docker/bake-action
0
0
Fork 0
mirror of https://github.com/docker/bake-action.git synced 2025-07-14 12:41:53 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
bake-action/.github/workflows/ci.yml

782 lines
19 KiB
YAML
Raw Permalink Blame History

name: ci
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on:
workflow_dispatch:
inputs:
buildx-version:
description: 'Buildx version or Git context'
default: 'latest'
required: false
buildkit-image:
description: 'BuildKit image'
default: 'moby/buildkit:buildx-stable-1'
required: false
schedule:
- cron: '0 10 * * *'
push:
branches:
- 'master'
- 'releases/v*'
tags:
- 'v*'
paths-ignore:
- '.github/workflows/ci-subaction.yml'
- 'subaction/**'
pull_request:
paths-ignore:
- '.github/workflows/ci-subaction.yml'
- 'subaction/**'
env:
BUILDX_VERSION: edge
BUILDKIT_IMAGE: moby/buildkit:latest
jobs:
bake:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
target:
- default
- release
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
network=host
-
name: Build and push
uses: ./
with:
source: .
builder: ${{ steps.buildx.outputs.name }}
files: |
./test/config.hcl
targets: |
${{ matrix.target }}
push: false # set to true when https://github.com/docker/buildx/issues/179 is fixed
error-msg:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Build
continue-on-error: true
uses: ./
with:
source: .
files: |
./test/config.hcl
set: |
*.platform=linux/amd64,linux/ppc64le,linux/s390x
error-check:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Stop docker
run: |
sudo systemctl stop docker docker.socket
-
name: Build
id: bake
continue-on-error: true
uses: ./
with:
source: .
files: |
./test/config.hcl
-
name: Check
run: |
echo "${{ toJson(steps.bake) }}"
if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then
echo "::error::Should have failed"
exit 1
fi
standalone:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Uninstall docker cli
run: |
if dpkg -s "docker-ce" >/dev/null 2>&1; then
sudo dpkg -r --force-depends docker-ce-cli docker-buildx-plugin
else
sudo apt-get purge -y moby-cli moby-buildx
fi
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
remote:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Build
uses: ./
with:
source: https://github.com/docker/buildx.git#v0.8.2
targets: update-docs
provenance:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
attrs:
- ''
- mode=max
- builder-id=foo
- false
- true
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
workdir: ./test/go
source: .
targets: binary
provenance: ${{ matrix.attrs }}
set: |
*.output=type=oci,dest=/tmp/build.tar
*.cache-from=type=gha,scope=provenance
*.cache-to=type=gha,scope=provenance,mode=max
sbom:
runs-on: ubuntu-latest
env:
DESTDIR: /tmp/bake-build
strategy:
fail-fast: false
matrix:
include:
- target: image
output: type=image,name=localhost:5000/name/app:latest,push=true
- target: binary
output: /tmp/bake-build
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
workdir: ./test/go
source: .
targets: ${{ matrix.target }}
sbom: true
set: |
*.output=${{ matrix.output }}
*.cache-from=type=gha,scope=attests-${{ matrix.target }}
*.cache-to=type=gha,scope=attests-${{ matrix.target }},mode=max
-
name: Inspect image
if: matrix.target == 'image'
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
-
name: Check output folder
if: matrix.target == 'binary'
working-directory: ${{ env.DESTDIR }}
run: |
tree .
-
name: Print provenance
if: matrix.target == 'binary'
working-directory: ${{ env.DESTDIR }}
run: |
cat provenance.json | jq
-
name: Print SBOM
if: matrix.target == 'binary'
working-directory: ${{ env.DESTDIR }}
run: |
cat sbom.spdx.json | jq
set:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Build
uses: ./
with:
workdir: ./test/go
source: .
set: |
*.platform=linux/amd64
*.output=type=image,"name=localhost:5000/name/app:v1.0.0,localhost:5000/name/app:latest",push=true
*.tags=
group:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
network=host
-
name: Build and push
uses: ./
with:
workdir: ./test/group
source: .
push: true
set: |
t1.tags=localhost:5000/name/app:t1
t2.tags=localhost:5000/name/app:t2
docker-config-malformed:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set malformed docker config
run: |
mkdir -p ~/.docker
echo 'foo_bar' >> ~/.docker/config.json
-
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
proxy-docker-config:
runs-on: ubuntu-latest
services:
squid-proxy:
image: ubuntu/squid:latest
ports:
- 3128:3128
steps:
-
name: Check proxy
run: |
netstat -aptn
curl --retry 5 --retry-all-errors --retry-delay 0 --connect-timeout 5 --proxy http://127.0.0.1:3128 -v --insecure --head https://www.google.com
-
name: Checkout
uses: actions/checkout@v4
-
name: Set proxy config
run: |
mkdir -p ~/.docker
echo '{"proxies":{"default":{"httpProxy":"http://127.0.0.1:3128","httpsProxy":"http://127.0.0.1:3128"}}}' > ~/.docker/config.json
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
network=host
buildkitd-flags: --debug
-
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
targets: app-proxy
proxy-buildkitd:
runs-on: ubuntu-latest
services:
squid-proxy:
image: ubuntu/squid:latest
ports:
- 3128:3128
steps:
-
name: Check proxy
run: |
netstat -aptn
curl --retry 5 --retry-all-errors --retry-delay 0 --connect-timeout 5 --proxy http://127.0.0.1:3128 -v --insecure --head https://www.google.com
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
network=host
env.http_proxy=http://127.0.0.1:3128
env.https_proxy=http://127.0.0.1:3128
buildkitd-flags: --debug
-
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
git-context:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
git-context-and-local:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Docker meta
id: meta
uses: docker/metadata-action@v5
-
name: Build
uses: ./
with:
files: |
cwd://${{ steps.meta.outputs.bake-file }}
multi-output:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
-
name: Build and push
uses: ./
with:
workdir: ./test/go
source: .
set: |
*.output=type=image,name=localhost:5000/name/app:latest,push=true
*.output=type=docker,name=app:local
*.output=type=oci,dest=/tmp/oci.tar
-
name: Check registry
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
-
name: Check docker
run: |
docker image inspect app:local
-
name: Check oci
run: |
set -ex
mkdir -p /tmp/oci-out
tar xf /tmp/oci.tar -C /tmp/oci-out
tree -nh /tmp/oci-out
load-and-push:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
-
name: Build and push
uses: ./
with:
workdir: ./test/go
source: .
targets: image
load: true
push: true
set: |
*.tags=localhost:5000/name/app:latest
-
name: Check registry
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
-
name: Check docker
run: |
docker image inspect localhost:5000/name/app:latest
summary-disable:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_SUMMARY: false
summary-disable-deprecated:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_NO_SUMMARY: true
summary-not-supported:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: v0.12.1
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
record-upload-disable:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_RECORD_UPLOAD: false
record-retention-days:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
days:
- 2
- 0
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_RECORD_RETENTION_DAYS: ${{ matrix.days }}
export-legacy:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
legacy:
- false
- true
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_EXPORT_LEGACY: ${{ matrix.legacy }}
checks:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
buildx-version:
- edge
- v0.14.1
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ matrix.buildx-version }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
workdir: ./test
source: .
files: |
./lint.hcl
annotations-disabled:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
workdir: ./test
source: .
files: |
./lint.hcl
env:
DOCKER_BUILD_CHECKS_ANNOTATIONS: false
allow:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
buildx-version:
- edge
- v0.19.0
- v0.18.0
- v0.17.1
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ matrix.buildx-version }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
allow: network.host
targets: app-entitlements
no-default-attestations:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
env:
BUILDX_NO_DEFAULT_ATTESTATIONS: 1
Reference in New Issue View Git Blame Copy Permalink