diff --git a/.github/workflows/buildkit-image.yml b/.github/workflows/buildkit-image.yml index 38b6b8ab..1f61a461 100644 --- a/.github/workflows/buildkit-image.yml +++ b/.github/workflows/buildkit-image.yml @@ -33,9 +33,6 @@ jobs: create: runs-on: ubuntu-latest steps: - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - name: Login to DockerHub if: ${{ inputs.push }} @@ -43,6 +40,9 @@ jobs: with: username: ${{ vars.DOCKERPUBLICBOT_USERNAME }} password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }} + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - name: Create run: | diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 5f22f975..980bf42a 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -23,10 +23,22 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 + name: Login to DockerHub + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 with: - fetch-depth: 0 + username: ${{ vars.DOCKERPUBLICBOT_USERNAME }} + password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }} + - + name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + version: ${{ env.BUILDX_VERSION }} + driver-opts: image=${{ env.BUILDKIT_IMAGE }} + buildkitd-flags: --debug - name: Docker meta id: meta @@ -44,40 +56,32 @@ jobs: org.opencontainers.image.title=BuildKit Syft scanner org.opencontainers.image.description=SBOM generation for BuildKit images org.opencontainers.image.vendor=Docker Inc. - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - version: ${{ env.BUILDX_VERSION }} - driver-opts: image=${{ env.BUILDKIT_IMAGE }} - buildkitd-flags: --debug - - - name: Login to DockerHub - if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - username: ${{ vars.DOCKERPUBLICBOT_USERNAME }} - password: ${{ secrets.DOCKERPUBLICBOT_WRITE_PAT }} - name: Build - uses: docker/bake-action@v5 + uses: docker/bake-action@v6 with: files: | ./docker-bake.hcl - ${{ steps.meta.outputs.bake-file }} + cwd://${{ steps.meta.outputs.bake-file }} targets: image-all push: ${{ github.event_name != 'pull_request' }} set: | *.cache-from=type=gha,scope=image *.cache-to=type=gha,scope=image,mode=max *.attest=type=sbom + + dockerhub-readme: + runs-on: ubuntu-latest + if: github.event_name != 'pull_request' + needs: + - build + steps: + - + name: Checkout + uses: actions/checkout@v4 - name: Update repo description - if: github.event_name != 'pull_request' - uses: peter-evans/dockerhub-description@v4 + uses: peter-evans/dockerhub-description@v3 with: username: ${{ vars.DOCKERPUBLICBOT_USERNAME }} password: ${{ secrets.DOCKERPUBLICBOT_DELETE_PAT }} diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 2ad931bc..101722d3 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -69,7 +69,7 @@ jobs: image=${{ env.BUILDKIT_IMAGE }} - name: Build and push Syft Scanner image - uses: docker/bake-action@v5 + uses: docker/bake-action@v6 with: targets: image-local push: true diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 86da4320..1a229eb9 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -21,14 +21,11 @@ jobs: - validate-license - validate-vendor steps: - - - name: Checkout - uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Run - uses: docker/bake-action@v5 + uses: docker/bake-action@v6 with: targets: ${{ matrix.target }} diff --git a/docker-bake.hcl b/docker-bake.hcl index ce1bc25a..225abb74 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -28,6 +28,7 @@ variable "IMAGE_LOCAL" { target "_common" { args = { + BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1 GO_VERSION = GO_VERSION GIT_REF = GITHUB_REF }