chore: Prepare for the v0.9.0 release #918
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Earthly PR +build | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number }} | |
| cancel-in-progress: true | |
| on: | |
| pull_request: | |
| env: | |
| FORCE_COLOR: 1 | |
| CLICOLOR_FORCE: 1 | |
| RUST_LOG_STYLE: always | |
| jobs: | |
| arm64-prebuild: | |
| timeout-minutes: 10 | |
| runs-on: ubuntu-latest | |
| if: github.repository == 'blue-build/cli' | |
| steps: | |
| - uses: earthly/actions-setup@v1 | |
| - name: Earthly login | |
| env: | |
| EARTHLY_SAT_TOKEN: ${{ secrets.EARTHLY_SAT_TOKEN }} | |
| run: | | |
| earthly account login --token ${{ secrets.EARTHLY_SAT_TOKEN }} >> /dev/null | |
| earthly org s blue-build | |
| earthly sat s arm | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - name: Run build | |
| id: build | |
| run: | | |
| earthly --ci --push -P +prebuild | |
| amd64-prebuild: | |
| timeout-minutes: 10 | |
| runs-on: ubuntu-latest | |
| if: github.repository == 'blue-build/cli' | |
| steps: | |
| - uses: earthly/actions-setup@v1 | |
| - name: Earthly login | |
| env: | |
| EARTHLY_SAT_TOKEN: ${{ secrets.EARTHLY_SAT_TOKEN }} | |
| run: | | |
| earthly account login --token ${{ secrets.EARTHLY_SAT_TOKEN }} >> /dev/null | |
| earthly org s blue-build | |
| earthly sat s amd | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - name: Run build | |
| id: build | |
| run: | | |
| earthly --ci --push -P +prebuild | |
| build-images: | |
| timeout-minutes: 60 | |
| runs-on: ubuntu-latest | |
| if: github.repository == 'blue-build/cli' | |
| needs: | |
| - arm64-prebuild | |
| - amd64-prebuild | |
| steps: | |
| - uses: earthly/actions-setup@v1 | |
| - name: Earthly login | |
| env: | |
| EARTHLY_SAT_TOKEN: ${{ secrets.EARTHLY_SAT_TOKEN }} | |
| run: | | |
| earthly account login --token ${{ secrets.EARTHLY_SAT_TOKEN }} >> /dev/null | |
| earthly org s blue-build | |
| earthly sat s pr | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - name: Run build | |
| id: build | |
| run: | | |
| earthly --ci --push -P +build-images-all | |
| build-scripts: | |
| timeout-minutes: 5 | |
| runs-on: ubuntu-latest | |
| if: github.repository == 'blue-build/cli' | |
| steps: | |
| - uses: earthly/actions-setup@v1 | |
| - name: Earthly login | |
| env: | |
| EARTHLY_SAT_TOKEN: ${{ secrets.EARTHLY_SAT_TOKEN }} | |
| if: env.EARTHLY_SAT_TOKEN != null | |
| run: | | |
| earthly account login --token ${{ secrets.EARTHLY_SAT_TOKEN }} >> /dev/null | |
| earthly org s blue-build | |
| earthly sat s pr | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - name: Run build | |
| id: build | |
| run: | | |
| earthly --ci --push -P +build-scripts-all | |
| integration-tests: | |
| permissions: | |
| packages: write | |
| timeout-minutes: 60 | |
| needs: | |
| - amd64-prebuild | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Maximize build space | |
| uses: ublue-os/remove-unwanted-software@v6 | |
| - uses: earthly/actions-setup@v1 | |
| # Setup repo and add caching | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Run integration tests | |
| run: | | |
| earthly bootstrap | |
| earthly --ci -P ./integration-tests+all | |
| test: | |
| timeout-minutes: 10 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: earthly/actions-setup@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Run test | |
| id: build | |
| run: | | |
| earthly --ci +test | |
| lint: | |
| timeout-minutes: 10 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: earthly/actions-setup@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Run lint | |
| id: build | |
| run: | | |
| earthly --ci +lint | |
| docker-build: | |
| timeout-minutes: 20 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Maximize build space | |
| uses: ublue-os/remove-unwanted-software@v6 | |
| - uses: sigstore/[email protected] | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| install: true | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Expose GitHub Runtime | |
| uses: crazy-max/ghaction-github-runtime@v3 | |
| - uses: extractions/setup-just@v1 | |
| - name: Run Build | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| GH_PR_EVENT_NUMBER: ${{ github.event.number }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} | |
| BB_BUILDKIT_CACHE_GHA: true | |
| run: just test-docker-build | |
| rechunk-build: | |
| timeout-minutes: 20 | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Maximize build space | |
| uses: ublue-os/remove-unwanted-software@v6 | |
| - uses: sigstore/[email protected] | |
| with: | |
| install-dir: /usr/bin | |
| use-sudo: true | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Expose GitHub Runtime | |
| uses: crazy-max/ghaction-github-runtime@v3 | |
| - uses: extractions/setup-just@v1 | |
| - name: Run Build | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| GH_PR_EVENT_NUMBER: ${{ github.event.number }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} | |
| run: | | |
| just install-debug-all-features | |
| cd integration-tests/test-repo | |
| export CARGO_HOME=$HOME/.cargo | |
| sudo -E $CARGO_HOME/bin/bluebuild build --push -vv --rechunk recipes/recipe-rechunk.yml | |
| arm64-build: | |
| timeout-minutes: 40 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Maximize build space | |
| uses: ublue-os/remove-unwanted-software@v6 | |
| - uses: sigstore/[email protected] | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| install: true | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Expose GitHub Runtime | |
| uses: crazy-max/ghaction-github-runtime@v3 | |
| - uses: extractions/setup-just@v1 | |
| - name: Run Build | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| GH_PR_EVENT_NUMBER: ${{ github.event.number }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} | |
| BB_BUILDKIT_CACHE_GHA: true | |
| run: just test-arm64-build | |
| docker-build-external-login: | |
| timeout-minutes: 20 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Maximize build space | |
| uses: ublue-os/remove-unwanted-software@v6 | |
| - uses: sigstore/[email protected] | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| install: true | |
| - name: Docker Login | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Expose GitHub Runtime | |
| uses: crazy-max/ghaction-github-runtime@v3 | |
| - uses: extractions/setup-just@v1 | |
| - name: Run Build | |
| env: | |
| GH_PR_EVENT_NUMBER: ${{ github.event.number }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} | |
| BB_BUILDKIT_CACHE_GHA: true | |
| run: just test-docker-build-external-login | |
| # Free trial is over | |
| # docker-build-oauth-login: | |
| # timeout-minutes: 20 | |
| # runs-on: ubuntu-latest | |
| # permissions: | |
| # contents: read | |
| # packages: write | |
| # id-token: write | |
| # steps: | |
| # - name: Google Auth | |
| # id: auth | |
| # uses: "google-github-actions/auth@v2" | |
| # with: | |
| # token_format: "access_token" | |
| # service_account: ${{ secrets.SERVICE_ACCOUNT }} | |
| # project_id: bluebuild-oidc | |
| # create_credentials_file: false | |
| # workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY }} | |
| # - name: Maximize build space | |
| # uses: ublue-os/remove-unwanted-software@v6 | |
| # - uses: sigstore/[email protected] | |
| # - name: Set up Docker Buildx | |
| # uses: docker/setup-buildx-action@v3 | |
| # with: | |
| # install: true | |
| # - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| # - name: Docker Auth | |
| # id: docker-auth | |
| # uses: "docker/login-action@v3" | |
| # with: | |
| # username: "oauth2accesstoken" | |
| # password: "${{ steps.auth.outputs.access_token }}" | |
| # registry: us-east1-docker.pkg.dev | |
| # - uses: actions/checkout@v4 | |
| # with: | |
| # fetch-depth: 0 | |
| # ref: ${{github.event.pull_request.head.ref}} | |
| # repository: ${{github.event.pull_request.head.repo.full_name}} | |
| # - name: Expose GitHub Runtime | |
| # uses: crazy-max/ghaction-github-runtime@v3 | |
| # - uses: extractions/setup-just@v1 | |
| # - name: Run Build | |
| # env: | |
| # GH_PR_EVENT_NUMBER: ${{ github.event.number }} | |
| # COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} | |
| # BB_BUILDKIT_CACHE_GHA: true | |
| # run: just test-docker-build-oauth-login | |
| podman-build: | |
| timeout-minutes: 20 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Maximize build space | |
| uses: ublue-os/remove-unwanted-software@v6 | |
| - uses: sigstore/[email protected] | |
| - name: Setup Podman | |
| shell: bash | |
| run: | | |
| # from https://askubuntu.com/questions/1414446/whats-the-recommended-way-of-installing-podman-4-in-ubuntu-22-04 | |
| ubuntu_version='22.04' | |
| key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key" | |
| sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}" | |
| echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel-kubic-libcontainers-unstable.list | |
| curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null | |
| sudo apt-get update | |
| sudo apt-get install -y podman | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - uses: extractions/setup-just@v1 | |
| - name: Run Build | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| GH_PR_EVENT_NUMBER: ${{ github.event.number }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} | |
| run: just test-podman-build | |
| buildah-build: | |
| timeout-minutes: 20 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Maximize build space | |
| uses: ublue-os/remove-unwanted-software@v6 | |
| - uses: sigstore/[email protected] | |
| - name: Setup Buildah | |
| shell: bash | |
| run: | | |
| # from https://askubuntu.com/questions/1414446/whats-the-recommended-way-of-installing-podman-4-in-ubuntu-22-04 | |
| ubuntu_version='22.04' | |
| key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key" | |
| sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}" | |
| echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel-kubic-libcontainers-unstable.list | |
| curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null | |
| sudo apt-get update | |
| sudo apt-get install -y buildah | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - uses: extractions/setup-just@v1 | |
| - name: Run Build | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| GH_PR_EVENT_NUMBER: ${{ github.event.number }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} | |
| run: just test-buildah-build | |
| iso-from-image: | |
| timeout-minutes: 20 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Maximize build space | |
| uses: ublue-os/remove-unwanted-software@v6 | |
| - uses: sigstore/[email protected] | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| install: true | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Expose GitHub Runtime | |
| uses: crazy-max/ghaction-github-runtime@v3 | |
| - uses: extractions/setup-just@v1 | |
| - name: Run Build | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| GH_PR_EVENT_NUMBER: ${{ github.event.number }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} | |
| BB_BUILDKIT_CACHE_GHA: true | |
| run: just test-generate-iso-image | |
| iso-from-recipe: | |
| timeout-minutes: 20 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| steps: | |
| - name: Maximize build space | |
| uses: ublue-os/remove-unwanted-software@v6 | |
| - uses: sigstore/[email protected] | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| install: true | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{github.event.pull_request.head.ref}} | |
| repository: ${{github.event.pull_request.head.repo.full_name}} | |
| - name: Expose GitHub Runtime | |
| uses: crazy-max/ghaction-github-runtime@v3 | |
| - uses: extractions/setup-just@v1 | |
| - name: Run Build | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| GH_PR_EVENT_NUMBER: ${{ github.event.number }} | |
| COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} | |
| BB_BUILDKIT_CACHE_GHA: true | |
| run: just test-generate-iso-recipe |