name: bin-image concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true on: workflow_dispatch: push: branches: - 'master' - '[0-9]+.[0-9]+' tags: - 'v*' pull_request: env: MOBYBIN_REPO_SLUG: moby/moby-bin DOCKER_GITCOMMIT: ${{ github.sha }} VERSION: ${{ github.ref }} PLATFORM: Moby Engine - Nightly PRODUCT: moby-bin PACKAGER_NAME: The Moby Project jobs: validate-dco: uses: ./.github/workflows/.dco.yml prepare: runs-on: ubuntu-20.04 outputs: platforms: ${{ steps.platforms.outputs.matrix }} steps: - name: Checkout uses: actions/checkout@v3 - name: Docker meta id: meta uses: docker/metadata-action@v4 with: images: | ${{ env.MOBYBIN_REPO_SLUG }} ### versioning strategy ## push semver tag v23.0.0 # moby/moby-bin:23.0.0 # moby/moby-bin:latest ## push semver prelease tag v23.0.0-beta.1 # moby/moby-bin:23.0.0-beta.1 ## push on master # moby/moby-bin:master ## push on 23.0 branch # moby/moby-bin:23.0 ## any push # moby/moby-bin:sha-ad132f5 tags: | type=semver,pattern={{version}} type=ref,event=branch type=ref,event=pr type=sha - name: Rename meta bake definition file run: | mv "${{ steps.meta.outputs.bake-file }}" "/tmp/bake-meta.json" - name: Upload meta bake definition uses: actions/upload-artifact@v3 with: name: bake-meta path: /tmp/bake-meta.json if-no-files-found: error retention-days: 1 - name: Create platforms matrix id: platforms run: | echo "matrix=$(docker buildx bake bin-image-cross --print | jq -cr '.target."bin-image-cross".platforms')" >>${GITHUB_OUTPUT} build: runs-on: ubuntu-20.04 needs: - validate-dco - prepare strategy: fail-fast: false matrix: platform: ${{ fromJson(needs.prepare.outputs.platforms) }} steps: - name: Checkout uses: actions/checkout@v3 with: fetch-depth: 0 - name: Download meta bake definition uses: actions/download-artifact@v3 with: name: bake-meta path: /tmp - name: Set up QEMU uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub if: github.event_name != 'pull_request' && github.repository == 'moby/moby' uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_MOBYBIN_USERNAME }} password: ${{ secrets.DOCKERHUB_MOBYBIN_TOKEN }} - name: Build id: bake uses: docker/bake-action@v3 with: files: | ./docker-bake.hcl /tmp/bake-meta.json targets: bin-image set: | *.platform=${{ matrix.platform }} *.output=type=image,name=${{ env.MOBYBIN_REPO_SLUG }},push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' && github.repository == 'moby/moby' }} *.tags= - name: Export digest if: github.event_name != 'pull_request' && github.repository == 'moby/moby' run: | mkdir -p /tmp/digests digest="${{ fromJSON(steps.bake.outputs.metadata)['bin-image']['containerimage.digest'] }}" touch "/tmp/digests/${digest#sha256:}" - name: Upload digest if: github.event_name != 'pull_request' && github.repository == 'moby/moby' uses: actions/upload-artifact@v3 with: name: digests path: /tmp/digests/* if-no-files-found: error retention-days: 1 merge: runs-on: ubuntu-20.04 if: github.event_name != 'pull_request' && github.repository == 'moby/moby' needs: - build steps: - name: Download meta bake definition uses: actions/download-artifact@v3 with: name: bake-meta path: /tmp - name: Download digests uses: actions/download-artifact@v3 with: name: digests path: /tmp/digests - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Login to Docker Hub uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_MOBYBIN_USERNAME }} password: ${{ secrets.DOCKERHUB_MOBYBIN_TOKEN }} - name: Create manifest list and push working-directory: /tmp/digests run: | set -x docker buildx imagetools create $(jq -cr '.target."docker-metadata-action".tags | map("-t " + .) | join(" ")' /tmp/bake-meta.json) \ $(printf '${{ env.MOBYBIN_REPO_SLUG }}@sha256:%s ' *) - name: Inspect image run: | set -x docker buildx imagetools inspect ${{ env.MOBYBIN_REPO_SLUG }}:$(jq -cr '.target."docker-metadata-action".args.DOCKER_META_VERSION' /tmp/bake-meta.json)