-
Notifications
You must be signed in to change notification settings - Fork 0
175 lines (172 loc) · 6.34 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
# WARNING: If you modify this workflow, please update the documentation
on:
workflow_call:
inputs:
target:
description: |
The target used to mark publish builds. This target should be unique
across all Earthly files in the repository. The target should always
produce at least one image which is optionally published to the
configured registries.
required: false
type: string
default: publish
aws_ecr_registry:
description: |
The AWS ECR registry that will be used to publish images
required: false
type: string
aws_role_arn:
description: |
The ARN of the AWS role that will be assumed by the workflow. Only
required when configuring a remote Earthly runner or AWS ECR.
required: false
type: string
aws_region:
description: |
The AWS region that will be used by the workflow. Only required when
configuring a remote Earthly runner or AWS ECR.
required: false
type: string
ci_cli_version:
description: |
The version of the CI CLI to use.
required: false
type: string
default: latest
default_branch:
description: |
The default branch of the repository.
required: false
type: string
default: ${{ github.event.repository.default_branch }}
earthly_version:
description: The version of Earthly to use.
required: false
type: string
default: latest
skip_publish_on_default:
description: |
If set to true, images will not be published when the workflow is
triggered by a push to the default branch.
required: false
type: boolean
default: false
tags:
description: |
A line separated list of additional tags that will be applied to
published images.
required: false
type: string
secrets:
dockerhub_username:
description: The token to use for logging into the DockerHub registry.
required: false
dockerhub_token:
description: The token to use for logging into the DockerHub registry.
required: false
earthly_runner_address:
description: |
The address of the Earthly runner that will be used to build the
Earthly files.
required: false
earthly_runner_secret:
description: |
The ID of the AWS secret holding Earthly remote runner credentials.
This secret must contain the runner address and the necessary TLS
certificates required to authenticate with it. If omitted, a remote
Earthly runner will not be configured.
required: false
jobs:
discover:
runs-on: ubuntu-latest
outputs:
json: ${{ steps.check.outputs.json }}
paths: ${{ steps.check.outputs.paths }}
steps:
- uses: actions/checkout@v3
- name: Setup CI
uses: input-output-hk/catalyst-ci/actions/setup@@feat/udc-migration
with:
cli_version: ${{ inputs.ci_cli_version }}
configure_registries: "false"
earthly_skip_install: "true"
- name: Discover Earthly files
uses: input-output-hk/catalyst-ci/actions/discover@@feat/udc-migration
id: discover
with:
targets: ${{ inputs.target }}
- name: Check for empty output
id: check
run: |
json=$(echo '${{ steps.discover.outputs.json }}' | jq -rc)
paths=$(echo '${{ steps.discover.outputs.paths }}' | jq -rc)
if [ "$output" == "null" ]; then
echo "json=[]" >> $GITHUB_OUTPUT
echo "paths=[]" >> $GITHUB_OUTPUT
else
echo "json=$json" >> $GITHUB_OUTPUT
echo "paths=$paths" >> $GITHUB_OUTPUT
fi
run:
runs-on: ubuntu-latest
needs: [discover]
if: needs.discover.outputs.paths != '[]'
strategy:
fail-fast: false
matrix:
platform:
- linux/amd64
earthfile: ${{ fromJson(needs.discover.outputs.paths) }}
steps:
- name: Get filtered targets
id: get_target
run: |
targets=$(echo '${{ needs.discover.outputs.json }}' | jq -r --arg key '${{ matrix.earthfile }}' '.[$key][]')
echo "Found targets: $targets"
targets_with_space=$(echo $targets | tr '\n' ' ')
echo "targets=$targets_with_space" >> $GITHUB_OUTPUT
- uses: actions/checkout@v3
- name: Setup CI
uses: input-output-hk/catalyst-ci/actions/setup@@feat/udc-migration
with:
aws_ecr_registry: ${{ inputs.aws_ecr_registry }}
aws_role_arn: ${{ inputs.aws_role_arn }}
aws_region: ${{ inputs.aws_region }}
cli_version: ${{ inputs.ci_cli_version }}
dockerhub_token: ${{ secrets.dockerhub_token }}
dockerhub_username: ${{ secrets.dockerhub_username }}
earthly_version: ${{ inputs.earthly_version }}
earthly_runner_secret: ${{ secrets.earthly_runner_secret }}
- name: Build image
uses: input-output-hk/catalyst-ci/actions/run@@feat/udc-migration
id: build
with:
earthfile: ${{ matrix.earthfile }}
targets: ${{ steps.get_target.outputs.targets }}
platform: ${{ matrix.platform }}
runner_address: ${{ secrets.earthly_runner_address }}
- name: Push image
uses: input-output-hk/catalyst-ci/actions/push@@feat/udc-migration
if: github.ref == format('refs/heads/{0}', inputs.default_branch) && !inputs.skip_publish_on_default
with:
image: ${{ steps.build.outputs.image }}
registries: |
${{ inputs.aws_ecr_registry }}
tags: |
${{ github.sha }}
${{ inputs.tags }}
- name: Fetch tag
id: fetch_tag
if: startsWith(github.ref, 'refs/tags/')
run: echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
- name: Push release image
uses: input-output-hk/catalyst-ci/actions/push@@feat/udc-migration
if: startsWith(github.ref, 'refs/tags/')
with:
image: ${{ steps.build.outputs.image }}
registries: |
${{ inputs.aws_ecr_registry }}
ghcr.io/${{ github.repository }}
tags: |
${{ steps.fetch_tag.outputs.tag }}