fix docker image digest parse issue and output

smartcontractkit · Aug 29, 2024 · 5122cb5 · 5122cb5
1 parent 58c5271
commit 5122cb5
Showing 1 changed file with 32 additions and 8 deletions.
diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml
@@ -110,31 +110,55 @@ jobs:
         shell: bash
         run: |
           artifact_path="dist/artifacts.json"
+          # temp debug
+          cat ${artifact_path}
+
+          jq -r '.[] | select(.type == "Docker Image") | "\(.name)"' ${artifact_path} >> output.txt
           echo "### Docker Images" | tee -a "$GITHUB_STEP_SUMMARY"
-          echo "arm64-digest=$(jq -r '.[]|select(.type=="Published Docker Image" and .goarch=="arm64")|.extra.Digest' ${artifact_path})" | tee -a "$GITHUB_OUTPUT"
-          echo "amd64-digest=$(jq -r '.[]|select(.type=="Published Docker Image" and .goarch=="amd64")|.extra.Digest' ${artifact_path})" | tee -a "$GITHUB_OUTPUT"
-          jq -r '.[] | select(.type == "Docker Image") | "`\(.goarch)-image`: \(.name)"' ${artifact_path} >> output.txt
-          jq -r '.[] | select(.type == "Published Docker Image") | "`\(.goarch)-digest`: \(.extra.Digest)"' ${artifact_path} >> output.txt
           while read -r line; do
             echo "$line" | tee -a "$GITHUB_STEP_SUMMARY"
           done < output.txt
 
+          core_amd64_name="${{ env.ECR_HOSTNAME }}/${{ env.ECR_IMAGE_NAME }}:${{ github.ref_name }}-amd64"
+          plugins_amd64_name="${{ env.ECR_HOSTNAME }}/${{ env.ECR_IMAGE_NAME }}:${{ github.ref_name }}-plugins-amd64"
+          core_arm64_name="${{ env.ECR_HOSTNAME }}/${{ env.ECR_IMAGE_NAME }}:${{ github.ref_name }}-arm64"
+          plugins_arm64_name="${{ env.ECR_HOSTNAME }}/${{ env.ECR_IMAGE_NAME }}:${{ github.ref_name }}-plugins-arm64"
+
+          echo "core_amd64_digest=$(jq -r --arg name "$core_amd64_name" '.[]|select(.type=="Published Docker Image" and .name==$name)|.extra.Digest' ${artifact_path})" | tee -a "$GITHUB_OUTPUT" "$GITHUB_STEP_SUMMARY"
+          echo "plugins_amd64_digest=$(jq -r --arg name "$plugins_amd64_name" '.[]|select(.type=="Published Docker Image" and .name==$name)|.extra.Digest' ${artifact_path})" | tee -a "$GITHUB_OUTPUT" "$GITHUB_STEP_SUMMARY"
+          echo "core_arm64_digest=$(jq -r --arg name "$core_amd64_name" '.[]|select(.type=="Published Docker Image" and .name==$name)|.extra.Digest' ${artifact_path})" | tee -a "$GITHUB_OUTPUT" "$GITHUB_STEP_SUMMARY"
+          echo "plugins_arm64_digest=$(jq -r --arg name "$plugins_amd64_name" '.[]|select(.type=="Published Docker Image" and .name==$name)|.extra.Digest' ${artifact_path})" | tee -a "$GITHUB_OUTPUT" "$GITHUB_STEP_SUMMARY"
+
       - name: Attest tarballs
         uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1.4.2
         with:
           subject-path: "dist/*.tar.gz"
 
-      - name: Attest Docker image (amd64)
+      - name: Attest Docker image (core-amd64)
+        uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1.4.2
+        with:
+          subject-digest: ${{ steps.get-image-name-digest.outputs.core_amd64_digest }}
+          subject-name: ${{ env.ECR_HOSTNAME }}/${{ env.ECR_IMAGE_NAME }}
+          push-to-registry: true
+
+      - name: Attest Docker image (plugings-amd64)
+        uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1.4.2
+        with:
+          subject-digest: ${{ steps.get-image-name-digest.outputs.plugins_amd64_digest }}
+          subject-name: ${{ env.ECR_HOSTNAME }}/${{ env.ECR_IMAGE_NAME }}
+          push-to-registry: true
+
+      - name: Attest Docker image (core-arm64)
         uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1.4.2
         with:
-          subject-digest: ${{ steps.get-image-name-digest.outputs.amd64-digest }}
+          subject-digest: ${{ steps.get-image-name-digest.outputs.core_arm64_digest }}
           subject-name: ${{ env.ECR_HOSTNAME }}/${{ env.ECR_IMAGE_NAME }}
           push-to-registry: true
 
-      - name: Attest Docker image (arm64)
+      - name: Attest Docker image (plugings-arm64)
         uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1.4.2
         with:
-          subject-digest: ${{ steps.get-image-name-digest.outputs.arm64-digest }}
+          subject-digest: ${{ steps.get-image-name-digest.outputs.plugins_arm64_digest }}
           subject-name: ${{ env.ECR_HOSTNAME }}/${{ env.ECR_IMAGE_NAME }}
           push-to-registry: true