From 0bd360869b5d6bc83ac25e118ba32f076257d370 Mon Sep 17 00:00:00 2001 From: blockchainer_cr Date: Thu, 3 Oct 2024 09:33:33 -0600 Subject: [PATCH 1/3] GitHub Action for DockerHub build and publish #19 (#49) * GitHub Action for DockerHub build and publish #19 --- .github/workflows/docker-publish.yml | 83 ++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 .github/workflows/docker-publish.yml diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml new file mode 100644 index 00000000..dc0ce3a9 --- /dev/null +++ b/.github/workflows/docker-publish.yml @@ -0,0 +1,83 @@ +name: Build and Publish image to Docker Hub +on: + repository_dispatch: + types: [prover-update] + push: + tags: + - 'v*.*.*' + +jobs: + build_and_push: + env: + DOCKER_HUB: ${{ secrets.DOCKER_LOGIN }} + DOCKER_TAGS: latest + runs-on: ubuntu-22.04 + permissions: + id-token: write + attestations: write + contents: read + packages: write + + strategy: + matrix: + target: + - name: stone-prover + dockerfile: Dockerfile + - name: cpu_air_prover + dockerfile: air_prover/Dockerfile + - name: cpu_air_verifier + dockerfile: air_verifier/Dockerfile + continue-on-error: true + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_LOGIN }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Determine Docker Tags + id: set-tag + run: | + if [[ "${GITHUB_EVENT_NAME}" == "repository_dispatch" ]]; then + echo "Latest version tags..." + elif [[ "${GITHUB_REF}" == refs/tags/* ]]; then + TAG_NAME=$(echo ${GITHUB_REF} | sed 's/refs\/tags\///') + echo "DOCKER_TAGS=${TAG_NAME}" >> $GITHUB_ENV + else + echo "No valid ref for tagging. Exiting..." + exit 1 + fi + shell: bash + + - name: Set image tags & labels + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.DOCKER_HUB }}/${{ matrix.target.name }} + tags: ${{ env.DOCKER_TAGS }} + + - name: Build And Push Image + id: push + uses: docker/build-push-action@v6 + with: + context: . + file: ${{ matrix.target.dockerfile }} + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: Generate artifact attestation + if: github.event.repository.fork == false + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ secrets.DOCKER_LOGIN }}/${{ matrix.target.name }} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true + From 6b8cc8a09104d02851fb5a5c9711456bb5f76cba Mon Sep 17 00:00:00 2001 From: blockchainer_cr Date: Thu, 3 Oct 2024 12:48:00 -0600 Subject: [PATCH 2/3] GitHub Action for DockerHub build and publish #19 (#60) --- .github/workflows/docker-publish.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index dc0ce3a9..2089ea75 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -11,6 +11,7 @@ jobs: env: DOCKER_HUB: ${{ secrets.DOCKER_LOGIN }} DOCKER_TAGS: latest + DOCKER_REGISTRY: docker.io runs-on: ubuntu-22.04 permissions: id-token: write @@ -39,6 +40,7 @@ jobs: - name: Log in to Docker Hub uses: docker/login-action@v3 with: + registry: ${{ env.DOCKER_REGISTRY }} username: ${{ secrets.DOCKER_LOGIN }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -60,7 +62,7 @@ jobs: id: meta uses: docker/metadata-action@v5 with: - images: ${{ env.DOCKER_HUB }}/${{ matrix.target.name }} + images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_HUB }}/${{ matrix.target.name }} tags: ${{ env.DOCKER_TAGS }} - name: Build And Push Image @@ -74,10 +76,9 @@ jobs: labels: ${{ steps.meta.outputs.labels }} - name: Generate artifact attestation - if: github.event.repository.fork == false uses: actions/attest-build-provenance@v1 with: - subject-name: ${{ secrets.DOCKER_LOGIN }}/${{ matrix.target.name }} + subject-name: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_HUB }}/${{ matrix.target.name }} subject-digest: ${{ steps.push.outputs.digest }} push-to-registry: true From 0a9c307bac2d5e63c90d27f859f4716c01110bce Mon Sep 17 00:00:00 2001 From: Dmitry Mirgaleev <35151170+dmirgaleev@users.noreply.github.com> Date: Fri, 4 Oct 2024 14:40:23 +0300 Subject: [PATCH 3/3] Update docker-publish.yml --- .github/workflows/docker-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 2089ea75..9889b7f8 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -62,7 +62,7 @@ jobs: id: meta uses: docker/metadata-action@v5 with: - images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_HUB }}/${{ matrix.target.name }} + images: ${{ env.DOCKER_REGISTRY }}/bakingbad/${{ matrix.target.name }} tags: ${{ env.DOCKER_TAGS }} - name: Build And Push Image @@ -78,7 +78,7 @@ jobs: - name: Generate artifact attestation uses: actions/attest-build-provenance@v1 with: - subject-name: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_HUB }}/${{ matrix.target.name }} + subject-name: ${{ env.DOCKER_REGISTRY }}/bakingbad/${{ matrix.target.name }} subject-digest: ${{ steps.push.outputs.digest }} push-to-registry: true