matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-08-10 15:23:07 +03:00
Code Activity

ci: build syn2mas docker image as part of the build.yaml workflow

Browse Source
This commit is contained in:
Quentin Gliech
2023-10-09 14:47:11 +02:00
parent 1d5ce5f7cc
commit ef8596ae26
2 changed files with 44 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
.github/workflows/build.yaml vendored
View File

@@ -22,6 +22,8 @@ env:
CARGO_TERM_COLOR: always CARGO_TERM_COLOR: always
CARGO_NET_GIT_FETCH_WITH_CLI: "true" CARGO_NET_GIT_FETCH_WITH_CLI: "true"
IMAGE: ghcr.io/matrix-org/matrix-authentication-service IMAGE: ghcr.io/matrix-org/matrix-authentication-service
IMAGE_SYN2MAS: ghcr.io/matrix-org/matrix-authentication-service/syn2mas
BUILDCACHE: ghcr.io/matrix-org/matrix-authentication-service/buildcache
jobs: jobs:
build-binaries: build-binaries:
@@ -171,6 +173,22 @@ jobs:
type=semver,pattern={{major}} type=semver,pattern={{major}}
type=sha type=sha
- name: Docker meta (syn2mas)
id: meta-syn2mas
uses: docker/metadata-action@v5.0.0
with:
images: "${{ env.IMAGE_SYN2MAS }}"
bake-target: docker-metadata-action-syn2mas
flavor: |
latest=auto
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Setup Cosign - name: Setup Cosign
uses: sigstore/cosign-installer@v3.1.2 uses: sigstore/cosign-installer@v3.1.2
@@ -199,9 +217,11 @@ jobs:
docker-bake.hcl docker-bake.hcl
${{ steps.meta.outputs.bake-file }} ${{ steps.meta.outputs.bake-file }}
${{ steps.meta-debug.outputs.bake-file }} ${{ steps.meta-debug.outputs.bake-file }}
${{ steps.meta-syn2mas.outputs.bake-file }}
set: | set: |
base.context=https://github.com/${{ github.repository }}.git#${{ github.ref }} base.context=https://github.com/${{ github.repository }}.git#${{ github.ref }}
base.cache-from=type=registry,ref=${{ env.IMAGE }}:buildcache syn2mas.context=https://github.com/${{ github.repository }}.git#${{ github.ref }}:tools/syn2mas/
base.cache-from=type=registry,ref=${{ env.BUILDCACHE }}:buildcache
- name: Build and push - name: Build and push
id: bake id: bake
@@ -214,9 +234,10 @@ jobs:
${{ steps.meta-debug.outputs.bake-file }} ${{ steps.meta-debug.outputs.bake-file }}
set: | set: |
base.context=https://github.com/${{ github.repository }}.git#${{ github.ref }} base.context=https://github.com/${{ github.repository }}.git#${{ github.ref }}
syn2mas.context=https://github.com/${{ github.repository }}.git#${{ github.ref }}:tools/syn2mas/
base.output=type=image,push=true base.output=type=image,push=true
base.cache-from=type=registry,ref=${{ env.IMAGE }}:buildcache base.cache-from=type=registry,ref=${{ env.BUILDCACHE }}:buildcache
base.cache-to=type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max base.cache-to=type=registry,ref=${{ env.BUILDCACHE }}:buildcache,mode=max
- name: Sign the images with GitHub Actions provided token - name: Sign the images with GitHub Actions provided token
# Only sign on tags and on commits on main branch # Only sign on tags and on commits on main branch
@@ -227,7 +248,8 @@ jobs:
run: |- run: |-
cosign sign --yes \ cosign sign --yes \
"${{ env.IMAGE }}@${{ fromJSON(steps.bake.outputs.metadata).regular['containerimage.digest'] }}" \ "${{ env.IMAGE }}@${{ fromJSON(steps.bake.outputs.metadata).regular['containerimage.digest'] }}" \
"${{ env.IMAGE }}@${{ fromJSON(steps.bake.outputs.metadata).debug['containerimage.digest'] }}" "${{ env.IMAGE }}@${{ fromJSON(steps.bake.outputs.metadata).debug['containerimage.digest'] }}" \
"${{ env.IMAGE_SYN2MAS }}@${{ fromJSON(steps.bake.outputs.metadata).syn2mas['containerimage.digest'] }}"
release: release:
@@ -294,6 +316,17 @@ jobs:
``` ```
${{ fromJSON(needs.build-image.outputs.metadata).debug['image.name'] }} ${{ fromJSON(needs.build-image.outputs.metadata).debug['image.name'] }}
``` ```
`syn2mas` migration tool:
- Digest:
```
${{ env.IMAGE_SYN2MAS }}@${{ fromJSON(needs.build-image.outputs.metadata).syn2mas['containerimage.digest'] }}
```
- Tags:
```
${{ fromJSON(needs.build-image.outputs.metadata).syn2mas['image.name'] }}
```
files: | files: |
mas-cli-aarch64-linux.tar.gz mas-cli-aarch64-linux.tar.gz

8
docker-bake.hcl
View File

@@ -1,9 +1,10 @@
// This is what is baked by GitHub Actions // This is what is baked by GitHub Actions
group "default" { targets = ["regular", "debug"] } group "default" { targets = ["regular", "debug", "syn2mas"] }
// Targets filled by GitHub Actions: one for the regular tag, one for the debug tag // Targets filled by GitHub Actions: one for the regular tag, one for the debug tag
target "docker-metadata-action" {} target "docker-metadata-action" {}
target "docker-metadata-action-debug" {} target "docker-metadata-action-debug" {}
target "docker-metadata-action-syn2mas" {}
// This sets the platforms and is further extended by GitHub Actions to set the // This sets the platforms and is further extended by GitHub Actions to set the
// output and the cache locations // output and the cache locations
@@ -22,3 +23,8 @@ target "debug" {
inherits = ["base", "docker-metadata-action-debug"] inherits = ["base", "docker-metadata-action-debug"]
target = "debug" target = "debug"
} }
target "syn2mas" {
inherits = ["base", "docker-metadata-action-syn2mas"]
context = "./tools/syn2mas"
}