From f154a936b62d8ea2dc44b1cbf32416b5def28b1d Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Wed, 12 Feb 2025 03:24:22 +0100 Subject: [PATCH 01/23] test --- .github/workflows/docker-builder-reusable.yml | 125 ++++++++++++++++++ .github/workflows/docker-publish.yml | 86 +++--------- 2 files changed, 141 insertions(+), 70 deletions(-) create mode 100644 .github/workflows/docker-builder-reusable.yml diff --git a/.github/workflows/docker-builder-reusable.yml b/.github/workflows/docker-builder-reusable.yml new file mode 100644 index 0000000..0fc3135 --- /dev/null +++ b/.github/workflows/docker-builder-reusable.yml @@ -0,0 +1,125 @@ +name: Build and push docker container (parallelized build with native arm builders) + +on: + workflow_call: + inputs: + context: + default: "." + required: false + type: string + file: + default: "Dockerfile" + required: false + type: string + + title: + required: true + type: string + description: + required: false + type: string + + app_version: + default: '0.1.0' + required: false + type: string + revision: + default: 1 + required: false + type: number + + platforms: + default: 'linux/amd64,linux/arm64' + required: false + type: string + + registry: + default: ghcr.io + required: false + type: string + image_name: + required: true + type: string + secrets: + registry_username: + required: true + registry_password: + required: true + +jobs: + vars: + name: Preprocess variables + runs-on: ubuntu-24.04 + steps: + - name: Preprocess variables + id: vars + run: | + platforms="${{ inputs.platforms }}" + { + echo "version=${{ inputs.app_version }}-r${{ inputs.revision }}" + echo "platforms<<9743a66f914cc249efca164485a19c5c" + echo echo "[\"${platforms//,/\",\"}\"]" + echo "9743a66f914cc249efca164485a19c5c" + } >> "$GITHUB_OUTPUT" + outputs: + version: ${{ steps.vars.outputs.version }} + platforms: ${{ steps.vars.outputs.platforms }} + + build: + name: Build container ${{ matrix.platform }} + runs-on: ubuntu-24.04 + needs: vars + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + strategy: + fail-fast: false + matrix: + platform: ${{ fromJSON(needs.vars.outputs.platforms) }} + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0 + + - name: Log into registry ${{ inputs.registry }} + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 + with: + registry: ${{ inputs.registry }} + username: ${{ secrets.registry_username }} + password: ${{ secrets.registry_password }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 + with: + images: ${{ inputs.registry }}/${{ inputs.image_name }} + labels: | + org.opencontainers.image.title=${{ inputs.title }} + org.opencontainers.image.description=${{ inputs.description }} + tags: | + type=ref,event=branch,priority=1990 + type=ref,event=pr,priority=2999 + type=raw,value=latest,enable={{is_default_branch}} + type=raw,enable={{is_default_branch}},value=${{ needs.vars.outputs.version }},priority=1999 + type=raw,enable={{is_default_branch}},value=${{ inputs.app_version }},priority=1998 + type=semver,enable={{is_default_branch}},value=${{ inputs.app_version }},pattern={{major}}.{{minor}},priority=1997 + type=semver,enable={{is_default_branch}},value=${{ inputs.app_version }},pattern={{major}},priority=1996 + + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0 + with: + context: ${{ inputs.context }} + file: ${{ inputs.file }} + push: true + platforms: ${{ matrix.platform }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index a22b2c2..f84ef75 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -8,13 +8,10 @@ on: types: [opened, reopened, synchronize] workflow_dispatch: -env: - REGISTRY: ghcr.io - jobs: list_containers: name: List containers to build - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 outputs: matrix: ${{ steps.set-matrix.outputs.MATRIX }} steps: @@ -46,7 +43,7 @@ jobs: build: name: "Build container: ${{ matrix.container }}" - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 needs: list_containers permissions: contents: read @@ -59,68 +56,17 @@ jobs: fail-fast: false matrix: include: ${{ fromJSON(needs.list_containers.outputs.matrix) }} - - steps: - - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Generate properties - id: props - run: | - PLATFORMS_DEFAULT="linux/amd64,linux/arm64" - APP_VERSION_DEFAULT="0.1.0" - REVISION_DEFAULT="1" - - PLATFORMS="${{ matrix.platforms }}" - APP_VERSION="${{ matrix.app_version }}" - REVISION="${{ matrix.revision }}" - - platforms="${PLATFORMS:-"${PLATFORMS_DEFAULT}"}" - app_version="${APP_VERSION:-"${APP_VERSION_DEFAULT}"}" - revision="${REVISION:-"${REVISION_DEFAULT}"}" - { - echo "platforms=$platforms" - echo "app_version=$app_version" - echo "revision=$revision" - echo "version=${app_version}-r${revision}" - } >> "$GITHUB_OUTPUT" - - # Workaround: https://github.com/docker/build-push-action/issues/461 - - name: Setup Docker buildx - uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0 - - - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 - with: - images: ${{ env.REGISTRY }}/${{ github.repository }}/${{ matrix.container }} - labels: | - org.opencontainers.image.title=${{ matrix.container }} - org.opencontainers.image.description=${{ matrix.description }} - tags: | - type=ref,event=branch,priority=1990 - type=ref,event=pr,priority=2999 - type=raw,value=latest,enable={{is_default_branch}} - type=raw,enable={{is_default_branch}},value=${{ steps.props.outputs.version }},priority=1999 - type=raw,enable={{is_default_branch}},value=${{ steps.props.outputs.app_version }},priority=1998 - type=semver,enable={{is_default_branch}},value=${{ steps.props.outputs.app_version }},pattern={{major}}.{{minor}},priority=1997 - type=semver,enable={{is_default_branch}},value=${{ steps.props.outputs.app_version }},pattern={{major}},priority=1996 - - - name: Build and push Docker image - id: build-and-push - uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0 - with: - context: containers/${{ matrix.container }} - push: true - platforms: ${{ steps.props.outputs.platforms }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + uses: ./.github/workflows/docker-builder-reusable.yml + with: + context: containers/${{ matrix.container }} + file: Dockerfile + title: ${{ matrix.container }} + description: ${{ matrix.description }} + app_version: ${{ matrix.app_version }} + revision: ${{ matrix.revision }} + platforms: ${{ matrix.platforms }} + registry: ghcr.io + image_name: ${{ github.repository }}/${{ matrix.container }} + secrets: + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file From e615acc461104ba859a815d3c527dd8b3acfac4c Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Wed, 12 Feb 2025 03:26:11 +0100 Subject: [PATCH 02/23] fix --- .github/workflows/docker-publish.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index f84ef75..b1a9cb5 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -43,7 +43,6 @@ jobs: build: name: "Build container: ${{ matrix.container }}" - runs-on: ubuntu-24.04 needs: list_containers permissions: contents: read From 4782e98ba8b7ecb24f03771bad44addbe71ad82d Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Wed, 12 Feb 2025 03:28:42 +0100 Subject: [PATCH 03/23] num cast --- .github/workflows/docker-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index b1a9cb5..fa4edfc 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -62,7 +62,7 @@ jobs: title: ${{ matrix.container }} description: ${{ matrix.description }} app_version: ${{ matrix.app_version }} - revision: ${{ matrix.revision }} + revision: ${{ fromJSON(matrix.revision) }} platforms: ${{ matrix.platforms }} registry: ghcr.io image_name: ${{ github.repository }}/${{ matrix.container }} From 2fb2d650640afa0f591c5aa50115ad78da08569d Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Wed, 12 Feb 2025 03:30:41 +0100 Subject: [PATCH 04/23] fix platforms cast to list typo --- .github/workflows/docker-builder-reusable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-builder-reusable.yml b/.github/workflows/docker-builder-reusable.yml index 0fc3135..d3e03f6 100644 --- a/.github/workflows/docker-builder-reusable.yml +++ b/.github/workflows/docker-builder-reusable.yml @@ -58,7 +58,7 @@ jobs: { echo "version=${{ inputs.app_version }}-r${{ inputs.revision }}" echo "platforms<<9743a66f914cc249efca164485a19c5c" - echo echo "[\"${platforms//,/\",\"}\"]" + echo "[\"${platforms//,/\",\"}\"]" echo "9743a66f914cc249efca164485a19c5c" } >> "$GITHUB_OUTPUT" outputs: From 8d171313dbc82d17c66ca720ead176cd741d1a7c Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Wed, 12 Feb 2025 03:34:23 +0100 Subject: [PATCH 05/23] fix dockerfile path --- .github/workflows/docker-builder-reusable.yml | 2 +- .github/workflows/docker-publish.yml | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/docker-builder-reusable.yml b/.github/workflows/docker-builder-reusable.yml index d3e03f6..3274cb8 100644 --- a/.github/workflows/docker-builder-reusable.yml +++ b/.github/workflows/docker-builder-reusable.yml @@ -8,7 +8,7 @@ on: required: false type: string file: - default: "Dockerfile" + default: "{context}/Dockerfile" required: false type: string diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index fa4edfc..f44bdae 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -58,7 +58,6 @@ jobs: uses: ./.github/workflows/docker-builder-reusable.yml with: context: containers/${{ matrix.container }} - file: Dockerfile title: ${{ matrix.container }} description: ${{ matrix.description }} app_version: ${{ matrix.app_version }} From 0097f009169faa64e0d5a064242195175b2df4e6 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Wed, 12 Feb 2025 03:35:46 +0100 Subject: [PATCH 06/23] run natively on arm --- .github/workflows/docker-builder-reusable.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-builder-reusable.yml b/.github/workflows/docker-builder-reusable.yml index 3274cb8..da324d5 100644 --- a/.github/workflows/docker-builder-reusable.yml +++ b/.github/workflows/docker-builder-reusable.yml @@ -8,7 +8,6 @@ on: required: false type: string file: - default: "{context}/Dockerfile" required: false type: string @@ -66,8 +65,8 @@ jobs: platforms: ${{ steps.vars.outputs.platforms }} build: - name: Build container ${{ matrix.platform }} - runs-on: ubuntu-24.04 + name: Build container for ${{ matrix.platform }} + runs-on: ${{ startsWith(matrix.platform, 'linux/arm') && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }} needs: vars permissions: contents: read From 723eea816b7af049cec6776970ed497b582a43f6 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Wed, 12 Feb 2025 11:43:07 +0100 Subject: [PATCH 07/23] fix caching --- .github/workflows/docker-builder-reusable.yml | 15 +++++++++++++-- .github/workflows/docker-publish.yml | 2 +- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-builder-reusable.yml b/.github/workflows/docker-builder-reusable.yml index da324d5..ef227a2 100644 --- a/.github/workflows/docker-builder-reusable.yml +++ b/.github/workflows/docker-builder-reusable.yml @@ -110,6 +110,17 @@ jobs: type=semver,enable={{is_default_branch}},value=${{ inputs.app_version }},pattern={{major}}.{{minor}},priority=1997 type=semver,enable={{is_default_branch}},value=${{ inputs.app_version }},pattern={{major}},priority=1996 + - name: Prepare variables + id: vars + run: | + platform=${{ matrix.platform }} + image=${{ steps.meta.outputs.tags }} + { + echo "platform_pair=${platform//\//-}" + echo "platform_pair_un=${platform//\//_}" + echo "image=${image%%:*}" + } >> $GITHUB_OUTPUT + - name: Build and push Docker image id: build-and-push uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0 @@ -120,5 +131,5 @@ jobs: platforms: ${{ matrix.platform }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + cache-from: type=gha,scope=buildkit-layer-${{ steps.vars.outputs.platform_pair }} + cache-to: type=gha,mode=max,scope=buildkit-layer-${{ steps.vars.outputs.platform_pair }} diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index f44bdae..02651b9 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -67,4 +67,4 @@ jobs: image_name: ${{ github.repository }}/${{ matrix.container }} secrets: registry_username: ${{ github.actor }} - registry_password: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file + registry_password: ${{ secrets.GITHUB_TOKEN }} From 94fdc79ad2ff5819b05364fb07de43d070882a77 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 16:30:56 +0100 Subject: [PATCH 08/23] fix input naming --- .github/workflows/docker-builder-reusable.yml | 34 +++++++++++-------- .github/workflows/docker-publish.yml | 8 ++--- 2 files changed, 23 insertions(+), 19 deletions(-) diff --git a/.github/workflows/docker-builder-reusable.yml b/.github/workflows/docker-builder-reusable.yml index ef227a2..09e505c 100644 --- a/.github/workflows/docker-builder-reusable.yml +++ b/.github/workflows/docker-builder-reusable.yml @@ -18,7 +18,7 @@ on: required: false type: string - app_version: + app-version: default: '0.1.0' required: false type: string @@ -31,18 +31,22 @@ on: default: 'linux/amd64,linux/arm64' required: false type: string + mount-cache-dirs: + description: "" + required: false + type: string registry: default: ghcr.io required: false type: string - image_name: + image-name: required: true type: string secrets: - registry_username: + registry-username: required: true - registry_password: + registry-password: required: true jobs: @@ -55,7 +59,7 @@ jobs: run: | platforms="${{ inputs.platforms }}" { - echo "version=${{ inputs.app_version }}-r${{ inputs.revision }}" + echo "version=${{ inputs.app-version }}-r${{ inputs.revision }}" echo "platforms<<9743a66f914cc249efca164485a19c5c" echo "[\"${platforms//,/\",\"}\"]" echo "9743a66f914cc249efca164485a19c5c" @@ -90,14 +94,14 @@ jobs: uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: ${{ inputs.registry }} - username: ${{ secrets.registry_username }} - password: ${{ secrets.registry_password }} + username: ${{ secrets.registry-username }} + password: ${{ secrets.registry-password }} - name: Extract Docker metadata id: meta uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 with: - images: ${{ inputs.registry }}/${{ inputs.image_name }} + images: ${{ inputs.registry }}/${{ inputs.image-name }} labels: | org.opencontainers.image.title=${{ inputs.title }} org.opencontainers.image.description=${{ inputs.description }} @@ -106,9 +110,9 @@ jobs: type=ref,event=pr,priority=2999 type=raw,value=latest,enable={{is_default_branch}} type=raw,enable={{is_default_branch}},value=${{ needs.vars.outputs.version }},priority=1999 - type=raw,enable={{is_default_branch}},value=${{ inputs.app_version }},priority=1998 - type=semver,enable={{is_default_branch}},value=${{ inputs.app_version }},pattern={{major}}.{{minor}},priority=1997 - type=semver,enable={{is_default_branch}},value=${{ inputs.app_version }},pattern={{major}},priority=1996 + type=raw,enable={{is_default_branch}},value=${{ inputs.app-version }},priority=1998 + type=semver,enable={{is_default_branch}},value=${{ inputs.app-version }},pattern={{major}}.{{minor}},priority=1997 + type=semver,enable={{is_default_branch}},value=${{ inputs.app-version }},pattern={{major}},priority=1996 - name: Prepare variables id: vars @@ -116,8 +120,8 @@ jobs: platform=${{ matrix.platform }} image=${{ steps.meta.outputs.tags }} { - echo "platform_pair=${platform//\//-}" - echo "platform_pair_un=${platform//\//_}" + echo "platform-pair=${platform//\//-}" + echo "platform-pair-un=${platform//\//_}" echo "image=${image%%:*}" } >> $GITHUB_OUTPUT @@ -131,5 +135,5 @@ jobs: platforms: ${{ matrix.platform }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha,scope=buildkit-layer-${{ steps.vars.outputs.platform_pair }} - cache-to: type=gha,mode=max,scope=buildkit-layer-${{ steps.vars.outputs.platform_pair }} + cache-from: type=gha,scope=buildkit-layer-${{ steps.vars.outputs.platform-pair }} + cache-to: type=gha,mode=max,scope=buildkit-layer-${{ steps.vars.outputs.platform-pair }} diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 02651b9..91d48e8 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -60,11 +60,11 @@ jobs: context: containers/${{ matrix.container }} title: ${{ matrix.container }} description: ${{ matrix.description }} - app_version: ${{ matrix.app_version }} + app-version: ${{ matrix.app_version }} revision: ${{ fromJSON(matrix.revision) }} platforms: ${{ matrix.platforms }} registry: ghcr.io - image_name: ${{ github.repository }}/${{ matrix.container }} + image-name: ${{ github.repository }}/${{ matrix.container }} secrets: - registry_username: ${{ github.actor }} - registry_password: ${{ secrets.GITHUB_TOKEN }} + registry-username: ${{ github.actor }} + registry-password: ${{ secrets.GITHUB_TOKEN }} From 8cd43fcd9a8469b3bc8f710bd8f0e8ff59263b0d Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 17:24:56 +0100 Subject: [PATCH 09/23] almost finished --- ...ml => docker-parallel-multiarch-build.yml} | 119 +++++++++++++++--- .github/workflows/docker-publish.yml | 2 +- 2 files changed, 106 insertions(+), 15 deletions(-) rename .github/workflows/{docker-builder-reusable.yml => docker-parallel-multiarch-build.yml} (51%) diff --git a/.github/workflows/docker-builder-reusable.yml b/.github/workflows/docker-parallel-multiarch-build.yml similarity index 51% rename from .github/workflows/docker-builder-reusable.yml rename to .github/workflows/docker-parallel-multiarch-build.yml index 09e505c..9f7c676 100644 --- a/.github/workflows/docker-builder-reusable.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -1,4 +1,4 @@ -name: Build and push docker container (parallelized build with native arm builders) +name: Build and push docker container (parallelized multi-arch build with native arm builders) on: workflow_call: @@ -105,26 +105,45 @@ jobs: labels: | org.opencontainers.image.title=${{ inputs.title }} org.opencontainers.image.description=${{ inputs.description }} - tags: | - type=ref,event=branch,priority=1990 - type=ref,event=pr,priority=2999 - type=raw,value=latest,enable={{is_default_branch}} - type=raw,enable={{is_default_branch}},value=${{ needs.vars.outputs.version }},priority=1999 - type=raw,enable={{is_default_branch}},value=${{ inputs.app-version }},priority=1998 - type=semver,enable={{is_default_branch}},value=${{ inputs.app-version }},pattern={{major}}.{{minor}},priority=1997 - type=semver,enable={{is_default_branch}},value=${{ inputs.app-version }},pattern={{major}},priority=1996 - name: Prepare variables id: vars run: | - platform=${{ matrix.platform }} - image=${{ steps.meta.outputs.tags }} + platform="${{ matrix.platform }}" + image="${{ steps.meta.outputs.tags }}" { echo "platform-pair=${platform//\//-}" echo "platform-pair-un=${platform//\//_}" echo "image=${image%%:*}" } >> $GITHUB_OUTPUT + # TODO + - name: Setup buildkit mount cache + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 + with: + path: | + home-cache + home-cargo + key: buildkit-mount-${{ inputs.title }}-${{ steps.vars.outputs.platform_pair }}-${{ github.sha }} + restore-keys: | + buildkit-mount-${{ inputs.title }}-${{ steps.vars.outputs.platform_pair }}- + + # TODO + - name: Inject buildkit mount cache into docker + uses: reproducible-containers/buildkit-cache-dance@5b6db76d1da5c8b307d5d2e0706d266521b710de # v3.1.2 + with: + cache-map: | + { + "home-cache": { + "target": "/root/.cache", + "id": "home-cache-${{ matrix.platform }}" + }, + "home-cargo": { + "target": "/root/.cargo", + "id": "home-cargo-${{ matrix.platform }}" + } + } + - name: Build and push Docker image id: build-and-push uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0 @@ -133,7 +152,79 @@ jobs: file: ${{ inputs.file }} push: true platforms: ${{ matrix.platform }} - tags: ${{ steps.meta.outputs.tags }} + outputs: type=image,"name=${{ steps.vars.outputs.image }}",push-by-digest=true,name-canonical=true,push=true labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha,scope=buildkit-layer-${{ steps.vars.outputs.platform-pair }} - cache-to: type=gha,mode=max,scope=buildkit-layer-${{ steps.vars.outputs.platform-pair }} + cache-from: type=gha,scope=buildkit-layer-${{ inputs.title }}-${{ steps.vars.outputs.platform-pair }} + cache-to: type=gha,mode=max,scope=buildkit-layer-${{ inputs.title }}-${{ steps.vars.outputs.platform-pair }} + + # Workaround for https://github.com/actions/runner/pull/2477 + - name: Export digest + run: | + mkdir -p ${{ runner.temp }}/digests + digest="${{ steps.build-and-push.outputs.digest }}" + touch "${{ runner.temp }}/digests/${digest#sha256:}" + + - name: Upload digest as an artifact + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + with: + name: digests-${{ inputs.title }}-${{ steps.vars.outputs.platform_pair }} + path: ${{ runner.temp }}/digests/* + if-no-files-found: error + retention-days: 1 + + outputs: + image: ${{ steps.vars.outputs.image }} + # https://github.com/actions/runner/pull/2477 :< + # ${{ steps.vars.outputs.platform_pair_un }}_digest: ${{ steps.build-and-push.outputs.digest }} + + merge: + runs-on: ubuntu-24.04 + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + needs: + - build + steps: + - name: Download digests + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + with: + path: ${{ runner.temp }}/digests + pattern: digests-${{ inputs.title }}-* + merge-multiple: true + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0 + + - name: Log into registry ${{ inputs.registry }} + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 + with: + registry: ${{ inputs.registry }} + username: ${{ secrets.registry-username }} + password: ${{ secrets.registry-password }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 + with: + images: ${{ inputs.registry }}/${{ inputs.image-name }} + labels: | + org.opencontainers.image.title=${{ inputs.title }} + org.opencontainers.image.description=${{ inputs.description }} + tags: | + type=ref,event=branch,priority=1990 + type=ref,event=pr,priority=2999 + type=raw,value=latest,enable={{is_default_branch}} + type=raw,enable={{is_default_branch}},value=${{ needs.vars.outputs.version }},priority=1999 + type=raw,enable={{is_default_branch}},value=${{ inputs.app-version }},priority=1998 + type=semver,enable={{is_default_branch}},value=${{ inputs.app-version }},pattern={{major}}.{{minor}},priority=1997 + type=semver,enable={{is_default_branch}},value=${{ inputs.app-version }},pattern={{major}},priority=1996 + + - name: Create manifest list and push + working-directory: ${{ runner.temp }}/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ needs.build.outputs.image }}@sha256:%s ' *) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 91d48e8..602d5a0 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -55,7 +55,7 @@ jobs: fail-fast: false matrix: include: ${{ fromJSON(needs.list_containers.outputs.matrix) }} - uses: ./.github/workflows/docker-builder-reusable.yml + uses: ./.github/workflows/docker-parallel-multiarch-build.yml with: context: containers/${{ matrix.container }} title: ${{ matrix.container }} From bcb46c85c4a791e1858e0858d8563f8b08bdc174 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 17:29:19 +0100 Subject: [PATCH 10/23] fix underscore --- .github/workflows/docker-parallel-multiarch-build.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker-parallel-multiarch-build.yml b/.github/workflows/docker-parallel-multiarch-build.yml index 9f7c676..d5651ec 100644 --- a/.github/workflows/docker-parallel-multiarch-build.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -124,9 +124,9 @@ jobs: path: | home-cache home-cargo - key: buildkit-mount-${{ inputs.title }}-${{ steps.vars.outputs.platform_pair }}-${{ github.sha }} + key: buildkit-mount-${{ inputs.title }}-${{ steps.vars.outputs.platform-pair }}-${{ github.sha }} restore-keys: | - buildkit-mount-${{ inputs.title }}-${{ steps.vars.outputs.platform_pair }}- + buildkit-mount-${{ inputs.title }}-${{ steps.vars.outputs.platform-pair }}- # TODO - name: Inject buildkit mount cache into docker @@ -167,7 +167,7 @@ jobs: - name: Upload digest as an artifact uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: - name: digests-${{ inputs.title }}-${{ steps.vars.outputs.platform_pair }} + name: digests-${{ inputs.title }}-${{ steps.vars.outputs.platform-pair }} path: ${{ runner.temp }}/digests/* if-no-files-found: error retention-days: 1 @@ -175,7 +175,7 @@ jobs: outputs: image: ${{ steps.vars.outputs.image }} # https://github.com/actions/runner/pull/2477 :< - # ${{ steps.vars.outputs.platform_pair_un }}_digest: ${{ steps.build-and-push.outputs.digest }} + # ${{ steps.vars.outputs.platform-pair-un }}-digest: ${{ steps.build-and-push.outputs.digest }} merge: runs-on: ubuntu-24.04 From 3dd9bba0fc7f1e19080e6d8f9f635bb714b7eb7e Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 17:36:09 +0100 Subject: [PATCH 11/23] merge title --- .github/workflows/docker-parallel-multiarch-build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/docker-parallel-multiarch-build.yml b/.github/workflows/docker-parallel-multiarch-build.yml index d5651ec..a5799ef 100644 --- a/.github/workflows/docker-parallel-multiarch-build.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -178,6 +178,7 @@ jobs: # ${{ steps.vars.outputs.platform-pair-un }}-digest: ${{ steps.build-and-push.outputs.digest }} merge: + name: Merge images to single multi-arch image runs-on: ubuntu-24.04 permissions: contents: read From 7713752be50639f89127f8c8deaa43831645facd Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:13:50 +0100 Subject: [PATCH 12/23] test --- .../docker-parallel-multiarch-build.yml | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-parallel-multiarch-build.yml b/.github/workflows/docker-parallel-multiarch-build.yml index a5799ef..e0428f8 100644 --- a/.github/workflows/docker-parallel-multiarch-build.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -31,10 +31,14 @@ on: default: 'linux/amd64,linux/arm64' required: false type: string - mount-cache-dirs: - description: "" + buildkit-mount-caches: + description: "JSON object: `{id1: target1, id2: target2}`." required: false type: string + buildkit-mount-cache-ids-append-platform: + description: "If true, the workflow will append `-{{ platform }}` to the end of cache mount id (eg. `-linux/amd64`)." + default: false + type: boolean registry: default: ghcr.io @@ -109,13 +113,24 @@ jobs: - name: Prepare variables id: vars run: | + set -x + platform="${{ matrix.platform }}" image="${{ steps.meta.outputs.tags }}" + { echo "platform-pair=${platform//\//-}" echo "platform-pair-un=${platform//\//_}" echo "image=${image%%:*}" + + echo "cache-map<<9743a66f914cc249efca164485a19c5c" + jq --arg 'id_suffix' '-linux/amd64' 'to_entries | map({(.key): {target: .value, id: "\(.key)\($id_suffix)"}})' << 9743a66f914cc249efca164485a19c5c + ${{ inputs.buildkit-mount-caches }} + 9743a66f914cc249efca164485a19c5c + echo "9743a66f914cc249efca164485a19c5c" } >> $GITHUB_OUTPUT + + cat $GITHUB_OUTPUT # TODO - name: Setup buildkit mount cache From 72a6c5d29ce901f925a428f8d4e294733645d417 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:19:11 +0100 Subject: [PATCH 13/23] test --- .github/workflows/docker-parallel-multiarch-build.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/docker-parallel-multiarch-build.yml b/.github/workflows/docker-parallel-multiarch-build.yml index e0428f8..20670af 100644 --- a/.github/workflows/docker-parallel-multiarch-build.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -113,8 +113,6 @@ jobs: - name: Prepare variables id: vars run: | - set -x - platform="${{ matrix.platform }}" image="${{ steps.meta.outputs.tags }}" @@ -126,7 +124,7 @@ jobs: echo "cache-map<<9743a66f914cc249efca164485a19c5c" jq --arg 'id_suffix' '-linux/amd64' 'to_entries | map({(.key): {target: .value, id: "\(.key)\($id_suffix)"}})' << 9743a66f914cc249efca164485a19c5c ${{ inputs.buildkit-mount-caches }} - 9743a66f914cc249efca164485a19c5c + 9743a66f914cc249efca164485a19c5c echo "9743a66f914cc249efca164485a19c5c" } >> $GITHUB_OUTPUT From d6b002783561321129e43d78a549a36ade8fb0ef Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:24:37 +0100 Subject: [PATCH 14/23] test --- .../docker-parallel-multiarch-build.yml | 20 ++++++++----------- 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/.github/workflows/docker-parallel-multiarch-build.yml b/.github/workflows/docker-parallel-multiarch-build.yml index 20670af..3b90b91 100644 --- a/.github/workflows/docker-parallel-multiarch-build.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -124,6 +124,12 @@ jobs: echo "cache-map<<9743a66f914cc249efca164485a19c5c" jq --arg 'id_suffix' '-linux/amd64' 'to_entries | map({(.key): {target: .value, id: "\(.key)\($id_suffix)"}})' << 9743a66f914cc249efca164485a19c5c ${{ inputs.buildkit-mount-caches }} + 9743a66f914cc249efca164485a19c5c + echo "9743a66f914cc249efca164485a19c5c" + + echo "cache-paths<<9743a66f914cc249efca164485a19c5c" + jq -r 'to_entries | .[].key' << 9743a66f914cc249efca164485a19c5c + ${{ inputs.buildkit-mount-caches }} 9743a66f914cc249efca164485a19c5c echo "9743a66f914cc249efca164485a19c5c" } >> $GITHUB_OUTPUT @@ -135,8 +141,7 @@ jobs: uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: | - home-cache - home-cargo + ${{ steps.vars.outputs.cache-paths }} key: buildkit-mount-${{ inputs.title }}-${{ steps.vars.outputs.platform-pair }}-${{ github.sha }} restore-keys: | buildkit-mount-${{ inputs.title }}-${{ steps.vars.outputs.platform-pair }}- @@ -146,16 +151,7 @@ jobs: uses: reproducible-containers/buildkit-cache-dance@5b6db76d1da5c8b307d5d2e0706d266521b710de # v3.1.2 with: cache-map: | - { - "home-cache": { - "target": "/root/.cache", - "id": "home-cache-${{ matrix.platform }}" - }, - "home-cargo": { - "target": "/root/.cargo", - "id": "home-cargo-${{ matrix.platform }}" - } - } + ${{ steps.vars.outputs.cache-map }} - name: Build and push Docker image id: build-and-push From 632f08cdbc4c26ff1548b4135e9fdd66a11db139 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:34:58 +0100 Subject: [PATCH 15/23] test --- .github/workflows/docker-parallel-multiarch-build.yml | 10 +++++----- .github/workflows/docker-publish.yml | 1 + 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/docker-parallel-multiarch-build.yml b/.github/workflows/docker-parallel-multiarch-build.yml index 3b90b91..66bc63c 100644 --- a/.github/workflows/docker-parallel-multiarch-build.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -113,8 +113,8 @@ jobs: - name: Prepare variables id: vars run: | - platform="${{ matrix.platform }}" - image="${{ steps.meta.outputs.tags }}" + platform='${{ matrix.platform }}' + image='${{ steps.meta.outputs.tags }}' { echo "platform-pair=${platform//\//-}" @@ -122,7 +122,7 @@ jobs: echo "image=${image%%:*}" echo "cache-map<<9743a66f914cc249efca164485a19c5c" - jq --arg 'id_suffix' '-linux/amd64' 'to_entries | map({(.key): {target: .value, id: "\(.key)\($id_suffix)"}})' << 9743a66f914cc249efca164485a19c5c + jq --arg 'id_suffix' '-${{ matrix.platform }}' 'to_entries | map({(.key): {target: .value, id: "\(.key)\($id_suffix)"}})' << 9743a66f914cc249efca164485a19c5c ${{ inputs.buildkit-mount-caches }} 9743a66f914cc249efca164485a19c5c echo "9743a66f914cc249efca164485a19c5c" @@ -136,9 +136,9 @@ jobs: cat $GITHUB_OUTPUT - # TODO - name: Setup buildkit mount cache uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 + if: steps.vars.outputs.cache-paths with: path: | ${{ steps.vars.outputs.cache-paths }} @@ -146,9 +146,9 @@ jobs: restore-keys: | buildkit-mount-${{ inputs.title }}-${{ steps.vars.outputs.platform-pair }}- - # TODO - name: Inject buildkit mount cache into docker uses: reproducible-containers/buildkit-cache-dance@5b6db76d1da5c8b307d5d2e0706d266521b710de # v3.1.2 + if: steps.vars.outputs.cache-paths with: cache-map: | ${{ steps.vars.outputs.cache-map }} diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 602d5a0..cc02c04 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -65,6 +65,7 @@ jobs: platforms: ${{ matrix.platforms }} registry: ghcr.io image-name: ${{ github.repository }}/${{ matrix.container }} + buildkit-mount-caches: '{"home-cache": "/root/.cache", "home-cargo": "/root/.cargo"}' secrets: registry-username: ${{ github.actor }} registry-password: ${{ secrets.GITHUB_TOKEN }} From c7e0ca1aabf3182cfdc5d21c718fcac3c56c9ce3 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:37:09 +0100 Subject: [PATCH 16/23] test --- .github/workflows/docker-parallel-multiarch-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-parallel-multiarch-build.yml b/.github/workflows/docker-parallel-multiarch-build.yml index 66bc63c..cc20fae 100644 --- a/.github/workflows/docker-parallel-multiarch-build.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -122,7 +122,7 @@ jobs: echo "image=${image%%:*}" echo "cache-map<<9743a66f914cc249efca164485a19c5c" - jq --arg 'id_suffix' '-${{ matrix.platform }}' 'to_entries | map({(.key): {target: .value, id: "\(.key)\($id_suffix)"}})' << 9743a66f914cc249efca164485a19c5c + jq --arg 'id_suffix' '-${{ matrix.platform }}' 'to_entries | map({(.key): {target: .value, id: "\(.key)\($id_suffix)"}}) | add' << 9743a66f914cc249efca164485a19c5c ${{ inputs.buildkit-mount-caches }} 9743a66f914cc249efca164485a19c5c echo "9743a66f914cc249efca164485a19c5c" From b6022dbc0333459b518e7830f85b9e170ce2ee60 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:38:15 +0100 Subject: [PATCH 17/23] test --- .github/workflows/docker-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index cc02c04..2c73d34 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -65,7 +65,7 @@ jobs: platforms: ${{ matrix.platforms }} registry: ghcr.io image-name: ${{ github.repository }}/${{ matrix.container }} - buildkit-mount-caches: '{"home-cache": "/root/.cache", "home-cargo": "/root/.cargo"}' + #buildkit-mount-caches: '{"home-cache": "/root/.cache", "home-cargo": "/root/.cargo"}' secrets: registry-username: ${{ github.actor }} registry-password: ${{ secrets.GITHUB_TOKEN }} From fb317d15c71b24a009ddba602537b44df5268395 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:39:31 +0100 Subject: [PATCH 18/23] test bump nginx --- containers/nginx-rootless/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/containers/nginx-rootless/Dockerfile b/containers/nginx-rootless/Dockerfile index ec325bd..6965bf1 100644 --- a/containers/nginx-rootless/Dockerfile +++ b/containers/nginx-rootless/Dockerfile @@ -1,7 +1,7 @@ # platforms: linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6,linux/ppc64le,linux/s390x # renovate: datasource=docker depName=nginx extractVersion=^(?.*)-alpine$ # app_version: 1.27.4 -# revision: 2 +# revision: 3 # description: Nginx image modified to run without root privileges FROM nginx:1.27.4-alpine@sha256:4ff102c5d78d254a6f0da062b3cf39eaf07f01eec0927fd21e219d0af8bc0591 From 6b9e8af8e0924013b6ffc33aa9dc78bdee277535 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:41:35 +0100 Subject: [PATCH 19/23] test --- .github/workflows/docker-parallel-multiarch-build.yml | 2 +- .github/workflows/docker-publish.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-parallel-multiarch-build.yml b/.github/workflows/docker-parallel-multiarch-build.yml index cc20fae..35192ce 100644 --- a/.github/workflows/docker-parallel-multiarch-build.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -187,7 +187,7 @@ jobs: # ${{ steps.vars.outputs.platform-pair-un }}-digest: ${{ steps.build-and-push.outputs.digest }} merge: - name: Merge images to single multi-arch image + name: Merge images to multi-arch image runs-on: ubuntu-24.04 permissions: contents: read diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 2c73d34..cc02c04 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -65,7 +65,7 @@ jobs: platforms: ${{ matrix.platforms }} registry: ghcr.io image-name: ${{ github.repository }}/${{ matrix.container }} - #buildkit-mount-caches: '{"home-cache": "/root/.cache", "home-cargo": "/root/.cargo"}' + buildkit-mount-caches: '{"home-cache": "/root/.cache", "home-cargo": "/root/.cargo"}' secrets: registry-username: ${{ github.actor }} registry-password: ${{ secrets.GITHUB_TOKEN }} From a9c51715b57b9c9bdfc4ca7f70299700c1989f0e Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:46:45 +0100 Subject: [PATCH 20/23] only append platform to id when asked --- .github/workflows/docker-parallel-multiarch-build.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker-parallel-multiarch-build.yml b/.github/workflows/docker-parallel-multiarch-build.yml index 35192ce..a7876a9 100644 --- a/.github/workflows/docker-parallel-multiarch-build.yml +++ b/.github/workflows/docker-parallel-multiarch-build.yml @@ -116,13 +116,15 @@ jobs: platform='${{ matrix.platform }}' image='${{ steps.meta.outputs.tags }}' + [ '${{ inputs.buildkit-mount-cache-ids-append-platform }}' = 'true' ] && id_suffix='-${{ matrix.platform }}' + { echo "platform-pair=${platform//\//-}" echo "platform-pair-un=${platform//\//_}" echo "image=${image%%:*}" echo "cache-map<<9743a66f914cc249efca164485a19c5c" - jq --arg 'id_suffix' '-${{ matrix.platform }}' 'to_entries | map({(.key): {target: .value, id: "\(.key)\($id_suffix)"}}) | add' << 9743a66f914cc249efca164485a19c5c + jq --arg 'id_suffix' "$id_suffix" 'to_entries | map({(.key): {target: .value, id: "\(.key)\($id_suffix)"}}) | add' << 9743a66f914cc249efca164485a19c5c ${{ inputs.buildkit-mount-caches }} 9743a66f914cc249efca164485a19c5c echo "9743a66f914cc249efca164485a19c5c" From d2f601603572401fd4119c819fc11cef286b3730 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:48:17 +0100 Subject: [PATCH 21/23] test append platform --- .github/workflows/docker-publish.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index cc02c04..6f0881c 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -66,6 +66,7 @@ jobs: registry: ghcr.io image-name: ${{ github.repository }}/${{ matrix.container }} buildkit-mount-caches: '{"home-cache": "/root/.cache", "home-cargo": "/root/.cargo"}' + buildkit-mount-cache-ids-append-platform: true secrets: registry-username: ${{ github.actor }} registry-password: ${{ secrets.GITHUB_TOKEN }} From 448415024412da1ae5388571b743d28b9ee6438c Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:50:12 +0100 Subject: [PATCH 22/23] disable buildkit mount --- .github/workflows/docker-publish.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 6f0881c..602d5a0 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -65,8 +65,6 @@ jobs: platforms: ${{ matrix.platforms }} registry: ghcr.io image-name: ${{ github.repository }}/${{ matrix.container }} - buildkit-mount-caches: '{"home-cache": "/root/.cache", "home-cargo": "/root/.cargo"}' - buildkit-mount-cache-ids-append-platform: true secrets: registry-username: ${{ github.actor }} registry-password: ${{ secrets.GITHUB_TOKEN }} From c69a290e97350a4589fe20c0c52403abee244a03 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 16 Feb 2025 23:52:39 +0100 Subject: [PATCH 23/23] Revert "test bump nginx" This reverts commit fb317d15c71b24a009ddba602537b44df5268395. --- containers/nginx-rootless/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/containers/nginx-rootless/Dockerfile b/containers/nginx-rootless/Dockerfile index 6965bf1..ec325bd 100644 --- a/containers/nginx-rootless/Dockerfile +++ b/containers/nginx-rootless/Dockerfile @@ -1,7 +1,7 @@ # platforms: linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6,linux/ppc64le,linux/s390x # renovate: datasource=docker depName=nginx extractVersion=^(?.*)-alpine$ # app_version: 1.27.4 -# revision: 3 +# revision: 2 # description: Nginx image modified to run without root privileges FROM nginx:1.27.4-alpine@sha256:4ff102c5d78d254a6f0da062b3cf39eaf07f01eec0927fd21e219d0af8bc0591