Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(ci): fix version inspection handling #126

Merged
merged 8 commits into from
Mar 14, 2024
Merged

chore(ci): fix version inspection handling #126

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
41c2cfa
chore(ci): fix version inspection handling
bsherman Mar 14, 2024
b7c70ea
chore(ci): add retry for image info query and pull base
bsherman Mar 14, 2024
6a1eed4
refactor: fix some whitespace
bsherman Mar 14, 2024
255d483
chore(ci): shortcircuit matrix jobs
bsherman Mar 14, 2024
f77efbf
chore: debug output improve
bsherman Mar 14, 2024
5c06514
chore(ci): tricky retry outputs
bsherman Mar 14, 2024
d8a9d37
chore: output debugging
bsherman Mar 14, 2024
8abc192
chore: retry push to ghcr
bsherman Mar 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
113 changes: 87 additions & 26 deletions .github/workflows/reusable-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
required: true
type: string
env:
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}

jobs:
workflow_info:
Expand All @@ -34,20 +34,37 @@ jobs:
name: Get Stream Info
runs-on: ubuntu-latest
outputs:
linux: ${{ steps.fetch.outputs.linux }}
version: ${{ steps.fetch.outputs.version }}
linux: ${{ fromJSON(steps.fetch.outputs.outputs).linux }}
version: ${{ fromJSON(steps.fetch.outputs.outputs).version }}
steps:
- name: Fetch CoreOS stream versions
id: fetch
run: |
skopeo inspect docker://quay.io/fedora/fedora-coreos:${{ inputs.coreos_version }} > inspect.json
linux=$(jq -r '.["Labels"]["ostree.linux"]' inspect.json)
echo "linux=$linux" >> $GITHUB_OUTPUT
version=$(jq -r '.["Labels"]["version"]' inspect.json)
echo "version=$version" >> $GITHUB_OUTPUT
uses: Wandalen/[email protected]
with:
attempt_limit: 3
attempt_delay: 15000
command: |
set -eo pipefail

skopeo inspect docker://quay.io/fedora/fedora-coreos:${{ inputs.coreos_version }} > inspect.json

linux=$(jq -r '.["Labels"]["ostree.linux"]' inspect.json)
if [ -z "$linux" ] || [ "null" = "$linux" ]; then
echo "inspected linux version must not be empty or null"
exit 1
fi

version=$(jq -r '.["Labels"]["org.opencontainers.image.version"]' inspect.json)
if [ -z "$version" ] || [ "null" = "$version" ]; then
echo "inspected image version must not be empty or null"
exit 1
fi

echo "linux=$linux" >> $GITHUB_OUTPUT
echo "version=$version" >> $GITHUB_OUTPUT
- name: Echo outputs
run: |
echo "${{ toJSON(steps.fetch.outputs) }}"
echo "${{ steps.fetch.outputs.outputs }}"

build_fcos:
name: fedora-coreos
Expand Down Expand Up @@ -79,6 +96,14 @@ jobs:
- name: Checkout Push to Registry action
uses: actions/checkout@v4

- name: Verify version
shell: bash
run: |
if [ -z "${{ matrix.image_version }}" ] || [ "null" = "${{ matrix.image_version }}" ]; then
echo "matrix.image_version must not be empty or null"
exit 1
fi

- name: Generate tags
id: generate-tags
shell: bash
Expand Down Expand Up @@ -129,6 +154,16 @@ jobs:
org.opencontainers.image.title=${{ matrix.image_name }}
org.opencontainers.image.version=${{ matrix.image_version }}

- name: Pull base image
uses: Wandalen/[email protected]
with:
attempt_limit: 3
attempt_delay: 15000
command: |
# pull the base image used for FROM in containerfile so
# we can retry on that unfortunately common failure case
podman pull quay.io/fedora/fedora-coreos:${{ inputs.coreos_version }}

# Build image using Buildah action
- name: Build Image
id: build_image
Expand Down Expand Up @@ -158,20 +193,24 @@ jobs:

# Push the image to GHCR (Image Registry)
- name: Push To GHCR
uses: redhat-actions/push-to-registry@v2
uses: Wandalen/[email protected]
id: push
if: github.event_name != 'pull_request'
env:
REGISTRY_USER: ${{ github.actor }}
REGISTRY_PASSWORD: ${{ github.token }}
with:
image: ${{ steps.build_image.outputs.image }}
tags: ${{ steps.build_image.outputs.tags }}
registry: ${{ steps.registry_case.outputs.lowercase }}
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
extra-args: |
--disable-content-trust
action: redhat-actions/push-to-registry@v2
attempt_limit: 3
attempt_delay: 15000
with: |
image: ${{ steps.build_image.outputs.image }}
tags: ${{ steps.build_image.outputs.tags }}
registry: ${{ steps.registry_case.outputs.lowercase }}
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
extra-args: |
--disable-content-trust

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
Expand Down Expand Up @@ -237,6 +276,14 @@ jobs:
- name: Checkout Push to Registry action
uses: actions/checkout@v4

- name: Verify version
shell: bash
run: |
if [ -z "${{ matrix.image_version }}" ] || [ "null" = "${{ matrix.image_version }}" ]; then
echo "matrix.image_version must not be empty or null"
exit 1
fi

- name: Generate tags
id: generate-tags
shell: bash
Expand Down Expand Up @@ -291,6 +338,16 @@ jobs:
org.opencontainers.image.title=${{ matrix.image_base }}${{ matrix.image_suffix }}
org.opencontainers.image.version=${{ matrix.image_version }}

- name: Pull base image
uses: Wandalen/[email protected]
with:
attempt_limit: 3
attempt_delay: 15000
command: |
# pull the base image used for FROM in containerfile so
# we can retry on that unfortunately common failure case
podman pull quay.io/fedora/fedora-coreos:${{ inputs.coreos_version }}

# Build image using Buildah action
- name: Build Image
id: build_image
Expand Down Expand Up @@ -322,20 +379,24 @@ jobs:

# Push the image to GHCR (Image Registry)
- name: Push To GHCR
uses: redhat-actions/push-to-registry@v2
uses: Wandalen/[email protected]
id: push
if: github.event_name != 'pull_request'
env:
REGISTRY_USER: ${{ github.actor }}
REGISTRY_PASSWORD: ${{ github.token }}
with:
image: ${{ steps.build_image.outputs.image }}
tags: ${{ steps.build_image.outputs.tags }}
registry: ${{ steps.registry_case.outputs.lowercase }}
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
extra-args: |
--disable-content-trust
action: redhat-actions/push-to-registry@v2
attempt_limit: 3
attempt_delay: 15000
with: |
image: ${{ steps.build_image.outputs.image }}
tags: ${{ steps.build_image.outputs.tags }}
registry: ${{ steps.registry_case.outputs.lowercase }}
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
extra-args: |
--disable-content-trust

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
Expand Down