-
-
Notifications
You must be signed in to change notification settings - Fork 3
223 lines (198 loc) · 8.58 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
name: Build amd64 and arm64
on:
workflow_dispatch:
inputs:
RELEASE:
description: 'AlmaLinux release'
required: true
default: '9'
type: choice
options:
- 10-kitten
- 10
- 9
schedule:
# run every day at 03:00 UTC
- cron: '00 03 * * *'
env:
LATEST_MAJOR: 9
IMAGE_NAME: almalinux-bootc
VERSIONS_LIST: '"9", "10-kitten", "10"'
jobs:
set-versions-matrix:
name: Set versions matrix
runs-on: ubuntu-24.04
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
date_stamp: ${{ steps.date-stamp.outputs.date_stamp }}
steps:
- name: Set matrix
id: set-matrix
run: |
# Format json for versions matrix
case ${{ github.event_name }} in
workflow_dispatch)
echo "matrix=$(jq -c <<< '["${{ inputs.RELEASE }}"]')" >> $GITHUB_OUTPUT
;;
schedule)
echo "matrix=$(jq -c <<< '[${{ env.VERSIONS_LIST }}]')" >> $GITHUB_OUTPUT
;;
esac
- name: Date stamp
id: date-stamp
run: |
# date stamp
date_stamp=$(date -u '+%Y%m%d')
[ "x${date_stamp}" != "x" ] && echo "date_stamp=${date_stamp}" >> "$GITHUB_OUTPUT"
build-amd64:
name: amd64 image
runs-on: ubuntu-24.04
needs: [set-versions-matrix]
strategy:
fail-fast: false
matrix:
VERSION_MAJOR: ${{ fromJSON(needs.set-versions-matrix.outputs.matrix) }}
env:
PLATFORM: linux/amd64
DATE_STAMP: ${{ needs.set-versions-matrix.outputs.date_stamp }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- uses: ./.github/actions/shared-steps
name: Build and Push
with:
VERSION_MAJOR: ${{ matrix.VERSION_MAJOR }}
DATE_STAMP: ${{ env.DATE_STAMP }}
IMAGE_REGISTRY: ${{ secrets.IMAGE_REGISTRY }}
REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
start-arm64-runner:
name: arm64 self-hosted runner
timeout-minutes: 10 # normally it only takes 1-2 minutes
runs-on: ubuntu-24.04
needs: [set-versions-matrix]
strategy:
fail-fast: false
matrix:
VERSION_MAJOR: ${{ fromJSON(needs.set-versions-matrix.outputs.matrix) }}
steps:
- name: Setup and start the runner
id: start-ec2-runner
uses: NextChapterSoftware/[email protected]
with:
github_token: ${{ secrets.GIT_HUB_TOKEN }}
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: ${{ secrets.AWS_REGION }}
ec2_ami_id: ${{ secrets[format('EC2_AMI_ID_AL{0}', ( matrix.VERSION_MAJOR == '10-kitten' && '10_KITTEN' || matrix.VERSION_MAJOR))] }}
ec2_subnet_id: ${{ secrets.EC2_SUBNET_ID}}
ec2_security_group_id: ${{ secrets.EC2_SECURITY_GROUP_ID }}
ec2_instance_type: t4g.medium # 2 vCPU and 4 GiM Memory
ec2_root_disk_size_gb: "16" # override default size which is too small for images
ec2_root_disk_ebs_class: "gp3" # use faster and cheeper storage instead of default 'gp2'
ec2_instance_ttl: 60 # Optional (default is 60 minutes)
ec2_spot_instance_strategy: None # Other options are: SpotOnly, BestEffort, MaxPerformance
ec2_instance_tags: > # Required for IAM role resource permission scoping
[
{"Key": "Project", "Value": "GitHub Actions Self-hosted Runners"}
]
build-arm64:
if: ${{ always() && contains(join(needs.start-arm64-runner.result, ','), 'success') }}
name: arm64 image
runs-on: ${{ github.run_id }}
needs: [set-versions-matrix, start-arm64-runner]
strategy:
fail-fast: false
matrix:
VERSION_MAJOR: ${{ fromJSON(needs.set-versions-matrix.outputs.matrix) }}
env:
PLATFORM: linux/arm64
DATE_STAMP: ${{ needs.set-versions-matrix.outputs.date_stamp }}
steps:
- name: Set environment
run: |
# Redefine VERSION_MAJOR as runner's AlmaLinux version may not match matrix one
almalinux_release=$(rpm -qf /etc/almalinux-release)
release=$(rpm -q --qf="%{VERSION}\n" ${almalinux_release} 2>/dev/null)
if [[ ${almalinux_release} = *'kitten'* ]]; then
VERSION_MAJOR='10-kitten'
else
VERSION_MAJOR=$(cut -d '.' -f 1 <<< "$release")
fi
echo "VERSION_MAJOR=${VERSION_MAJOR}" >> "$GITHUB_ENV"
- name: Install dependencies (${{ env.VERSION_MAJOR }})
run: |
sudo yum -y -q update
sudo yum -y -q install podman git
- uses: actions/checkout@v4
with:
submodules: true
- uses: ./.github/actions/shared-steps
name: Build and Push (${{ env.VERSION_MAJOR }})
with:
VERSION_MAJOR: ${{ env.VERSION_MAJOR }} # redefined VERSION_MAJOR, not from the matrix
DATE_STAMP: ${{ env.DATE_STAMP }}
IMAGE_REGISTRY: ${{ secrets.IMAGE_REGISTRY }}
REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
push-manifest:
if: ${{ always() && contains(join(needs.*.result, ','), 'success') }}
name: Push manifest
needs: [set-versions-matrix, build-amd64, start-arm64-runner, build-arm64]
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
VERSION_MAJOR: ${{ fromJSON(needs.set-versions-matrix.outputs.matrix) }}
env:
DATE_STAMP: ${{ needs.set-versions-matrix.outputs.date_stamp }}
steps:
- name: Set environment
run: |
# Minor version for both amd64 and arm64
for MACHINE in x86_64 aarch64; do
VERSION_MINOR=
release=${{ matrix.VERSION_MAJOR }}
if [[ "${{ matrix.VERSION_MAJOR }}" != *'kitten'* ]]; then
almalinux_release=https://repo.almalinux.org/almalinux/almalinux-release-latest-${{ matrix.VERSION_MAJOR }}.${MACHINE}.rpm
# TODO: remove when AlmaLinux 10.0 is released
[ "${{ matrix.VERSION_MAJOR }}" = "10" ] && almalinux_release=https://vault.almalinux.org/almalinux-release-latest-10-beta.${MACHINE}.rpm
release=$(rpm -q --qf="%{VERSION}\n" ${almalinux_release} 2>/dev/null)
VERSION_MINOR=.$(cut -d '.' -f 2 <<< "$release")
fi
echo "VERSION_MINOR_${MACHINE}=${VERSION_MINOR}" >> "$GITHUB_ENV"
echo "[Debug] MACHINE=${MACHINE} release=$release VERSION_MINOR=${VERSION_MINOR}"
unset VERSION_MINOR release
done
- name: Login to registry (docker)
uses: docker/login-action@v3
with:
registry: ${{ secrets.IMAGE_REGISTRY }}
username: ${{ secrets.REGISTRY_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Create and push manifest (docker)
run: |
# Manifest for both amd64 and arm64
IMAGE_DEST=${{ secrets.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
amd64_exists=0
arm64_exists=0
docker manifest inspect ${IMAGE_DEST}:${{ matrix.VERSION_MAJOR }}${{ env.VERSION_MINOR_x86_64 }}-${{ env.DATE_STAMP }}-amd64 >/dev/null 2>&1 \
|| amd64_exists=$?
docker manifest inspect ${IMAGE_DEST}:${{ matrix.VERSION_MAJOR }}${{ env.VERSION_MINOR_aarch64 }}-${{ env.DATE_STAMP }}-arm64 >/dev/null 2>&1 \
|| arm64_exists=$?
[ $amd64_exists -ne 0 -o $arm64_exists -ne 0 ] && exit 0
# Don't push manifest if amd64 and arm64 minor versions differ
VERSION_MINOR=${{ env.VERSION_MINOR_x86_64 }}
[ "${{ env.VERSION_MINOR_x86_64 }}" != "${{ env.VERSION_MINOR_aarch64 }}" ] && exit 0
# Loop over need tags: latest, VERSION_MAJOR, VERSION_MAJOR.VERSION_MINOR, VERSION_MAJOR.VERSION_MINOR-DATE_STAMP
tags="latest ${{ matrix.VERSION_MAJOR }} ${{ matrix.VERSION_MAJOR }}${VERSION_MINOR}-${{ env.DATE_STAMP }}"
[[ ${{ matrix.VERSION_MAJOR }} != *'kitten'* ]] && tags="${tags} ${{ matrix.VERSION_MAJOR }}${VERSION_MINOR}"
for tag in $tags; do
[ ${{ matrix.VERSION_MAJOR }} != ${{ env.LATEST_MAJOR }} -a "${tag}" = "latest" ] && continue
docker manifest create ${IMAGE_DEST}:${tag} \
${IMAGE_DEST}:${{ matrix.VERSION_MAJOR }}${VERSION_MINOR}-${{ env.DATE_STAMP }}-amd64 \
${IMAGE_DEST}:${{ matrix.VERSION_MAJOR }}${VERSION_MINOR}-${{ env.DATE_STAMP }}-arm64
docker manifest inspect ${IMAGE_DEST}:${tag}
docker manifest push ${IMAGE_DEST}:${tag}
done