Skip to content

chown

chown #19

name: Docker publish
on:
workflow_dispatch:
inputs:
version:
description: 'Version (optional)'
required: false
push:
branches:
- 'main'
jobs:
docker-base-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
component:
- chartserver
- trivy-adapter
- core
- db
- exporter
- jobservice
- log
- nginx
- notary-server
- notary-signer
- portal
- prepare
- redis
- registry
- registryctl
defaults:
run:
working-directory: ./
steps:
- uses: actions/checkout@v4
with:
submodules: true
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
with:
driver: docker-container
driver-opts: network=host
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- run: make patch
- id: prepare
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV
- name: Compare Versions
id: compare
run: |
version1="${{ env.tag }}"
version2="v2.9.0"
compareVersions() {
local v1="$(awk '{ gsub(/^v/, ""); print }' <<< "$1")"
local v2="$(awk '{ gsub(/^v/, ""); print }' <<< "$2")"
awk -v n1="$v1" -v n2="$v2" 'BEGIN { if (n1 < n2) print "ver_check=true"; else print "ver_check=false" }'
}
echo $(compareVersions "$version1" "$version2") >> $GITHUB_ENV
echo $(compareVersions "$version1" "$version2")
- name: Check if component is db
if: ${{ (matrix.component == 'db') && (env.ver_check == 'true') }}
run: |
bash ./scripts/convert.sh ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
cat ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
- name: Build base image
uses: docker/build-push-action@v5
with:
context: ./harbor
file: ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
platforms: linux/amd64,linux/arm64
labels: |
org.opencontainers.image.source=https://github.com/${{ github.repository }}
org.opencontainers.image.revision=${{ env.tag }}
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/${{ github.repository }}/harbor-${{ matrix.component }}-base:${{ env.tag }}
docker-image:
needs:
- docker-base-image
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
component:
- prepare
- db
- portal
- core
- jobservice
- log
- nginx
- registryctl
- notary
- trivy_adapter
- redis
- chart_server
- standalone_db_migrator
- exporter
defaults:
run:
working-directory: ./
steps:
- uses: actions/checkout@v4
with:
submodules: true
- uses: actions/setup-go@v5
with:
go-version: '^1.20.x'
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
with:
driver: docker-container
driver-opts: network=host
- run: make patch
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- id: prepare
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV
- name: Compare Versions
id: compare
run: |
version1="${{ env.tag }}"
version2="v2.9.0"
compareVersions() {
local v1="$(awk '{ gsub(/^v/, ""); print }' <<< "$1")"
local v2="$(awk '{ gsub(/^v/, ""); print }' <<< "$2")"
awk -v n1="$v1" -v n2="$v2" 'BEGIN { if (n1 < n2) print "ver_check=true"; else print "ver_check=false" }'
}
echo $(compareVersions "$version1" "$version2") >> $GITHUB_ENV
echo $(compareVersions "$version1" "$version2")
- name: Check if component is db
if: ${{ (matrix.component == 'db') && (env.ver_check == 'true') }}
run: |
bash ./scripts/convert.sh ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
cat ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
- name: Build & Publish images
env:
IMAGENAMESPACE: ghcr.io/${{ github.repository }}
BASEIMAGENAMESPACE: ghcr.io/${{ github.repository }}
IMAGELABELS: org.opencontainers.image.source=https://github.com/${{ github.repository }}
MULTIARCH: true
TRIVYFLAG: true
CHARTFLAG: true
NOTARYFLAG: true
run: |
cd ./harbor;
set -eux;
CTX="BUILDBIN=true VERSIONTAG=${{ env.tag }} BASEIMAGETAG=${{ env.tag }} MULTIARCH=${MULTIARCH} "
CTX+="IMAGENAMESPACE=${IMAGENAMESPACE} BASEIMAGENAMESPACE=${BASEIMAGENAMESPACE} TRIVYFLAG=${TRIVYFLAG} "
CTX+="CHARTFLAG=${CHARTFLAG} NOTARYFLAG=${CHARTFLAG} IMAGELABELS=${IMAGELABELS}"
make versions_prepare ${CTX};
case ${{ matrix.component }} in
core) make compile_core ${CTX} ;;
jobservice) make compile_jobservice ${CTX};;
registryctl) make compile_registryctl ${CTX};;
notary*) make compile_notary_migrate_patch ${CTX} ;;
standalone_db_migrator) make compile_standalone_db_migrator ${CTX} ;;
esac;
case ${{ matrix.component }} in
exporter) make build BUILDTARGET="_compile_and_build_exporter" ${CTX} ;;
registryctl) make build BUILDTARGET="_build_registry _build_registryctl" ${CTX} ;;
*) make build BUILDTARGET="_build_${{ matrix.component }}" ${CTX} ;;
esac;
harbor-building:
needs:
- 'docker-image'
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: false
defaults:
run:
working-directory: ./
steps:
- uses: actions/checkout@v4
with:
submodules: true
- uses: actions/setup-go@v5
with:
go-version: '^1.20.x'
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
with:
driver: docker-container
driver-opts: network=host
- run: make patch
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- id: prepare
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV
- name: Load remote Docker images
run: |
load_remote_image() {
image_name="$1"
docker pull --platform=linux/arm64 "ghcr.io/${{ github.repository }}/$image_name:${{ env.tag }}"
}
images=(
"harbor-log"
"harbor-exporter"
"harbor-db"
"harbor-jobservice"
"harbor-registryctl"
"harbor-portal"
"harbor-core"
"nginx-photon"
"redis-photon"
"trivy-adapter-photon"
"registry-photon"
"prepare"
"notary-server-photon"
"notary-signer-photon"
"chartmuseum-photon"
)
for image in "${images[@]}"; do
load_remote_image "$image"
done
- name: Retag Docker images
run: |
retag_image() {
image_name="$1"
docker tag "ghcr.io/${{ github.repository }}/$image_name:${{ env.tag }}" "goharbor/$image_name:${{ env.tag }}"
}
images=(
"harbor-log"
"harbor-exporter"
"harbor-db"
"harbor-jobservice"
"harbor-registryctl"
"harbor-portal"
"harbor-core"
"nginx-photon"
"redis-photon"
"trivy-adapter-photon"
"registry-photon"
"prepare"
"notary-server-photon"
"notary-signer-photon"
"chartmuseum-photon"
)
for image in "${images[@]}"; do
retag_image "$image"
done
- name: Docker packaging Offline installer
run: |
# Run the 'package_offline' command in ./harbor/Makefile
cd ./harbor
sed -i 's/package_offline: update_prepare_version compile build/package_offline: update_prepare_version/' Makefile
sed -i 's/TRIVYFLAG=false/TRIVYFLAG=true/' Makefile
sed -i 's/NOTARYFLAG=false/NOTARYFLAG=true/' Makefile
sed -i 's/CHARTFLAG=false/CHARTFLAG=true/' Makefile
sed -i '0,/VERSIONTAG=dev/s//VERSIONTAG=v2.7.4/' Makefile
make package_offline
- run: ls -al | grep harbor-offline-installer
- run: ls -al ./harbor | grep harbor-offline-installer