Skip to content

v2.10.1 test

v2.10.1 test #37

name: Docker publish
on:
workflow_dispatch:
inputs:
version:
description: 'Version (optional)'
required: false
push:
branches:
- 'main'
jobs:
docker-base-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
component:
- trivy-adapter
- core
- db
- exporter
- jobservice
- log
- nginx
- portal
- prepare
- redis
- registry
- registryctl
defaults:
run:
working-directory: ./
steps:
- uses: actions/checkout@v4
with:
submodules: true
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
with:
driver: docker-container
driver-opts: network=host
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- run: make patch
- id: prepare
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV
- name: Check if component is db
if: ${{ (matrix.component == 'db') }}
run: |
bash ./scripts/convert.sh ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
cat ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
- name: Build base image
uses: docker/build-push-action@v5
with:
context: ./harbor
file: ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
platforms: linux/amd64,linux/arm64
labels: |
org.opencontainers.image.source=https://github.com/${{ github.repository }}
org.opencontainers.image.revision=${{ env.tag }}
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/${{ github.repository }}/harbor-${{ matrix.component }}-base:${{ env.tag }}
docker-image:
needs:
- docker-base-image
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
component:
- prepare
- db
- portal
- core
- jobservice
- log
- nginx
- registryctl
- trivy_adapter
- redis
- standalone_db_migrator
- exporter
defaults:
run:
working-directory: ./
steps:
- uses: actions/checkout@v4
with:
submodules: true
- uses: actions/setup-go@v5
with:
go-version: '^1.20.x'
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
with:
driver: docker-container
driver-opts: network=host
- run: make patch
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- id: prepare
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV
- name: Check if component is db
if: ${{ (matrix.component == 'db') }}
run: |
bash ./scripts/convert.sh ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
cat ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base
- name: Build & Publish images
env:
IMAGENAMESPACE: ghcr.io/${{ github.repository }}
BASEIMAGENAMESPACE: ghcr.io/${{ github.repository }}
IMAGELABELS: org.opencontainers.image.source=https://github.com/${{ github.repository }}
MULTIARCH: true
TRIVYFLAG: true
CHARTFLAG: true
NOTARYFLAG: true
run: |
cd ./harbor;
set -eux;
CTX="BUILDBIN=true VERSIONTAG=${{ env.tag }} BASEIMAGETAG=${{ env.tag }} MULTIARCH=${MULTIARCH} "
CTX+="IMAGENAMESPACE=${IMAGENAMESPACE} BASEIMAGENAMESPACE=${BASEIMAGENAMESPACE} TRIVYFLAG=${TRIVYFLAG} "
CTX+="CHARTFLAG=${CHARTFLAG} NOTARYFLAG=${CHARTFLAG} IMAGELABELS=${IMAGELABELS}"
make versions_prepare ${CTX};
case ${{ matrix.component }} in
core) make compile_core ${CTX} ;;
jobservice) make compile_jobservice ${CTX};;
registryctl) make compile_registryctl ${CTX};;
standalone_db_migrator) make compile_standalone_db_migrator ${CTX} ;;
esac;
case ${{ matrix.component }} in
exporter) make build BUILDTARGET="_compile_and_build_exporter" ${CTX} ;;
registryctl) make build BUILDTARGET="_build_registry _build_registryctl" ${CTX} ;;
*) make build BUILDTARGET="_build_${{ matrix.component }}" ${CTX} ;;
esac;
# harbor-building:
# needs:
# - 'docker-image'
# runs-on: ubuntu-latest
# permissions:
# contents: read
# packages: write
# strategy:
# fail-fast: false
# defaults:
# run:
# working-directory: ./
# steps:
# - uses: actions/checkout@v4
# with:
# submodules: true
# - uses: actions/setup-go@v5
# with:
# go-version: '^1.20.x'
# - uses: docker/setup-qemu-action@v3
# - uses: docker/setup-buildx-action@v3
# with:
# driver: docker-container
# driver-opts: network=host
# - run: make patch
# - uses: docker/login-action@v3
# with:
# registry: ghcr.io
# username: ${{ github.actor }}
# password: ${{ secrets.GITHUB_TOKEN }}
# - id: prepare
# run: echo "tag=$(cat ./version)" >> $GITHUB_ENV
# - name: Load remote Docker images
# run: |
# load_remote_image() {
# image_name="$1"
# docker pull --platform=linux/arm64 "ghcr.io/${{ github.repository }}/$image_name:${{ env.tag }}"
# }
# images=(
# "harbor-log"
# "harbor-exporter"
# "harbor-db"
# "harbor-jobservice"
# "harbor-registryctl"
# "harbor-portal"
# "harbor-core"
# "nginx-photon"
# "redis-photon"
# "trivy-adapter-photon"
# "registry-photon"
# "prepare"
# "notary-server-photon"
# "notary-signer-photon"
# "chartmuseum-photon"
# )
# for image in "${images[@]}"; do
# load_remote_image "$image"
# done
# - name: Retag Docker images
# run: |
# retag_image() {
# image_name="$1"
# docker tag "ghcr.io/${{ github.repository }}/$image_name:${{ env.tag }}" "goharbor/$image_name:${{ env.tag }}"
# }
# images=(
# "harbor-log"
# "harbor-exporter"
# "harbor-db"
# "harbor-jobservice"
# "harbor-registryctl"
# "harbor-portal"
# "harbor-core"
# "nginx-photon"
# "redis-photon"
# "trivy-adapter-photon"
# "registry-photon"
# "prepare"
# "notary-server-photon"
# "notary-signer-photon"
# "chartmuseum-photon"
# )
# for image in "${images[@]}"; do
# retag_image "$image"
# done
# - name: Docker packaging Offline installer
# env:
# version: ${{ env.tag }}
# run: |
# # Run the 'package_offline' command in ./harbor/Makefile
# cd ./harbor
# sed -i 's/package_offline: update_prepare_version compile build/package_offline: update_prepare_version/' Makefile
# sed -i 's/PKGVERSIONTAG=dev/PKGVERSIONTAG='"${version}"'-arm64/' Makefile
# sed -i 's/VERSIONTAG=dev/VERSIONTAG='"${version}"'/' Makefile
# sed -i 's/TRIVYFLAG=false/TRIVYFLAG=true/' Makefile
# make package_offline
# - name: Synology Upload Action
# uses: bungabear/synology_upload_action@v1.0.0
# with:
# host: ${{ secrets.NAS_DOMAIN }}
# username: ${{ secrets.NAS_ID }}
# password: ${{ secrets.NAS_PW }}
# filepath: ./harbor/harbor-offline-installer-${{ env.tag }}-arm64.tgz
# uploadpath: ${{ secrets.NAS_PATH }}
# filename: harbor-offline-installer-${{ env.tag }}-arm64.tgz
# overwrite: true
# createparent: true