From 4c243d262ed10d4e2c70acde93782f3b0a87c034 Mon Sep 17 00:00:00 2001 From: Bill Wang Date: Tue, 29 Oct 2024 15:00:25 +1100 Subject: [PATCH] feature/github-action --- .github/FUNDING.yml | 12 ++++ .github/workflows/build.yml | 113 ++++++++++++++++++++++++++++++++++++ 2 files changed, 125 insertions(+) create mode 100644 .github/FUNDING.yml create mode 100644 .github/workflows/build.yml diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..4b16f59 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,12 @@ +# These are supported funding model platforms + +github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] +patreon: # Replace with a single Patreon username +open_collective: # Replace with a single Open Collective username +ko_fi: # Replace with a single Ko-fi username +tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel +community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry +liberapay: # Replace with a single Liberapay username +issuehunt: # Replace with a single IssueHunt username +otechie: # Replace with a single Otechie username +custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..c01f909 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,113 @@ +name: Docker + +on: + push: + tags: ["*"] + branches: + - "main" + - "master" + schedule: + - cron: '0 5 * * 0' + pull_request: + branches: ["**"] + +env: + # Hostname of your registry + REGISTRY: docker.io + # Image repository, without hostname and tag + IMAGE_NAME: alpine/terragrunt + SHA: ${{ github.event.pull_request.head.sha || github.event.after }} + +jobs: + build: + runs-on: ubuntu-latest + permissions: + pull-requests: write + steps: + - name: Setup Docker buildx + uses: docker/setup-buildx-action@v3 + + # Step to fetch the latest curl version + - name: Get latest curl version + id: curl-version + run: | + # export CURL_OPTIONS="-sL -H \"Authorization: token ${{ secrets.API_KEY }}\"" + + curl -H "Cache-Control: no-cache" -sL "https://raw.githubusercontent.com/alpine-docker/multi-arch-docker-images/stable/functions.sh" -o functions.sh + #curl -H "Cache-Control: no-cache" -sL "https://raw.githubusercontent.com/alpine-docker/multi-arch-docker-images/refs/heads/master/functions.sh" -o functions.sh + source functions.sh + + # get latest version + latest_terraform=$(get_latest_release "${terraform_repo}") + latest_terragrunt=$(get_latest_release "${terragrunt_repo}") + latest_boilerplate=$(get_latest_release "${boilerplate_repo}") + echo "Latest terraform release is: ${latest_terraform}" + echo "Latest terragrunt release is: ${latest_terragrunt}" + echo "Latest boilerplate release is: ${latest_boilerplate}" + echo "Latest opentofu release is: ${latest_opentofu}" + echo "TERRAFORM=${latest_terraform}" >> $GITHUB_ENV + echo "TERRAGRUNT=${latest_terragrunt}" >> $GITHUB_ENV + echo "BOILERPLATE=${latest_boilerplate}" >> $GITHUB_ENV + + # Authenticate to the container registry + - name: Authenticate to registry ${{ env.REGISTRY }} + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + # Extract metadata (tags, labels) for Docker + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + labels: | + org.opencontainers.image.revision=${{ env.SHA }} + tags: | + type=edge,branch=$repo.default_branch + type=semver,pattern=v{{version}} + type=sha,prefix=,suffix=,format=short + + # Build and push Docker image with Buildx + # (don't push on PR, load instead) + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@v6 + with: + platforms: linux/386,linux/amd64,linux/arm64 + sbom: ${{ github.event_name != 'pull_request' }} + provenance: ${{ github.event_name != 'pull_request' }} + push: ${{ github.event_name != 'pull_request' }} + load: ${{ github.event_name == 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + build-args: | + TERRAFORM=${{ env.TERRAFORM }} + TERRAGRUNT=${{ env.TERRAGRUNT }} + BOILERPLATE=${{ env.BOILERPLATE }} + + # - name: Checkout code + # uses: actions/checkout@v2 + + # - name: check the platform in multi-arch images + # run: | + # echo ${{ steps.meta.outputs.tags }} + # bash ./test.sh ${{ steps.meta.outputs.tags }} + + #- name: set tags + # run: | + # # install crane + # curl -LO https://github.com/google/go-containerregistry/releases/download/v0.20.2/go-containerregistry_Linux_x86_64.tar.gz + # tar zxvf go-containerregistry_Linux_x86_64.tar.gz + # chmod +x crane + + # export VERSION=($(docker run -i --rm ${{ steps.meta.outputs.tags }} curl --version|awk '$1=$1' |awk -F "[ -]" 'NR==1{print $2}')) + # echo $VERSION + # ./crane auth login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }} index.docker.io + # ./crane copy ${{ steps.meta.outputs.tags }} ${{ env.IMAGE_NAME }}:latest + # ./crane copy ${{ steps.meta.outputs.tags }} ${{ env.IMAGE_NAME }}:${VERSION} + # rm -f /home/runner/.docker/config.json