chown #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker publish | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: 'Version (optional)' | |
required: false | |
push: | |
branches: | |
- 'main' | |
jobs: | |
docker-base-image: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
strategy: | |
fail-fast: false | |
matrix: | |
component: | |
- chartserver | |
- trivy-adapter | |
- core | |
- db | |
- exporter | |
- jobservice | |
- log | |
- nginx | |
- notary-server | |
- notary-signer | |
- portal | |
- prepare | |
- redis | |
- registry | |
- registryctl | |
defaults: | |
run: | |
working-directory: ./ | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- uses: docker/setup-qemu-action@v3 | |
- uses: docker/setup-buildx-action@v3 | |
with: | |
driver: docker-container | |
driver-opts: network=host | |
- uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- run: make patch | |
- id: prepare | |
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV | |
- name: Compare Versions | |
id: compare | |
run: | | |
version1="${{ env.tag }}" | |
version2="v2.9.0" | |
compareVersions() { | |
local v1="$(awk '{ gsub(/^v/, ""); print }' <<< "$1")" | |
local v2="$(awk '{ gsub(/^v/, ""); print }' <<< "$2")" | |
awk -v n1="$v1" -v n2="$v2" 'BEGIN { if (n1 < n2) print "ver_check=true"; else print "ver_check=false" }' | |
} | |
echo $(compareVersions "$version1" "$version2") >> $GITHUB_ENV | |
echo $(compareVersions "$version1" "$version2") | |
- name: Check if component is db | |
if: ${{ (matrix.component == 'db') && (env.ver_check == 'true') }} | |
run: | | |
bash ./scripts/convert.sh ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | |
cat ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | |
- name: Build base image | |
uses: docker/build-push-action@v5 | |
with: | |
context: ./harbor | |
file: ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | |
platforms: linux/amd64,linux/arm64 | |
labels: | | |
org.opencontainers.image.source=https://github.com/${{ github.repository }} | |
org.opencontainers.image.revision=${{ env.tag }} | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ghcr.io/${{ github.repository }}/harbor-${{ matrix.component }}-base:${{ env.tag }} | |
docker-image: | |
needs: | |
- docker-base-image | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
strategy: | |
fail-fast: false | |
matrix: | |
component: | |
- prepare | |
- db | |
- portal | |
- core | |
- jobservice | |
- log | |
- nginx | |
- registryctl | |
- notary | |
- trivy_adapter | |
- redis | |
- chart_server | |
- standalone_db_migrator | |
- exporter | |
defaults: | |
run: | |
working-directory: ./ | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: '^1.20.x' | |
- uses: docker/setup-qemu-action@v3 | |
- uses: docker/setup-buildx-action@v3 | |
with: | |
driver: docker-container | |
driver-opts: network=host | |
- run: make patch | |
- uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- id: prepare | |
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV | |
- name: Compare Versions | |
id: compare | |
run: | | |
version1="${{ env.tag }}" | |
version2="v2.9.0" | |
compareVersions() { | |
local v1="$(awk '{ gsub(/^v/, ""); print }' <<< "$1")" | |
local v2="$(awk '{ gsub(/^v/, ""); print }' <<< "$2")" | |
awk -v n1="$v1" -v n2="$v2" 'BEGIN { if (n1 < n2) print "ver_check=true"; else print "ver_check=false" }' | |
} | |
echo $(compareVersions "$version1" "$version2") >> $GITHUB_ENV | |
echo $(compareVersions "$version1" "$version2") | |
- name: Check if component is db | |
if: ${{ (matrix.component == 'db') && (env.ver_check == 'true') }} | |
run: | | |
bash ./scripts/convert.sh ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | |
cat ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | |
- name: Build & Publish images | |
env: | |
IMAGENAMESPACE: ghcr.io/${{ github.repository }} | |
BASEIMAGENAMESPACE: ghcr.io/${{ github.repository }} | |
IMAGELABELS: org.opencontainers.image.source=https://github.com/${{ github.repository }} | |
MULTIARCH: true | |
TRIVYFLAG: true | |
CHARTFLAG: true | |
NOTARYFLAG: true | |
run: | | |
cd ./harbor; | |
set -eux; | |
CTX="BUILDBIN=true VERSIONTAG=${{ env.tag }} BASEIMAGETAG=${{ env.tag }} MULTIARCH=${MULTIARCH} " | |
CTX+="IMAGENAMESPACE=${IMAGENAMESPACE} BASEIMAGENAMESPACE=${BASEIMAGENAMESPACE} TRIVYFLAG=${TRIVYFLAG} " | |
CTX+="CHARTFLAG=${CHARTFLAG} NOTARYFLAG=${CHARTFLAG} IMAGELABELS=${IMAGELABELS}" | |
make versions_prepare ${CTX}; | |
case ${{ matrix.component }} in | |
core) make compile_core ${CTX} ;; | |
jobservice) make compile_jobservice ${CTX};; | |
registryctl) make compile_registryctl ${CTX};; | |
notary*) make compile_notary_migrate_patch ${CTX} ;; | |
standalone_db_migrator) make compile_standalone_db_migrator ${CTX} ;; | |
esac; | |
case ${{ matrix.component }} in | |
exporter) make build BUILDTARGET="_compile_and_build_exporter" ${CTX} ;; | |
registryctl) make build BUILDTARGET="_build_registry _build_registryctl" ${CTX} ;; | |
*) make build BUILDTARGET="_build_${{ matrix.component }}" ${CTX} ;; | |
esac; | |
harbor-building: | |
needs: | |
- 'docker-image' | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
strategy: | |
fail-fast: false | |
defaults: | |
run: | |
working-directory: ./ | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: '^1.20.x' | |
- uses: docker/setup-qemu-action@v3 | |
- uses: docker/setup-buildx-action@v3 | |
with: | |
driver: docker-container | |
driver-opts: network=host | |
- run: make patch | |
- uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- id: prepare | |
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV | |
- name: Load remote Docker images | |
run: | | |
load_remote_image() { | |
image_name="$1" | |
docker pull --platform=linux/arm64 "ghcr.io/${{ github.repository }}/$image_name:${{ env.tag }}" | |
} | |
images=( | |
"harbor-log" | |
"harbor-exporter" | |
"harbor-db" | |
"harbor-jobservice" | |
"harbor-registryctl" | |
"harbor-portal" | |
"harbor-core" | |
"nginx-photon" | |
"redis-photon" | |
"trivy-adapter-photon" | |
"registry-photon" | |
"prepare" | |
"notary-server-photon" | |
"notary-signer-photon" | |
"chartmuseum-photon" | |
) | |
for image in "${images[@]}"; do | |
load_remote_image "$image" | |
done | |
- name: Retag Docker images | |
run: | | |
retag_image() { | |
image_name="$1" | |
docker tag "ghcr.io/${{ github.repository }}/$image_name:${{ env.tag }}" "goharbor/$image_name:${{ env.tag }}" | |
} | |
images=( | |
"harbor-log" | |
"harbor-exporter" | |
"harbor-db" | |
"harbor-jobservice" | |
"harbor-registryctl" | |
"harbor-portal" | |
"harbor-core" | |
"nginx-photon" | |
"redis-photon" | |
"trivy-adapter-photon" | |
"registry-photon" | |
"prepare" | |
"notary-server-photon" | |
"notary-signer-photon" | |
"chartmuseum-photon" | |
) | |
for image in "${images[@]}"; do | |
retag_image "$image" | |
done | |
- name: Docker packaging Offline installer | |
run: | | |
# Run the 'package_offline' command in ./harbor/Makefile | |
cd ./harbor | |
sed -i 's/package_offline: update_prepare_version compile build/package_offline: update_prepare_version/' Makefile | |
sed -i 's/TRIVYFLAG=false/TRIVYFLAG=true/' Makefile | |
sed -i 's/NOTARYFLAG=false/NOTARYFLAG=true/' Makefile | |
sed -i 's/CHARTFLAG=false/CHARTFLAG=true/' Makefile | |
sed -i '0,/VERSIONTAG=dev/s//VERSIONTAG=v2.7.4/' Makefile | |
make package_offline | |
- run: ls -al | grep harbor-offline-installer | |
- run: ls -al ./harbor | grep harbor-offline-installer |