Skip to content

Commit d2b4945

Browse files
mkuratczykmkuratczyk
committed
Separate workflow for building ARM64 OCI on main
1 parent 71dc1f1 commit d2b4945

File tree

1 file changed

+177
-0
lines changed

1 file changed

+177
-0
lines changed

.github/workflows/oci-arm64-make.yaml

Lines changed: 177 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,177 @@
1+
# This file should be identical to oci-make, except it should built the ARM64
2+
# image and only for the main branch. It's a separate workflow due to the performance
3+
# of building the ARM64 image. This way we only build it on main, where it should
4+
# take advantage of the cache.
5+
#
6+
# https://github.com/marketplace/actions/build-and-push-docker-images
7+
name: OCI ARM64 (make)
8+
on:
9+
push:
10+
branches:
11+
- main
12+
paths-ignore:
13+
- '.github/workflows/secondary-umbrella.yaml'
14+
- '.github/workflows/update-elixir-patches.yaml'
15+
- '.github/workflows/update-otp-patches.yaml'
16+
workflow_dispatch:
17+
env:
18+
REGISTRY_IMAGE: pivotalrabbitmq/rabbitmq
19+
concurrency:
20+
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
21+
cancel-in-progress: true
22+
jobs:
23+
build-package-generic-unix:
24+
runs-on: ubuntu-latest
25+
outputs:
26+
authorized: ${{ steps.authorized.outputs.authorized }}
27+
steps:
28+
- name: CHECK IF IMAGE WILL PUSH
29+
id: authorized
30+
run: |
31+
if [ -n "${{ secrets.DOCKERHUB_PASSWORD }}" ]; then
32+
echo "authorized=true" | tee -a $GITHUB_OUTPUT
33+
else
34+
echo "authorized=false" | tee -a $GITHUB_OUTPUT
35+
fi
36+
- name: Checkout
37+
if: steps.authorized.outputs.authorized == 'true'
38+
uses: actions/checkout@v4
39+
- name: Configure Erlang
40+
if: steps.authorized.outputs.authorized == 'true'
41+
uses: erlef/setup-beam@v1
42+
with:
43+
otp-version: 26.2
44+
elixir-version: 1.15
45+
- name: make package-generic-unix
46+
if: steps.authorized.outputs.authorized == 'true'
47+
run: |
48+
make package-generic-unix PROJECT_VERSION=4.0.0
49+
- name: Upload package-generic-unix
50+
if: steps.authorized.outputs.authorized == 'true'
51+
uses: actions/[email protected]
52+
with:
53+
name: package-generic-unix
54+
path: PACKAGES/rabbitmq-server-*.tar.xz
55+
56+
build:
57+
needs: build-package-generic-unix
58+
runs-on: ubuntu-latest
59+
if: ${{ needs.build-package-generic-unix.outputs.authorized }} == 'true'
60+
strategy:
61+
fail-fast: false
62+
matrix:
63+
platform:
64+
- linux/arm64
65+
steps:
66+
- name: Prepare
67+
run: |
68+
platform=${{ matrix.platform }}
69+
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
70+
- name: Checkout
71+
uses: actions/checkout@v4
72+
- name: Download package-generic-unix
73+
uses: actions/download-artifact@v4
74+
with:
75+
name: package-generic-unix
76+
path: PACKAGES
77+
- name: Rename package-generic-unix
78+
run: |
79+
cp \
80+
PACKAGES/rabbitmq-server-generic-unix-*.tar.xz \
81+
packaging/docker-image/package-generic-unix.tar.xz
82+
- name: Docker meta
83+
id: meta
84+
uses: docker/metadata-action@v5
85+
with:
86+
images: ${{ env.REGISTRY_IMAGE }}
87+
tags: |
88+
type=ref,event=branch
89+
type=ref,event=pr
90+
type=sha,format=long
91+
- name: Set up QEMU
92+
uses: docker/setup-qemu-action@v3
93+
- name: Set up Docker Buildx
94+
uses: docker/setup-buildx-action@v3
95+
- name: Login to GitHub Container Registry
96+
uses: docker/login-action@v3
97+
with:
98+
registry: ghcr.io
99+
username: ${{ github.actor }}
100+
password: ${{ secrets.GITHUB_TOKEN }}
101+
- name: Login to Docker Hub
102+
uses: docker/login-action@v3
103+
with:
104+
username: ${{ secrets.DOCKERHUB_USERNAME }}
105+
password: ${{ secrets.DOCKERHUB_PASSWORD }}
106+
- name: Build and push by digest
107+
id: build
108+
uses: docker/build-push-action@v6
109+
with:
110+
context: packaging/docker-image
111+
platforms: ${{ matrix.platform }}
112+
labels: ${{ steps.meta.outputs.labels }}
113+
cache-to: type=gha
114+
cache-from: type=gha
115+
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
116+
- name: Export digest
117+
run: |
118+
mkdir -p /tmp/digests
119+
digest="${{ steps.build.outputs.digest }}"
120+
touch "/tmp/digests/${digest#sha256:}"
121+
- name: Upload digest
122+
uses: actions/upload-artifact@v4
123+
with:
124+
name: digests-${{ env.PLATFORM_PAIR }}
125+
path: /tmp/digests/*
126+
if-no-files-found: error
127+
retention-days: 1
128+
129+
merge:
130+
needs:
131+
- build
132+
runs-on: ubuntu-latest
133+
if: ${{ needs.build-package-generic-unix.outputs.authorized }} == 'true'
134+
steps:
135+
- name: Download digests
136+
uses: actions/download-artifact@v4
137+
with:
138+
path: /tmp/digests
139+
pattern: digests-*
140+
merge-multiple: true
141+
- name: Set up Docker Buildx
142+
uses: docker/setup-buildx-action@v3
143+
- name: Docker meta
144+
id: meta
145+
uses: docker/metadata-action@v5
146+
with:
147+
images: ${{ env.REGISTRY_IMAGE }}
148+
tags: |
149+
type=ref,event=branch
150+
type=ref,event=pr
151+
type=sha,format=long
152+
- name: Login to Docker Hub
153+
uses: docker/login-action@v3
154+
with:
155+
username: ${{ secrets.DOCKERHUB_USERNAME }}
156+
password: ${{ secrets.DOCKERHUB_PASSWORD }}
157+
- name: Create manifest list and push
158+
working-directory: /tmp/digests
159+
run: |
160+
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
161+
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
162+
- name: Inspect image
163+
run: |
164+
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}
165+
166+
summary-oci:
167+
needs:
168+
- build-package-generic-unix
169+
- build
170+
- merge
171+
runs-on: ubuntu-latest
172+
steps:
173+
- name: SUMMARY
174+
run: |
175+
cat << 'EOF' | jq -e 'map(.result == "success") | all(.)'
176+
${{ toJson(needs) }}
177+
EOF

0 commit comments

Comments
 (0)