Skip to content

Commit

Permalink
ci: add push multi arch
Browse files Browse the repository at this point in the history
  • Loading branch information
0xawaz committed Nov 29, 2024
1 parent 829b976 commit 2e43851
Showing 1 changed file with 28 additions and 39 deletions.
67 changes: 28 additions & 39 deletions .github/workflows/common-docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -71,9 +71,7 @@ jobs:
push: false
provenance: false
outputs: type=docker #, dest=docker-${{ inputs.image-name }}-oci-tar-${{ needs.setup.outputs.docker_tag_image }}-amd
tags: |
ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}
ghcr.io/zama-ai/${{ inputs.image-name }}:latest
tags: ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}-amd64
cache-from: ${{ inputs.cache-from }}
cache-to: ${{ inputs.cache-to }}

Expand All @@ -83,7 +81,7 @@ jobs:
scan-type: image
scanners: vuln,secret
# input: _tmp/docker-${{ inputs.image-name }}-oci-tar-${{ needs.setup.outputs.docker_tag_image }}-amd
image-ref: 'ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}'
image-ref: 'ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}-amd64'
format: table
hide-progress: true
env:
Expand Down Expand Up @@ -130,7 +128,7 @@ jobs:
provenance: false
outputs: type=docker #, dest=docker-${{ inputs.image-name }}-oci-tar-${{ needs.setup.outputs.docker_tag_image }}-arm
tags: |
ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}
ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}-arm64
ghcr.io/zama-ai/${{ inputs.image-name }}:latest
cache-from: ${{ inputs.cache-from }}
cache-to: ${{ inputs.cache-to }}
Expand All @@ -140,44 +138,35 @@ jobs:
with:
scan-type: image
scanners: vuln,secret
# input: _tmp/docker-${{ inputs.image-name }}-oci-tar-${{ needs.setup.outputs.docker_tag_image }}-arm
image-ref: 'ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}'
image-ref: 'ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}-arm64'
format: table
hide-progress: true
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1

push-combined:
needs: [setup, build-amd64, build-arm64]
runs-on: ${{ inputs.runs_on }}
steps:
- name: Checkout Project
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 ## v3

- name: Login to GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.BLOCKCHAIN_ACTIONS_TOKEN }}
push-multi-arch:
needs: [setup, build-amd64, build-arm64]
runs-on: ${{ inputs.runs_on }}
steps:
- name: Login to GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.BLOCKCHAIN_ACTIONS_TOKEN }}

- name: Docker Push
if: ${{ inputs.push_image }}
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
with:
context: .
platforms: linux/amd64,linux/arm64
build-args: |
BLOCKCHAIN_ACTIONS_TOKEN=${{ secrets.BLOCKCHAIN_ACTIONS_TOKEN }}
file: ${{ inputs.working-directory }}/${{ inputs.docker-file }}
push: true
provenance: false
tags: |
ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}
ghcr.io/zama-ai/${{ inputs.image-name }}:latest
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Create and push multi-arch manifest
run: |
docker manifest create \
ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }} \
ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}-amd64 \
ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}-arm64
docker manifest create \
ghcr.io/zama-ai/${{ inputs.image-name }}:latest \
ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.build-amd64.outputs.image_tag }}-amd64 \
ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.build-amd64.outputs.image_tag }}-arm64
docker manifest push ghcr.io/zama-ai/${{ inputs.image-name }}:${{ needs.setup.outputs.docker_tag_image }}
docker manifest push ghcr.io/zama-ai/${{ inputs.image-name }}:latest

0 comments on commit 2e43851

Please sign in to comment.