-
Notifications
You must be signed in to change notification settings - Fork 0
executable file
·119 lines (119 loc) · 4.05 KB
/
bake.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
run-name: ${{ inputs.job == '' && inputs.target || inputs.job }} on Docker
on:
workflow_call:
secrets:
DOCKER_TOKEN:
required: false
inputs:
job:
description: The name of the job that is calling the workflow.
default: ""
type: string
target:
description: The target for the docker build. DEFAULT=default
default: default
type: string
runs-on:
description: What runner should I use? DEFAULT=ubuntu-latest
default: ubuntu-latest
type: string
bake:
description: bake or build
default: true
type: boolean
load:
description: load images into reg
default: false
type: boolean
set:
description: bake set args newline-delimited string
default: ""
type: string
insecure:
description: Toggle buildkitd-flags '--allow-insecure-entitlement security.insecure' and docker build 'security.insecure'
default: false
type: boolean
arch:
description: This can be set to 'linux/amd64,linux/arm64' to setup the builder to run cross compilation builds with qemu.
default: ""
type: string
push:
description: Push container after building?
default: false
type: boolean
label:
description: Label a PR after the process? Must be a github.event_name=='pull_request'
default: ""
type: string
meta:
description: Name of metadata file artifact
default: "meta"
type: string
dist:
description: Add dist as artifact?
default: false
type: boolean
jobs:
docker:
name: ${{ inputs.job == '' && inputs.target || inputs.job }}
runs-on: ${{ inputs.runs-on }}
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
if: ${{inputs.meta}} != ''
with:
name: ${{inputs.meta}}
- uses: docker/setup-qemu-action@v2
id: qemu
if: inputs.arch != ''
with:
platforms: ${{ inputs.arch }}
- uses: docker/setup-buildx-action@v2
with:
buildkitd-flags: ${{ inputs.insecure && '--allow-insecure-entitlement security.insecure' || '' }}
driver-opts: |
${{ inputs.insecure && 'image=moby/buildkit:master' || '' }}
- uses: docker/login-action@v2
if: inputs.push
with:
username: trilom
password: ${{ secrets.DOCKER_TOKEN }}
logout: ${{ inputs.runs-on == 'self-hosted' && false || true}}
- uses: docker/[email protected]
if: inputs.bake
with:
targets: |
${{ inputs.target }}
files: ./docker-bake.hcl${{inputs.meta == '' && '' || ',./env.hcl,./bake.json'}}
load: ${{ inputs.load }}
set: ${{ inputs.set }}
push: ${{ inputs.push }}
- uses: docker/build-push-action@v3
if: ${{ !inputs.bake }}
with:
target: ${{ inputs.target }}
allow: |
${{ inputs.insecure && 'security.insecure' || '' }}
- name: Unlabel
uses: actions/github-script@v6
if: failure() && github.event_name == 'pull_request' && inputs.label != ''
with:
script: |
if ('${{ contains(github.event.pull_request.labels.*.name, '${{ inputs.label }}') }}' == 'true') {
github.rest.issues.removeLabel({owner: context.repo.owner, repo: context.repo.repo, issue_number: context.issue.number,
name: '${{ inputs.label }}'
})
}
- name: Label
uses: actions/github-script@v6
if: success() && github.event_name == 'pull_request' && inputs.label != ''
with:
script: |
github.rest.issues.addLabels({owner: context.repo.owner, repo: context.repo.repo, issue_number: context.issue.number,
labels: ['${{ inputs.label }}']
})
- uses: actions/upload-artifact@v3
if: ${{ inputs.dist }}
with:
name: dist
path: dist