Migrate to docker bake build system, add dependabot

N0rthernL1ghts · Jun 22, 2024 · 4ce3928 · 4ce3928
1 parent ec0d90d
commit 4ce3928
Show file tree

Hide file tree

Showing 3 changed files with 119 additions and 11 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,18 @@
+version: 2
+updates:
+
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    assignees:
+      - "xZero707"
+
+   # Maintain Docker image dependencies
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    assignees:
+      - "xZero707"
diff --git a/.github/workflows/image-stable.yml b/.github/workflows/image-stable.yml
@@ -3,22 +3,41 @@ name: Build stable multiarch image
 on:
   push:
     branches: master
+    paths-ignore:
+      - '**.gitignore'
+      - '**.md'
+      - '**/**.md'
 
 jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - name: checkout code
-        uses: actions/checkout@v2
-      - name: install buildx
-        id: buildx
-        uses: crazy-max/ghaction-docker-buildx@v1
-        with:
-          version: latest
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
+      -
+        name: checkout code
+        uses: actions/checkout@v4
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
-      - name: Build image
-        run: bin/build
+      -
+        name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{github.actor}}
+          password: ${{secrets.PAT_TOKEN}}
+      -
+        name: Build and push
+        uses: docker/[email protected]
+        with:
+          files: build/docker-bake.hcl
+          push: true
diff --git a/build/docker-bake.hcl b/build/docker-bake.hcl
@@ -0,0 +1,71 @@
+group "default" {
+  targets = [
+    "latest"
+  ]
+}
+
+target "build-dockerfile" {
+  dockerfile = "Dockerfile"
+}
+
+target "build-platforms" {
+  platforms = ["linux/amd64", "linux/aarch64"]
+}
+
+target "build-common" {
+  pull = true
+}
+
+variable "REGISTRY_CACHE" {
+  default = "docker.io/nlss/chronydock-server-cache"
+}
+
+######################
+# Define the functions
+######################
+
+# Get the cache-from configuration
+function "get-cache-from" {
+  params = [version]
+  result = [
+    "type=registry,ref=${REGISTRY_CACHE}:${sha1("${version}-${BAKE_LOCAL_PLATFORM}")}"
+  ]
+}
+
+# Get the cache-to configuration
+function "get-cache-to" {
+  params = [version]
+  result = [
+    "type=registry,mode=max,ref=${REGISTRY_CACHE}:${sha1("${version}-${BAKE_LOCAL_PLATFORM}")}"
+  ]
+}
+
+# Get list of image tags and registries
+# Takes a version and a list of extra versions to tag
+# eg. get-tags("1.29.1", ["1.29", "latest"])
+function "get-tags" {
+  params = [version, extra_versions]
+  result = concat(
+    [
+      "docker.io/nlss/chrony-server:${version}",
+      "ghcr.io/n0rthernl1ghts/chrony-server:${version}"
+    ],
+    flatten([
+      for extra_version in extra_versions : [
+        "docker.io/nlss/chrony-server:${extra_version}",
+        "ghcr.io/n0rthernl1ghts/chrony-server:${extra_version}"
+      ]
+    ])
+  )
+}
+
+##########################
+# Define the build targets
+##########################
+
+target "latest" {
+  inherits   = ["build-dockerfile", "build-platforms", "build-common"]
+  cache-from = get-cache-from("latest")
+  cache-to   = get-cache-to("latest")
+  tags       = get-tags("latest", [])
+}