This repository has been archived by the owner on Jan 24, 2024. It is now read-only.

internal-images #10

	# yamllint --format github .github/workflows/internal-images.yml
	---
	name: internal-images

	# Refresh the tags once a day. This limits impact of rate-limited images. See RATIONALE.md
	on:
	schedule:
	- cron: "23 3 * * *"
	workflow_dispatch: # Allows manual refresh

	# This builds images and pushes them to ghcr.io/tetratelabs/wazero/internal-$tag
	# Using these avoid docker.io rate-limits particularly on pull requests.
	jobs:
	copy-images:
	runs-on: ubuntu-22.04 # Hard-coding an LTS means maintenance, but only once each 2 years!
	strategy:
	matrix:
	# Be precise in tag versions to improve reproducibility
	include:
	- source: tonistiigi/binfmt:qemu-v6.2.0 # for docker/setup-qemu-action
	target_tag: binfmt

	steps:
	# Same as doing this locally: echo "${GHCR_TOKEN}" \| docker login ghcr.io -u "${GHCR_TOKEN}" --password-stdin
	- name: "Login into GitHub Container Registry"
	uses: docker/login-action@v2
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	# GITHUB_TOKEN=<hex token value>
	# - pushes Docker images to ghcr.io
	# - create via https://github.com/settings/tokens
	# - needs repo:status, public_repo, write:packages, delete:packages
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Pull and push
	run: \| # This will only push a single architecture, which is fine as we currently only support amd64
	docker pull ${{ matrix.source }}
	docker tag ${{ matrix.source }} ghcr.io/${{ github.repository }}/internal-${{ matrix.target_tag }}
	docker push ghcr.io/${{ github.repository }}/internal-${{ matrix.target_tag }}

Provide feedback