Skip to content

Commit

Permalink
Update code to use structs + start implementing rules (#52)
Browse files Browse the repository at this point in the history 
* refactor and use githubs releases

- start implementing rule match
- start implementation version regex matching
- refactor to use structs rather than unnamed map[string]interface{}{}
- add api call to get published releases from github
---------

Signed-off-by: Christopher Larivière <[email protected]>
  • Loading branch information
@larivierec
larivierec committed Dec 11, 2023
1 parent c4532d5 commit 5cb495a
Show file tree
Hide file tree
Showing 10 changed files with 393 additions and 142 deletions.
116 changes: 102 additions & 14 deletions .github/workflows/builder.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,16 +72,19 @@ jobs:
name: Build ${{ matrix.image.name }} (${{ matrix.image.platform }})
needs: prepare-matrix
runs-on: ubuntu-latest
if: ${{ toJSON(fromJSON(needs.prepare-matrix.outputs.matrices).imagePlatforms) != '[]' && toJSON(fromJSON(needs.prepare-matrix.outputs.matrices).imagePlatforms) != '' }}
if: ${{ toJSON(fromJSON(needs.prepare-matrix.outputs.matrices).image_platforms) != '[]' && toJSON(fromJSON(needs.prepare-matrix.outputs.matrices).image_platforms) != '' }}
strategy:
fail-fast: false
matrix:
image: ["${{ fromJSON(needs.prepare-matrix.outputs.matrices).imagePlatforms }}"]
image: ["${{ fromJSON(needs.prepare-matrix.outputs.matrices).image_platforms }}"]
permissions:
contents: read
packages: write

steps:
- name: Lowercase repository owner
shell: bash
run: echo "LOWERCASE_REPO_OWNER=${GITHUB_REPOSITORY_OWNER,,}" >> "${GITHUB_ENV}"
- name: Log Matrix Input
shell: bash
run: |
Expand Down Expand Up @@ -120,32 +123,44 @@ jobs:
with:
app-id: "${{ secrets.RIVERBOT_APP_ID }}"
private-key: "${{ secrets.RIVERBOT_APP_PRIVATE_KEY }}"

- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
with:
token: "${{ steps.app-token.outputs.token }}"
fetch-depth: 1

- name: Setup Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0

- name: Prepare Build Outputs
id: prepare-build-outputs
shell: bash
run: |
image_name="ghcr.io/${{ env.LOWERCASE_REPO_OWNER }}/${{ matrix.image.name }}"
outputs="type=image,name=${image_name},push-by-digest=true,name-canonical=true,push=true"
echo "image_name=${image_name}" >> $GITHUB_OUTPUT
echo "outputs=${outputs}" >> $GITHUB_OUTPUT
- name: Login to GitHub Container Registry
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Docker meta
id: meta
uses: docker/metadata-action@31cebacef4805868f9ce9a0cb03ee36c32df2ac4 # v5
with:
images: ghcr.io/${{github.repository_owner}}/${{ matrix.image.name }}
tags: |
type=raw,value=v${{matrix.image.version}}
type=raw,value=latest,enable={{is_default_branch}}
# - name: Docker meta
# id: meta
# uses: docker/metadata-action@31cebacef4805868f9ce9a0cb03ee36c32df2ac4 # v5
# with:
# images: ghcr.io/${{github.repository_owner}}/${{ matrix.image.name }}
# tags: |
# type=raw,value=v${{matrix.image.version}}
# type=raw,value=latest,enable={{is_default_branch}}

- name: Build and Push
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5

id: build
with:
build-args: |-
VERSION=${{ matrix.image.version }}
Expand All @@ -155,5 +170,78 @@ jobs:
file: ${{ matrix.image.dockerfile }}
push: ${{ github.event_name != 'pull_request' }}
platforms: ${{ matrix.image.platform }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
outputs: ${{ steps.prepare-build-outputs.outputs.outputs }}
cache-from: type=gha
cache-to: type=gha,mode=max
labels: |-
org.opencontainers.image.title=${{ matrix.image.name }}
org.opencontainers.image.url=https://ghcr.io/${{ env.LOWERCASE_REPO_OWNER }}/${{ matrix.image.name }}
org.opencontainers.image.source=https://github.com/${{ env.LOWERCASE_REPO_OWNER }}/containers
org.opencontainers.image.version=${{ matrix.image.version }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.vendor=${{ env.LOWERCASE_REPO_OWNER }}
- name: Export Digest
id: export-digest
if: ${{ inputs.pushImages }}
shell: bash
run: |
mkdir -p /tmp/${{ matrix.image.name }}/digests
digest="${{ steps.build.outputs.digest }}"
echo "${{ matrix.image.name }}" > "/tmp/${{ matrix.image.name }}/digests/${digest#sha256:}"
- name: Upload Digest
if: ${{ inputs.pushImages }}
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: ${{ matrix.image.name }}
path: /tmp/${{ matrix.image.name }}/*
if-no-files-found: error
retention-days: 1

merge:
name: Merge ${{ matrix.image.name }}
runs-on: ubuntu-latest
needs: ["prepare-matrix", "build-and-push-image"]
if: ${{ always() && inputs.pushImages && toJSON(fromJSON(needs.prepare-matrix.outputs.matrices).images) != '[]' && toJSON(fromJSON(needs.prepare-matrix.outputs.matrices).images) != '' }}
strategy:
matrix:
image: ["${{ fromJSON(needs.prepare-matrix.outputs.matrices).images }}"]
fail-fast: false
steps:
- name: Lowercase repository owner
shell: bash
run: echo "LOWERCASE_REPO_OWNER=${GITHUB_REPOSITORY_OWNER,,}" >> "${GITHUB_ENV}"

- name: Download Digests
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: ${{ matrix.image.name }}
path: /tmp/${{ matrix.image.name }}

- name: Setup Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0

- name: Login to GitHub Container Registry
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: ghcr.io
username: "${{ github.actor }}"
password: "${{ secrets.GITHUB_TOKEN }}"

- name: Log Files
working-directory: /tmp/${{ matrix.image.name }}/digests
shell: bash
run: |
ls -la
cat *
- name: Merge Manifests
id: merge
working-directory: /tmp/${{ matrix.image.name }}/digests
env:
TAGS: ${{ toJSON(matrix.image.tags) }}
shell: bash
run: |
docker buildx imagetools create $(jq -cr '. | map("-t ghcr.io/${{ env.LOWERCASE_REPO_OWNER }}/${{matrix.image.name}}:" + .) | join(" ")' <<< "$TAGS") \
$(printf 'ghcr.io/${{ env.LOWERCASE_REPO_OWNER }}/${{ matrix.image.name }}@sha256:%s ' *)
2 changes: 1 addition & 1 deletion .github/workflows/release-schedule.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,4 +32,4 @@
with:
appsToBuild: ${{ inputs.appsToBuild }}
pushImages: true
force: false
force: ${{ inputs.force == true }}
5 changes: 0 additions & 5 deletions api/common.go
View file

This file was deleted.

9 changes: 9 additions & 0 deletions apps/bitwarden-cli/ci/metadata.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,13 @@
---
app: bitwarden-cli
# not in use yet
url: https://api.github.com/repos/bitwarden/clients/releases
rules:
- cli
# - sort published_at
# - 'sort_by(.published_at) | reverse | .[].name | select( index("CLI") )' | sed 's:.*CLI v::' | head -n 1)
version_regex:
- v*
channels:
- name: stable
platforms: ["linux/amd64"]
Expand Down
7 changes: 7 additions & 0 deletions apps/protonmail-bridge-docker/ci/metadata.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
---
app: protonmail-bridge-docker
# not in use yet
url: "https://api.github.com/repos/ProtonMail/proton-bridge/releases/latest"
rules:
- .tag_name
version_regex:
- v*
channels:
- name: stable
platforms: ["linux/amd64", "linux/arm64"]
Expand Down
7 changes: 7 additions & 0 deletions apps/tf-runner-bw/ci/metadata.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
---
app: tf-runner-bw
# not in use yet
url: "https://api.github.com/repos/weaveworks/tf-controller/tags"
rules:
- "[0].name"
version_regex:
- v*
channels:
- name: stable
platforms: ["linux/amd64"]
Expand Down
Loading

0 comments on commit 5cb495a

Please sign in to comment.