AlmaLinux 8 and 9, Container/Docker Images builder and uploader #271
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: AlmaLinux 8 and 9, Container/Docker Images builder and uploader | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| major_version: | |
| description: 'AlmaLinux major version' | |
| required: true | |
| default: '9' | |
| type: choice | |
| options: | |
| - 10 | |
| - 9 | |
| - 8 | |
| platform: | |
| description: 'Comma-separated list of platforms: linux/amd64, linux/ppc64le, linux/s390x, linux/arm64' | |
| required: true | |
| default: 'linux/amd64, linux/arm64' | |
| image_types: | |
| description: 'Comma-separated list of image types (put each type in quotes): "default", "minimal", "micro", "base", "init"' | |
| required: true | |
| default: '"micro"' | |
| # registry: | |
| # description: 'Registry to push' | |
| # required: true | |
| # default: 'docker.io/ykohut' | |
| # type: choice | |
| # options: | |
| # - docker.io/ykohut | |
| # - quay.io/ykohut | |
| # - ghcr.io/yuravk | |
| registry: | |
| description: 'Comma-separated list of registries: docker.io/ykohut, quay.io/ykohut, ghcr.io/yuravk' | |
| required: true | |
| default: 'docker.io/ykohut, quay.io/ykohut, ghcr.io/yuravk' | |
| push: | |
| description: 'Push to registries' | |
| required: true | |
| type: boolean | |
| pr: | |
| description: 'Create PR to Docker official' | |
| required: true | |
| type: boolean | |
| env: | |
| # VERSION_MINOR: ${{ inputs.major_version == '9' && '3' || '9' }} | |
| REGISTRY_IMAGE: ykohut/almalinux | |
| ACTIONS_STEP_DEBUG: true | |
| jobs: | |
| build: | |
| name: "Build ${{ inputs.major_version }} ${{ matrix.image_types }} for ${{ inputs.platform }} and push to all registries" | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| # platform: ${{ fromJSON(format('[{0}]', inputs.platform || '"linux/amd64", "linux/ppc64le", "linux/s390x", "linux/arm64"')) }} | |
| # - linux/amd64 | |
| # - linux/ppc64le | |
| # - linux/s390x | |
| # - linux/arm64 | |
| image_types: ${{ fromJSON(format('[{0}]', inputs.image_types || '"default", "minimal", "micro", "base", "init"')) }} | |
| # - default | |
| # - minimal | |
| # - micro | |
| # - base | |
| # - init | |
| steps: | |
| - | |
| name: "Set environment variables" | |
| run: | | |
| platform="$( echo '${{ inputs.platform }}' | sed 's/\//_/g' )" | |
| echo "PLATFORM_PAIR=${platform//,/}" >> $GITHUB_ENV | |
| - | |
| name: "Prepare version minor number" | |
| run: | | |
| # set minor version | |
| case ${{ inputs.major_version }} in | |
| 8) | |
| VERSION_MINOR="9" ;; | |
| 9) | |
| VERSION_MINOR="3" ;; | |
| 10) | |
| VERSION_MINOR="0" ;; | |
| esac | |
| echo "VERSION_MINOR=${VERSION_MINOR}" >> $GITHUB_ENV | |
| - | |
| name: "Prepare date stamp" | |
| run: | | |
| # date stamp | |
| STAMP=$(date '+%Y%m%d') | |
| echo "STAMP=${STAMP}" >> $GITHUB_ENV | |
| - | |
| name: "Prepare image names" | |
| run: | | |
| # list of registries to push to | |
| REGISTRIES="${{ inputs.registry }}" | |
| IMAGE_NAMES= | |
| # generate image names in format $REGISTRY/almalinux or $REGISTRY/${{ inputs.major_version }}-${{ matrix.image_types }} | |
| # image names are used by docker/metadata-action to set 'images' | |
| for REGISTRY in ${REGISTRIES//,/ }; do | |
| # 'default' images goes to $REGISTRY/almalinux | |
| [ "${{ matrix.image_types }}" = "default" ] \ | |
| && IMAGE_NAME="$REGISTRY/almalinux" \ | |
| || IMAGE_NAME="$REGISTRY/${{ inputs.major_version }}-${{ matrix.image_types }}" | |
| IMAGE_NAMES="${IMAGE_NAMES} ${IMAGE_NAME}" | |
| unset IMAGE_NAME | |
| done | |
| # remove space at the beginning of string | |
| IMAGE_NAMES=${IMAGE_NAMES# } | |
| # separate with comma instead of space and export to the action | |
| echo "IMAGE_NAMES=${IMAGE_NAMES// /,}" >> $GITHUB_ENV | |
| echo | |
| echo $IMAGE_NAMES | |
| # - | |
| # name: "Prepare tags" | |
| # run: | | |
| # # list of repositories to push | |
| # REPOS=$( echo '${{ inputs.image_types }}' | tr -d '"') | |
| # # list of registries to push to | |
| # REGISTRIES="${{ inputs.registry }}" | |
| # TAGS= | |
| # # generate tags list in format $REGISTRY/${{ inputs.major_version }}-${REPO}:$TAG | |
| # for REPO in ${REPOS//,/ }; do | |
| # for REGISTRY in ${REGISTRIES//,/ }; do | |
| # case ${{ matrix.image_types }} in | |
| # default ) | |
| # # tags: MAJOR, MAJOR.MINOR | |
| # TAGS="${TAGS} $REGISTRY/${{ inputs.major_version }}-${REPO}:${{ inputs.major_version }} $REGISTRY/${{ inputs.major_version }}-${REPO}:${{ inputs.major_version }}.${VERSION_MINOR}" | |
| # # tags: MAJOR.MINOR-STAMP | |
| # TAGS="${TAGS} $REGISTRY/${{ inputs.major_version }}-${REPO}:${{ inputs.major_version }}.${VERSION_MINOR}-${STAMP}" | |
| # # tags: latest | |
| # [ "${{ inputs.major_version }}" = "9" ] && TAGS="${TAGS} $REGISTRY/${{ inputs.major_version }}-${REPO}:latest" | |
| # ;; | |
| # * ) | |
| # # tags: MAJOR-TYPE, MAJOR.MINOR-TYPE | |
| # TAGS="${TAGS} $REGISTRY/${{ inputs.major_version }}-${REPO}:${{ inputs.major_version }}-${{ matrix.image_types }} $REGISTRY/${{ inputs.major_version }}-${REPO}:${{ inputs.major_version }}.${VERSION_MINOR}-${{ matrix.image_types }}" | |
| # # tags: MAJOR.MINOR-TYPE-STAMP | |
| # TAGS="${TAGS} $REGISTRY/${{ inputs.major_version }}-${REPO}:${{ inputs.major_version }}.${VERSION_MINOR}-${{ matrix.image_types }}-${STAMP}" | |
| # ;; | |
| # esac | |
| # done | |
| # done | |
| # # remove space at the beginning of string | |
| # TAGS=${TAGS# } | |
| # # separate with comma instead of space and export to the action | |
| # echo "TAGS=${TAGS// /,}" >> $GITHUB_ENV | |
| # echo | |
| # echo $TAGS | |
| - | |
| name: "Switch into containerd image store" | |
| run: | | |
| # Use containerd image store | |
| sudo sed -i '$s/}/, "features": { "containerd-snapshotter": true } }/' /etc/docker/daemon.json | |
| sudo systemctl restart docker | |
| docker info -f '{{ .DriverStatus }}' | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: official | |
| - | |
| name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - | |
| name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - | |
| name: Login to Docker.io | |
| if: contains(inputs.registry, 'docker.io') && inputs.push | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: docker.io | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - | |
| name: Login to Quay.io | |
| if: contains(inputs.registry, 'quay.io') && inputs.push | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_IO_USERNAME }} | |
| password: ${{ secrets.QUAY_IO_CLI_PASSWORD }} | |
| - | |
| name: Login to Ghcr.io | |
| if: contains(inputs.registry, 'ghcr.io') && inputs.push | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ secrets.GIT_HUB_USERNAME }} | |
| password: ${{ secrets.GIT_HUB_TOKEN }} | |
| - | |
| name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| # list of Docker images to use as base name for tags | |
| images: ${{ env.IMAGE_NAMES }} | |
| # images: ${{ inputs.registry }}/${{ inputs.major_version }}-${{ matrix.image_types }} | |
| # images: | | |
| # docker.io/ykohut/${{ inputs.major_version }}-${{ matrix.image_types }} | |
| # quay.io/ykohut/${{ inputs.major_version }}-${{ matrix.image_types }} | |
| # ghcr.io/yuravk/${{ inputs.major_version }}-${{ matrix.image_types }} | |
| # generate Docker tags | |
| tags: | | |
| type=raw,priority=500,value=latest,enable=${{ matrix.image_types != 'default' || ( matrix.image_types == 'default' && inputs.major_version == '9' ) }} | |
| type=raw,priority=400,value=${{ inputs.major_version }},enable=true | |
| type=raw,priority=300,value=${{ inputs.major_version }}.${{ env.VERSION_MINOR }},enable=true | |
| type=raw,priority=200,value=${{ inputs.major_version }}.${{ env.VERSION_MINOR }}-${{ env.STAMP }},enable=true | |
| # labels: | | |
| # maintainer=Yuriy Kohut <[email protected]> | |
| # org.opencontainers.image.title=${{ inputs.major_version }}-${{ matrix.image_types }} | |
| # org.opencontainers.image.description=Almalinux ${{ inputs.major_version }}.${{ env.VERSION_MINOR }} ${{ matrix.image_types }} images. | |
| # org.opencontainers.image.vendor=AlmaLinux.org | |
| - | |
| name: Build images | |
| # if 'Push to registries' is checked | |
| if: inputs.push | |
| id: build-images | |
| uses: docker/build-push-action@v5 | |
| with: | |
| provenance: false | |
| context: "{{defaultContext}}:dockerfiles/al${{ inputs.major_version }}" | |
| file: ./Dockerfile.${{ matrix.image_types }} | |
| platforms: ${{ inputs.platform }} | |
| push: false | |
| load: true | |
| # tags: ${{ env.TAGS }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| # labels: ${{ steps.meta.outputs.labels }} | |
| - | |
| name: "[Debug] Test images" | |
| # if 'Push to registries' is checked | |
| if: inputs.push | |
| id: test-images | |
| run: | | |
| archs="${{ inputs.platform }}" | |
| for arch in ${archs//,/ }; do | |
| # docker run --platform=${arch} ${{ steps.build-images.outputs.imageid }} /bin/bash -c " \ | |
| docker run --platform=${arch} ${{ steps.build-images.outputs.digest }} /bin/bash -c " \ | |
| uname -m \ | |
| && cat /etc/almalinux-release \ | |
| && ( test "${{ matrix.image_types }}" != "micro" && rpm -q gpg-pubkey) || true " | |
| done | |
| - | |
| name: Push to registry | |
| # if 'Push to registries' is checked | |
| if: inputs.push | |
| id: push-images | |
| uses: docker/build-push-action@v5 | |
| with: | |
| provenance: false | |
| context: "{{defaultContext}}:dockerfiles/al${{ inputs.major_version }}" | |
| file: ./Dockerfile.${{ matrix.image_types }} | |
| platforms: ${{ inputs.platform }} | |
| push: ${{ inputs.push }} | |
| # tags: ${{ env.TAGS }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| # labels: ${{ steps.meta.outputs.labels }} | |
| # Change 'tag: 19000101' in the 'dockerfiles/official/al*/Dockerfile.*' | |
| - | |
| name: "Set tag into dockerfiles/official/al${{ inputs.major_version }}/Dockerfile.${{ matrix.image_types }}" | |
| # if 'Push to registries' is checked and 'default' or 'minimal' image | |
| if: matrix.image_types == 'default' || matrix.image_types == 'minimal' | |
| run: | | |
| case ${{ matrix.image_types }} in | |
| default) | |
| tags="${{ inputs.major_version }}, ${{ inputs.major_version }}.${{ env.VERSION_MINOR }}, ${{ inputs.major_version }}.${{ env.VERSION_MINOR }}-${{ env.STAMP}}" | |
| [ "${{ inputs.major_version }}" = "9" ] && tags="latest, ${tags}" ;; | |
| minimal) | |
| tags="${{ inputs.major_version }}-${{ matrix.image_types }}, ${{ inputs.major_version }}.${{ env.VERSION_MINOR }}-${{ matrix.image_types }}, ${{ inputs.major_version }}.${{ env.VERSION_MINOR }}-${{ matrix.image_types }}-${{ env.STAMP}}" | |
| [ "${{ inputs.major_version }}" = "9" ] && tags="minimal, ${tags}" ;; | |
| *) | |
| esac | |
| # the data for tag in MAJOR.MINOR-TYPE-DATE format | |
| tag="${{ inputs.major_version }}.${{ env.VERSION_MINOR }}-${{ matrix.image_types }}-${{ env.STAMP}}" | |
| # if 'default' image, the data for tag in MAJOR.MINOR-DATE format | |
| [ "${{ matrix.image_types }}" = "default" ] && tag="${{ inputs.major_version }}.${{ env.VERSION_MINOR }}-${{ env.STAMP}}" | |
| sed -i "/^\([[:space:]]*#[[:space:]]*tag: \).*/s//\1${tags}/" dockerfiles/official/al${{ inputs.major_version }}/Dockerfile.${{ matrix.image_types }} | |
| cat dockerfiles/official/al${{ inputs.major_version }}/Dockerfile.${{ matrix.image_types }} | |
| # Upload changed 'dockerfiles/official/al*/Dockerfile.*' | |
| - uses: actions/upload-artifact@v4 | |
| # if 'Push to registries' is checked and 'default' or 'minimal' image | |
| if: matrix.image_types == 'default' || matrix.image_types == 'minimal' | |
| with: | |
| name: dockerfiles-${{ matrix.image_types }} | |
| path: dockerfiles/official/al${{ inputs.major_version }}/Dockerfile.${{ matrix.image_types }} | |
| commit: | |
| name: "Commit official Dockerfile for ${{ inputs.major_version }}" | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: official | |
| # Download uploaded above 'dockerfiles/official/al*/Dockerfile.*' | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| merge-multiple: true | |
| path: dockerfiles/official/al${{ inputs.major_version }} | |
| - | |
| name: "[Debug] Print dockerfiles/official/al${{ inputs.major_version }}/Dockerfile.*" | |
| run: | | |
| cat dockerfiles/official/al${{ inputs.major_version }}/Dockerfile.* | |
| # Commit 'dockerfiles/official/al*/Dockerfile.*' | |
| # TODO: does this run only if files changed ... ? | |
| - | |
| name: "Commit tag for dockerfiles/official/al${{ inputs.major_version }}" | |
| # if 'Push to registries' is checked | |
| # if: inputs.push | |
| uses: EndBug/add-and-commit@v9 | |
| with: | |
| default_author: user_info | |
| new_branch: official | |
| message: "Set '# tag: ${{ env.STAMP }}' for 'dockerfiles/official/al${{ inputs.major_version }}/Dockerfile.*'" | |
| push: false | |
| # push: ${{ inputs.push }} | |
| prepare-manifest: | |
| if: inputs.pr | |
| name: "Prepare manifest for ${{ inputs.major_version }} ${{ matrix.image_types }}" | |
| runs-on: ubuntu-latest | |
| needs: | |
| - commit | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| image_types: ${{ fromJSON(format('[{0}]', inputs.image_types || '"default", "minimal"')) }} | |
| # - default | |
| # - minimal | |
| steps: | |
| - | |
| name: Checkout ${{ github.repository }} | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: official | |
| - | |
| name: Checkout docker-library/official-images | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.actor }}/official-images | |
| path: official-images | |
| - | |
| name: "Check al${{ inputs.major_version }} ${{ matrix.image_types }} needs official build and prepare data for manifest" | |
| run: | | |
| tag=$( grep 'tag:' dockerfiles/official/al${{ inputs.major_version }}/Dockerfile.${{ matrix.image_types }} | sed "s/^[[:space:]]*#[[:space:]]*tag: \(.*\)$/\1/" ) | |
| echo "tag=${tag}" >> $GITHUB_ENV | |
| echo "tag=${tag}" | |
| to_manifest=false | |
| ! grep $tag official-images/library/almalinux >/dev/null && to_manifest=true | |
| echo "to_manifest=${to_manifest}" >> $GITHUB_ENV | |
| echo "to_manifest=${to_manifest}" | |
| commit_hash=$( /usr/bin/git log -1 --format='%H' dockerfiles/official/al${{ inputs.major_version }}/Dockerfile.${{ matrix.image_types }} ) | |
| echo "commit_hash=${commit_hash}" >> $GITHUB_ENV | |
| echo "commit_hash=${commit_hash}" | |
| - | |
| name: "Render manifest for al${{ inputs.major_version }} ${{ matrix.image_types }}" | |
| if: env.to_manifest == 'true' | |
| id: minifest | |
| uses: chuhlomin/render-template@v1 | |
| with: | |
| template: official-manifest.tmpl | |
| result_path: official-images/library/almalinux.${{ inputs.major_version }}.${{ matrix.image_types }} | |
| vars: | | |
| tags: ${{ env.tag }} | |
| commit_hash: ${{ env.commit_hash}} | |
| version_major: ${{ inputs.major_version }} | |
| image_type: ${{ matrix.image_types }} | |
| - | |
| name: "[Debug] Check manifest for al${{ inputs.major_version }} ${{ matrix.image_types }}" | |
| if: env.to_manifest == 'true' | |
| run: | | |
| cat official-images/library/almalinux.${{ inputs.major_version }}.${{ matrix.image_types }} | |
| # Upload changed 'official-images/library/almalinux.*' | |
| - uses: actions/upload-artifact@v4 | |
| if: env.to_manifest == 'true' | |
| with: | |
| name: manifest-${{ matrix.image_types }} | |
| path: official-images/library/almalinux.${{ inputs.major_version }}.${{ matrix.image_types }} | |
| push-pr: | |
| if: inputs.pr | |
| name: "Pull Request for manifest" | |
| runs-on: ubuntu-latest | |
| needs: | |
| - prepare-manifest | |
| steps: | |
| - | |
| name: Checkout docker-library/official-images | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.actor }}/official-images | |
| path: official-images | |
| # Download uploaded above 'official-images/library/almalinux.*' | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| pattern: manifest-* | |
| merge-multiple: true | |
| path: official-images/library/ | |
| - | |
| name: "Create head of official-images/library/almalinux" | |
| run: | | |
| echo "# This file is generated using ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| Maintainers: The AlmaLinux OS Foundation <[email protected]> (@AlmaLinux) | |
| GitRepo: ${{ github.server_url }}/${{ github.repository }}.git" > official-images/library/almalinux | |
| - | |
| name: "Squash manifests into official-images/library/almalinux" | |
| run: | | |
| for file in $( ls -1 official-images/library/almalinux.${{ inputs.major_version }}.* ); do | |
| echo "" >> official-images/library/almalinux | |
| cat $file >> official-images/library/almalinux | |
| done | |
| rm -f official-images/library/almalinux.${{ inputs.major_version }}.* | |
| cat official-images/library/almalinux | |
| - | |
| name: "Prepare time stamp" | |
| run: | | |
| # time stamp | |
| TIME_STAMP=$(date '+%H%M%S') | |
| echo "TIME_STAMP=${TIME_STAMP}" >> $GITHUB_ENV | |
| - | |
| name: "Commit and push official-images/library/almalinux" | |
| uses: EndBug/add-and-commit@v9 | |
| with: | |
| cwd: official-images | |
| default_author: user_info | |
| message: "Almalinux auto-update - ${{ env.TIME_STAMP }}" | |
| push: false | |
| # push: ${{ inputs.pr }} | |
| # - | |
| # name: Create Pull Request | |
| # uses: peter-evans/create-pull-request@v6 | |
| # with: | |
| # path: official-images | |
| # add-paths: library/ | |
| # commit-message: "Almalinux auto-update - ${{ env.TIME_STAMP }}" | |
| # title: "Almalinux auto-update - ${{ env.TIME_STAMP }}" | |
| # body: "This is an auto-generated commit. Any concern or issues, please contact or email AlmaLinux OS Foundation [email protected] (@AlmaLinux)" | |
| # push-to-fork: AlmaLinux/docker-library-official-images | |
| # # push-to-fork: docker-library/official-images | |
| # draft: true | |