199 lines
		
	
	
		
			6.7 KiB
		
	
	
	
		
			YAML
		
	
	
			
		
		
	
	
			199 lines
		
	
	
		
			6.7 KiB
		
	
	
	
		
			YAML
		
	
	
| name: e2e
 | |
| 
 | |
| on:
 | |
|   workflow_dispatch:
 | |
|     inputs:
 | |
|       buildx-version:
 | |
|         description: 'Buildx version or Git context'
 | |
|         default: 'latest'
 | |
|         required: false
 | |
|       buildkit-image:
 | |
|         description: 'BuildKit image'
 | |
|         default: 'moby/buildkit:buildx-stable-1'
 | |
|         required: false
 | |
|       tag:
 | |
|         description: 'Additional tag to push'
 | |
|         required: false
 | |
|   schedule:
 | |
|     - cron: '0 10 * * *'
 | |
|   push:
 | |
|     branches:
 | |
|       - 'master'
 | |
|     tags:
 | |
|       - 'v*'
 | |
| 
 | |
| env:
 | |
|   BUILDX_VERSION: latest
 | |
|   BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1
 | |
|   HARBOR_VERSION: v2.7.0
 | |
|   NEXUS_VERSION: 3.47.1
 | |
| 
 | |
| jobs:
 | |
|   build:
 | |
|     runs-on: ubuntu-latest
 | |
|     strategy:
 | |
|       fail-fast: false
 | |
|       matrix:
 | |
|         include:
 | |
|           -
 | |
|             name: Docker Hub
 | |
|             registry: ''
 | |
|             slug: ghactionstest/ghactionstest
 | |
|             username_secret: DOCKERHUB_USERNAME
 | |
|             password_secret: DOCKERHUB_TOKEN
 | |
|             type: remote
 | |
|           -
 | |
|             name: GitHub
 | |
|             registry: ghcr.io
 | |
|             slug: ghcr.io/docker-ghactiontest/test
 | |
|             username_secret: GHCR_USERNAME
 | |
|             password_secret: GHCR_PAT
 | |
|             type: remote
 | |
|           -
 | |
|             name: GitLab
 | |
|             registry: registry.gitlab.com
 | |
|             slug: registry.gitlab.com/test1716/test
 | |
|             username_secret: GITLAB_USERNAME
 | |
|             password_secret: GITLAB_TOKEN
 | |
|             type: remote
 | |
|           -
 | |
|             name: AWS ECR
 | |
|             registry: 175142243308.dkr.ecr.us-east-2.amazonaws.com
 | |
|             slug: 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action
 | |
|             username_secret: AWS_ACCESS_KEY_ID
 | |
|             password_secret: AWS_SECRET_ACCESS_KEY
 | |
|             type: remote
 | |
|           -
 | |
|             name: AWS ECR Public
 | |
|             registry: public.ecr.aws
 | |
|             slug: public.ecr.aws/q3b5f1u4/test-docker-action
 | |
|             username_secret: AWS_ACCESS_KEY_ID
 | |
|             password_secret: AWS_SECRET_ACCESS_KEY
 | |
|             type: remote
 | |
|           -
 | |
|             name: Google Artifact Registry
 | |
|             registry: us-east4-docker.pkg.dev
 | |
|             slug: us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action
 | |
|             username_secret: GAR_USERNAME
 | |
|             password_secret: GAR_JSON_KEY
 | |
|             type: remote
 | |
|           -
 | |
|             name: Google Container Registry
 | |
|             registry: gcr.io
 | |
|             slug: gcr.io/sandbox-298914/test-docker-action
 | |
|             username_secret: GCR_USERNAME
 | |
|             password_secret: GCR_JSON_KEY
 | |
|             type: remote
 | |
|           -
 | |
|             name: Azure Container Registry
 | |
|             registry: officialgithubactions.azurecr.io
 | |
|             slug: officialgithubactions.azurecr.io/test-docker-action
 | |
|             username_secret: AZURE_CLIENT_ID
 | |
|             password_secret: AZURE_CLIENT_SECRET
 | |
|             type: remote
 | |
|           -
 | |
|             name: Quay
 | |
|             registry: quay.io
 | |
|             slug: quay.io/docker_build_team/ghactiontest
 | |
|             username_secret: QUAY_USERNAME
 | |
|             password_secret: QUAY_TOKEN
 | |
|             type: remote
 | |
|           -
 | |
|             name: Artifactory
 | |
|             registry: buildkitghactiontests.jfrog.io
 | |
|             slug: buildkitghactiontests.jfrog.io/ghactiontest/test-docker-action
 | |
|             username_secret: ARTIFACTORY_USERNAME
 | |
|             password_secret: ARTIFACTORY_TOKEN
 | |
|             type: remote
 | |
|           -
 | |
|             name: Harbor
 | |
|             id: harbor
 | |
|             type: local
 | |
|           -
 | |
|             name: Nexus
 | |
|             id: nexus
 | |
|             type: local
 | |
|     steps:
 | |
|       -
 | |
|         name: Checkout
 | |
|         uses: actions/checkout@v3
 | |
|       -
 | |
|         name: Set up env
 | |
|         if: matrix.type == 'local'
 | |
|         run: |
 | |
|           cat ./.github/e2e/${{ matrix.id }}/env >> $GITHUB_ENV          
 | |
|       -
 | |
|         name: Set up BuildKit config
 | |
|         run: |
 | |
|           touch /tmp/buildkitd.toml
 | |
|           if [ "${{ matrix.type }}" = "local" ]; then
 | |
|             echo -e "[registry.\"${{ env.REGISTRY_FQDN }}\"]\nhttp = true\ninsecure = true" > /tmp/buildkitd.toml
 | |
|           fi          
 | |
|       -
 | |
|         name: Set up Docker daemon
 | |
|         if: matrix.type == 'local'
 | |
|         run: |
 | |
|           if [ ! -e /etc/docker/daemon.json ]; then
 | |
|             echo '{}' | tee /etc/docker/daemon.json >/dev/null
 | |
|           fi
 | |
|           DOCKERD_CONFIG=$(jq '.+{"insecure-registries":["http://${{ env.REGISTRY_FQDN }}"]}' /etc/docker/daemon.json)
 | |
|           sudo tee /etc/docker/daemon.json <<<"$DOCKERD_CONFIG" >/dev/null
 | |
|           sudo service docker restart          
 | |
|       -
 | |
|         name: Install ${{ matrix.name }}
 | |
|         if: matrix.type == 'local'
 | |
|         run: |
 | |
|           sudo -E bash ./.github/e2e/${{ matrix.id }}/install.sh          
 | |
|       -
 | |
|         name: Docker meta
 | |
|         id: meta
 | |
|         uses: docker/metadata-action@v4
 | |
|         with:
 | |
|           images: ${{ env.REGISTRY_SLUG || matrix.slug }}
 | |
|           tags: |
 | |
|             type=ref,event=branch
 | |
|             type=ref,event=tag
 | |
|             type=raw,value=${{ inputs.tag }},enable=${{ inputs.tag != '' }}            
 | |
|       -
 | |
|         name: Set up QEMU
 | |
|         uses: docker/setup-qemu-action@v2
 | |
|       -
 | |
|         name: Set up Docker Buildx
 | |
|         uses: docker/setup-buildx-action@v2
 | |
|         with:
 | |
|           version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
 | |
|           config: /tmp/buildkitd.toml
 | |
|           buildkitd-flags: --debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
 | |
|           driver-opts: |
 | |
|             image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
 | |
|             network=host            
 | |
|       -
 | |
|         name: Login to Registry
 | |
|         if: github.event_name != 'pull_request'
 | |
|         uses: docker/login-action@v2
 | |
|         with:
 | |
|           registry: ${{ env.REGISTRY_FQDN || matrix.registry }}
 | |
|           username: ${{ env.REGISTRY_USER || secrets[matrix.username_secret] }}
 | |
|           password: ${{ env.REGISTRY_PASSWORD || secrets[matrix.password_secret] }}
 | |
|       -
 | |
|         name: Build and push
 | |
|         uses: ./
 | |
|         with:
 | |
|           context: ./test
 | |
|           file: ./test/multi.Dockerfile
 | |
|           platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
 | |
|           push: ${{ github.event_name != 'pull_request' }}
 | |
|           tags: ${{ steps.meta.outputs.tags }}
 | |
|           labels: ${{ steps.meta.outputs.labels }}
 | |
|           cache-from: type=registry,ref=${{ env.REGISTRY_SLUG || matrix.slug }}:master
 | |
|           cache-to: type=inline
 | |
|       -
 | |
|         name: Inspect image
 | |
|         run: |
 | |
|           docker pull ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }}
 | |
|           docker image inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }}          
 | |
|       -
 | |
|         name: Check manifest
 | |
|         run: |
 | |
|           docker buildx imagetools inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }} --format '{{json .}}'          
 |