Skip to content

Publish OCI Images #3953

Publish OCI Images

Publish OCI Images #3953

name: Publish OCI Images
on:
push:
branches:
- latest
schedule:
# * is a special character in YAML so you have to quote this string
- cron: '0 1 * * *'
workflow_dispatch:
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Download s6-overlay
run: |
wget https://github.com/just-containers/s6-overlay/releases/download/v1.22.1.0/s6-overlay-amd64.tar.gz
- name: Set version
run: |
version="${GITHUB_REF#refs/heads/}"
echo "Building and publishing $version."
echo "VERSION=$version" >> $GITHUB_ENV
- name: Dispatching
if: github.event_name == 'schedule'
run: |
for version in $(git ls-remote --heads https://github.com/pulp/pulp-oci-images.git | grep -o "3\.[[:digit:]]*" | sort -V | tail -3)
do
echo $version
echo "{\"ref\": \"${version}\"}" > data.json
cat data.json
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
-H "Authorization: Bearer ${GITHUB_TOKEN}" \
https://api.github.com/repos/pulp/pulp-oci-images/actions/workflows/publish_images.yaml/dispatches \
-d @data.json
done
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
- name: Build the images
run: |
docker build --file pulp_ci_centos/Containerfile --tag pulp/pulp-ci-centos:latest .
docker tag pulp/pulp-ci-centos:latest ghcr.io/pulp/pulp-ci-centos:latest
docker tag pulp/pulp-ci-centos:latest quay.io/pulp/pulp-ci-centos:latest
if [ "$VERSION" = "latest" ]; then
docker build --file pulp_galaxy_ng/Containerfile --tag pulp/pulp-galaxy-ng:latest .
docker tag pulp/pulp-galaxy-ng:latest ghcr.io/pulp/pulp-galaxy-ng:latest
docker tag pulp/pulp-galaxy-ng:latest quay.io/pulp/all-in-one-galaxy:latest
# Be resilient if this fails
docker build --file pulp_nightly/Containerfile --tag pulp/pulp:nightly . || true
docker tag pulp/pulp:nightly ghcr.io/pulp/pulp:nightly || true
docker tag pulp/pulp:nightly quay.io/pulp/all-in-one-pulp:nightly || true
else
docker tag pulp/pulp-ci-centos:latest pulp/pulp-ci-centos:$VERSION
docker tag pulp/pulp-ci-centos:latest ghcr.io/pulp/pulp-ci-centos:$VERSION
docker tag pulp/pulp-ci-centos:latest quay.io/pulp/pulp-ci-centos:$VERSION
fi
docker build --file pulp/Containerfile --tag pulp/pulp:$VERSION .
docker tag pulp/pulp:$VERSION ghcr.io/pulp/pulp:$VERSION
docker tag pulp/pulp:$VERSION quay.io/pulp/all-in-one-pulp:$VERSION
- name: Test the images
run: assets/test.sh "pulp/pulp:$VERSION"
- name: Github login
env:
PULP_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PULP_GITHUB_USERNAME: ${{ github.actor }}
run: echo "$PULP_GITHUB_TOKEN" | docker login -u "$PULP_GITHUB_USERNAME" --password-stdin ghcr.io
- name: Push ci image to github
run: |
docker push ghcr.io/pulp/pulp:$VERSION
docker push ghcr.io/pulp/pulp-ci-centos:$VERSION
if [ "$VERSION" = "latest" ]; then
docker push ghcr.io/pulp/pulp-galaxy-ng:latest
# Be resilient if this fails
docker push ghcr.io/pulp/pulp:nightly || true
fi
- name: Docker login
env:
DOCKER_BOT_PASSWORD: ${{ secrets.DOCKER_BOT_PASSWORD }}
DOCKER_BOT_USERNAME: ${{ secrets.DOCKER_BOT_USERNAME }}
run: echo "$DOCKER_BOT_PASSWORD" | docker login -u "$DOCKER_BOT_USERNAME" --password-stdin docker.io
- name: Push ci image to dockerhub
run: |
docker push docker.io/pulp/pulp:$VERSION
docker push docker.io/pulp/pulp-ci-centos:$VERSION
if [ "$VERSION" = "latest" ]; then
docker push docker.io/pulp/pulp-galaxy-ng:latest
# Be resilient if this fails
docker push docker.io/pulp/pulp:nightly || true
fi
- name: Quay login
env:
QUAY_BOT_PASSWORD: ${{ secrets.QUAY_BOT_PASSWORD }}
QUAY_BOT_USERNAME: ${{ secrets.QUAY_BOT_USERNAME }}
run: echo "$QUAY_BOT_PASSWORD" | docker login -u "$QUAY_BOT_USERNAME" --password-stdin quay.io
- name: Push ci image to quay
run: |
docker push quay.io/pulp/all-in-one-pulp:$VERSION
docker push quay.io/pulp/pulp-ci-centos:$VERSION
if [ "$VERSION" = "latest" ]; then
docker push quay.io/pulp/all-in-one-galaxy:latest
# Let this be the last thing so it can indicate failure without breaking anything else
docker push quay.io/pulp/all-in-one-pulp:nightly
fi
- name: Display log on error
if: failure()
run: docker logs pulp
ssl_publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Download s6-overlay
run: |
wget https://github.com/just-containers/s6-overlay/releases/download/v1.22.1.0/s6-overlay-amd64.tar.gz
- name: Set version
run: |
version="${GITHUB_REF#refs/heads/}-https"
echo "Building and publishing $version."
echo "VERSION=$version" >> $GITHUB_ENV
- name: Build the images
run: |
docker build --build-arg SCHEME="https" --file pulp_ci_centos/Containerfile --tag pulp/pulp-ci-centos:https .
docker tag pulp/pulp-ci-centos:https ghcr.io/pulp/pulp-ci-centos:https
docker tag pulp/pulp-ci-centos:https quay.io/pulp/pulp-ci-centos:https
if [ "$VERSION" = "latest-https" ]; then
docker build --build-arg FROM_TAG="https" --file pulp_galaxy_ng/Containerfile --tag pulp/pulp-galaxy-ng:https .
docker tag pulp/pulp-galaxy-ng:https ghcr.io/pulp/pulp-galaxy-ng:https
docker tag pulp/pulp-galaxy-ng:https quay.io/pulp/all-in-one-galaxy:https
docker build --build-arg FROM_TAG="https" --file pulp/Containerfile --tag pulp/pulp:https .
docker tag pulp/pulp:https ghcr.io/pulp/pulp:https
docker tag pulp/pulp:https quay.io/pulp/all-in-one-pulp:https
else
docker tag pulp/pulp-ci-centos:https pulp/pulp-ci-centos:$VERSION
docker tag pulp/pulp-ci-centos:https ghcr.io/pulp/pulp-ci-centos:$VERSION
docker tag pulp/pulp-ci-centos:https quay.io/pulp/pulp-ci-centos:$VERSION
docker build --build-arg FROM_TAG="https" --file pulp/Containerfile --tag pulp/pulp:$VERSION .
docker tag pulp/pulp:$VERSION ghcr.io/pulp/pulp:$VERSION
docker tag pulp/pulp:$VERSION quay.io/pulp/all-in-one-pulp:$VERSION
fi
- name: Test the images
run: |
if [ "$VERSION" = "latest-https" ]; then
assets/test.sh "pulp/pulp:https" https
else
assets/test.sh "pulp/pulp:$VERSION" https
fi
- name: Github login
env:
PULP_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DOCKER_BOT_USERNAME: ${{ secrets.DOCKER_BOT_USERNAME }}
run: echo "$PULP_GITHUB_TOKEN" | docker login -u "$DOCKER_BOT_USERNAME" --password-stdin ghcr.io
- name: Push ci image to github
run: |
if [ "$VERSION" = "latest-https" ]; then
docker push ghcr.io/pulp/pulp-ci-centos:https
docker push ghcr.io/pulp/pulp-galaxy-ng:https
docker push ghcr.io/pulp/pulp:https
else
docker push ghcr.io/pulp/pulp-ci-centos:$VERSION
docker push ghcr.io/pulp/pulp:$VERSION
fi
- name: Docker login
env:
DOCKER_BOT_PASSWORD: ${{ secrets.DOCKER_BOT_PASSWORD }}
DOCKER_BOT_USERNAME: ${{ secrets.DOCKER_BOT_USERNAME }}
run: echo "$DOCKER_BOT_PASSWORD" | docker login -u "$DOCKER_BOT_USERNAME" --password-stdin docker.io
- name: Push ci image to dockerhub
run: |
if [ "$VERSION" = "latest-https" ]; then
docker push docker.io/pulp/pulp-ci-centos:https
docker push docker.io/pulp/pulp-galaxy-ng:https
docker push docker.io/pulp/pulp:https
else
docker push docker.io/pulp/pulp:$VERSION
docker push docker.io/pulp/pulp-ci-centos:$VERSION
fi
- name: Quay login
env:
QUAY_BOT_PASSWORD: ${{ secrets.QUAY_BOT_PASSWORD }}
QUAY_BOT_USERNAME: ${{ secrets.QUAY_BOT_USERNAME }}
run: echo "$QUAY_BOT_PASSWORD" | docker login -u "$QUAY_BOT_USERNAME" --password-stdin quay.io
- name: Push ci image to quay
run: |
if [ "$VERSION" = "latest-https" ]; then
docker push quay.io/pulp/pulp-ci-centos:https
docker push quay.io/pulp/all-in-one-galaxy:https
docker push quay.io/pulp/all-in-one-pulp:https
else
docker push quay.io/pulp/pulp-ci-centos:$VERSION
docker push quay.io/pulp/all-in-one-pulp:$VERSION
fi
- name: Display log on error
if: failure()
run: docker logs pulp