.github/workflows/release.yaml #340
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- main | |
schedule: | |
- cron: '0 1 * * *' | |
workflow_dispatch: | |
inputs: | |
only: | |
description: 'Specific image name to build' | |
type: string | |
required: false | |
default: '' | |
concurrency: release | |
jobs: | |
generate-matrix: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.generate-matrix.outputs.matrix }} | |
steps: | |
- uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 | |
- id: generate-matrix | |
run: | | |
set -x | |
# TODO: set ONLY env var based on changed files | |
matrix="$(ONLY="${{ inputs.only }}" ./hack/matrix.sh)" | |
echo "matrix=${matrix}" >> $GITHUB_OUTPUT | |
build: | |
runs-on: ubuntu-latest | |
needs: generate-matrix | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
permissions: | |
id-token: write | |
packages: write | |
contents: read | |
steps: | |
# Setup required tooling etc. | |
- name: Setup QEMU | |
if: ${{ matrix.melangeConfig != '' }} | |
uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 | |
- uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_version: '1.3.*' | |
terraform_wrapper: false | |
# Checkout this repo's source code | |
- uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 | |
# Build custom package using melange (if specified) | |
- id: melange | |
if: ${{ matrix.melangeConfig != '' }} | |
uses: chainguard-dev/actions/melange-build@main | |
with: | |
multi-config: ${{ matrix.melangeConfig }} | |
empty-workspace: false | |
workdir: images/${{ matrix.imageName }} | |
sign-with-temporary-key: true | |
archs: x86_64,aarch64 | |
# Auth to GitHub Container Registry (ghcr.io) | |
- name: Login to registry | |
run: | | |
set -x | |
echo "${{ github.token }}" | docker login \ | |
-u "${{ github.repository_owner }}" \ | |
--password-stdin ghcr.io | |
# Build and push image using terraform-provider-apko | |
- name: Build image with apko/terraform | |
env: | |
TF_VAR_target_repository: ghcr.io/${{ github.repository_owner }}/${{ matrix.imageName }} | |
run: | | |
set -x | |
cd images/${{ matrix.imageName }}/ | |
terraform init | |
terraform apply -auto-approve |