_php${{ matrix.php }}
XDEBUG=${{ matrix.xdebug }}
platforms: linux/${{ matrix.platform }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
# tags: ${{ env.REGISTRY_IMAGE }}:${{ env.TAG_NAME }}
- name: Check on failures ${{ env.TAG_NAME }}:${{ matrix.platform }}
if: steps.buildJeedom.outcome != 'success'
# some debug information in case of error
run: |
echo "${{ matrix.debian }} PHP${{ matrix.php }} ${{ matrix.target }} branch master_php${{ matrix.php }} debug ${{ matrix.xdebug }} has Errors! 🚀" >> $GITHUB_STEP_SUMMARY
echo "Cache: buildx-${{ runner.os }}-${{ matrix.platform }}-${{ matrix.debian }} hit? ${{ steps.cache.outputs.cache-hit }}"
echo "Labels: ${{ steps.meta.outputs.labels }}" >> $GITHUB_STEP_SUMMARY
-
name: Export digest ${{ env.TAG_NAME }}:${{ matrix.platform }}
# export the digest file name into env var named DIGEST-${TAG_NAME} for next step
if: steps.buildJeedom.outcome == 'success'
run: |
mkdir -p /tmp/digests
digest="${{ steps.buildJeedom.outputs.digest }}"
echo "DIGEST=${digest#sha256:}" >> $GITHUB_ENV
touch "/tmp/digests/${digest#sha256:}"
-
name: Upload digest ${{ env.TAG_NAME }}:${{ matrix.platform }}
if: steps.buildJeedom.outcome == 'success'
uses: actions/upload-artifact@v4
with:
# env.PLATFORM_PAIR from step 1
# get DIGEST-${TAG_NAME} env variable from previous step
name: digests-${{ env.TAG_NAME }}-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/${{ env.DIGEST }}
if-no-files-found: error
retention-days: 1
merge:
# https://docs.docker.com/build/ci/github-actions/multi-platform/
# merge previous builds from different runners &platforms into one common docker image
runs-on: ubuntu-latest
needs:
- jbuild
# same matrix as previous step except the platform
strategy:
fail-fast: false
# limit to avoid error HTTP 409: too many requests
max-parallel: 2
matrix:
debian: [buster, bullseye, bookworm]
php: [7.3, 8.0, 8.2]
# jeedom: ["V4-stable", "beta"]
target: ["light", "full"]
xdebug: [true, false]
exclude:
- debian: bullseye
php: 8.2
- debian: bookworm
php: 7.3
env:
REGISTRY_IMAGE: pifou25/jeedom
TAG_NAME: ${{ matrix.debian }}-${{ matrix.php }}${{ matrix.target == 'light' && '-light' || '' }}${{ matrix.xdebug && '-debug' || '' }}${{ github.ref_name != 'master' && '-dev' || '' }}
GHCR_NAME: ghcr.io/${{ secrets.DOCKER_USER }}/jeedom
TAG_LATEST_ENABLED: ${{ (matrix.debian == 'bullseye' && matrix.target == 'full' && matrix.target == 'full' && matrix.xdebug == 'false' && github.ref_name == 'master') }}
steps:
-
name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-${{ env.TAG_NAME }}-*
merge-multiple: true
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Docker meta
id: meta
# https://github.com/marketplace/actions/docker-metadata-action
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
${{ env.REGISTRY_IMAGE }}
ghcr.io/${{ env.REGISTRY_IMAGE }}
# generate Docker tags based on the following events/attributes
tags: |
type=raw,value=${{ env.TAG_NAME }}
# set latest tag for default branch
type=raw,value=latest,enable=${{ env.TAG_LATEST_ENABLED }}
# label chadburn for the "cron" container
labels: |
chadburn.enabled=true
chadburn.job-exec.jeedom-cron.schedule=@every 1m
chadburn.job-exec.jeedom-cron.command=/usr/local/bin/php /var/www/html/core/php/jeeCron.php >> /var/www/html/log/cron.log 2>&1
-
name: Login to DockerHub
# https://github.com/marketplace/actions/docker-login
# login to DockerHub with secrets login & token
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
-
name: Login to GitHub Container Registry
# push to multi-registry
# https://docs.docker.com/build/ci/github-actions/push-multi-registries/
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR_SECRET }}
-
name: Create manifest list and push ${{ env.TAG_NAME }}
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
-
name: Inspect image ${{ env.TAG_NAME }}
# inspect and add a minute sleep to avoid HTTP 429 error (too many requests...)
run: |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}
sleep 1m