diff --git a/content/build/ci/github-actions/annotations.md b/content/build/ci/github-actions/annotations.md index 0c7f4dee3a..a45fa1f7a9 100644 --- a/content/build/ci/github-actions/annotations.md +++ b/content/build/ci/github-actions/annotations.md @@ -19,13 +19,11 @@ with [build-push-action] and [bake-action]. {{< tabs >}} {{< tab name="build-push-action" >}} -```yaml {hl_lines=37} +```yaml {hl_lines=35} name: ci on: push: - branches: - - "main" env: IMAGE_NAME: user/app @@ -48,7 +46,7 @@ jobs: - name: Extract metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }} @@ -63,13 +61,11 @@ jobs: {{< /tab >}} {{< tab name="bake-action" >}} -```yaml {hl_lines=39} +```yaml {hl_lines=37} name: ci on: push: - branches: - - "main" env: IMAGE_NAME: user/app @@ -92,12 +88,12 @@ jobs: - name: Extract metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }} - name: Build - uses: docker/bake-action@v3 + uses: docker/bake-action@v4 with: files: | ./docker-bake.hcl @@ -121,13 +117,11 @@ want to annotate. For example, setting `DOCKER_METADATA_ANNOTATIONS_LEVELS` to The following example creates annotations on both the image index and manifests. -```yaml {hl_lines=33} +```yaml {hl_lines=31} name: ci on: push: - branches: - - "main" env: IMAGE_NAME: user/app @@ -150,7 +144,7 @@ jobs: - name: Extract metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }} env: diff --git a/content/build/ci/github-actions/attestations.md b/content/build/ci/github-actions/attestations.md index f431cea323..8f91509d10 100644 --- a/content/build/ci/github-actions/attestations.md +++ b/content/build/ci/github-actions/attestations.md @@ -54,8 +54,6 @@ name: ci on: push: - branches: - - "main" env: IMAGE_NAME: user/app @@ -78,7 +76,7 @@ jobs: - name: Extract metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }} @@ -106,8 +104,6 @@ name: ci on: push: - branches: - - "main" env: IMAGE_NAME: user/app @@ -130,7 +126,7 @@ jobs: - name: Extract metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }} diff --git a/content/build/ci/github-actions/cache.md b/content/build/ci/github-actions/cache.md index 6f2fe64466..0465868cd3 100644 --- a/content/build/ci/github-actions/cache.md +++ b/content/build/ci/github-actions/cache.md @@ -23,8 +23,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -32,13 +30,16 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push uses: docker/build-push-action@v5 with: @@ -59,8 +60,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -68,13 +67,16 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push uses: docker/build-push-action@v5 with: @@ -107,8 +109,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -116,13 +116,16 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push uses: docker/build-push-action@v5 with: @@ -146,6 +149,7 @@ cache mount data with your Docker build steps. The following example shows how to use this workaround with a Go project. Example Dockerfile in `build/package/Dockerfile` + ```Dockerfile FROM golang:1.21.1-alpine as base-build @@ -161,13 +165,15 @@ RUN --mount=type=cache,target=/root/.cache/go-build go build -o /bin/app /build/ ``` Example CI action + ```yaml name: ci -on: push + +on: + push: jobs: build: - name: Build runs-on: ubuntu-latest steps: - name: Checkout @@ -191,15 +197,13 @@ jobs: type=semver,pattern={{major}}.{{minor}} - name: Go Build Cache for Docker - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: go-build-cache key: ${{ runner.os }}-go-build-cache-${{ hashFiles('**/go.sum') }} - name: inject go-build-cache into docker - # v1 was composed of two actions: "inject" and "extract". - # v2 is unified to a single action. - uses: reproducible-containers/buildkit-cache-dance@v2.1.2 + uses: reproducible-containers/buildkit-cache-dance@4b2444fec0c0fb9dbf175a96c094720a692ef810 # v2.1.4 with: cache-source: go-build-cache @@ -237,8 +241,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -246,20 +248,24 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Cache Docker layers - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push uses: docker/build-push-action@v5 with: @@ -268,6 +274,7 @@ jobs: tags: user/app:latest cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + - # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 diff --git a/content/build/ci/github-actions/configure-builder.md b/content/build/ci/github-actions/configure-builder.md index b72ff41921..77efe1b2ca 100644 --- a/content/build/ci/github-actions/configure-builder.md +++ b/content/build/ci/github-actions/configure-builder.md @@ -51,10 +51,12 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: buildkitd-flags: --debug + - name: Build uses: docker/build-push-action@v5 with: @@ -88,6 +90,7 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: @@ -125,6 +128,7 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: @@ -208,11 +212,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up SSH - uses: MrSquaare/ssh-setup-action@523473d91581ccbf89565e12b40faba93f2708bd # v1.1.0 + uses: MrSquaare/ssh-setup-action@2d028b70b5e397cf8314c6eaea229a6c3e34977a # v3.1.0 with: host: graviton2 private-key: ${{ secrets.SSH_PRIVATE_KEY }} private-key-name: aws_graviton2 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: @@ -272,10 +277,12 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: driver: kubernetes + - name: Build run: | buildx build . @@ -300,8 +307,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -309,20 +314,22 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 - - uses: docker/setup-buildx-action@v3 + + - name: Set up builder1 + uses: docker/setup-buildx-action@v3 id: builder1 - - uses: docker/setup-buildx-action@v3 + + - name: Set up builder2 + uses: docker/setup-buildx-action@v3 id: builder2 - - name: Builder 1 name - run: echo ${{ steps.builder1.outputs.name }} - - name: Builder 2 name - run: echo ${{ steps.builder2.outputs.name }} + - name: Build against builder1 uses: docker/build-push-action@v5 with: builder: ${{ steps.builder1.outputs.name }} context: . target: mytarget1 + - name: Build against builder2 uses: docker/build-push-action@v5 with: diff --git a/content/build/ci/github-actions/copy-image-registries.md b/content/build/ci/github-actions/copy-image-registries.md index 409b809c91..47558895c5 100644 --- a/content/build/ci/github-actions/copy-image-registries.md +++ b/content/build/ci/github-actions/copy-image-registries.md @@ -12,8 +12,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -21,21 +19,26 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push uses: docker/build-push-action@v5 with: @@ -45,6 +48,7 @@ jobs: tags: | user/app:latest user/app:1.0.0 + - name: Push image to GHCR run: | docker buildx imagetools create \ diff --git a/content/build/ci/github-actions/export-docker.md b/content/build/ci/github-actions/export-docker.md index 31d5aeaf29..2043a03fbb 100644 --- a/content/build/ci/github-actions/export-docker.md +++ b/content/build/ci/github-actions/export-docker.md @@ -12,23 +12,25 @@ name: ci on: push: - branches: - - "main" jobs: docker: runs-on: ubuntu-latest steps: + - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Build uses: docker/build-push-action@v5 with: context: . load: true tags: myimage:latest + - name: Inspect run: | docker image inspect myimage:latest diff --git a/content/build/ci/github-actions/local-registry.md b/content/build/ci/github-actions/local-registry.md index 3dc3a7d0c8..b55ab85710 100644 --- a/content/build/ci/github-actions/local-registry.md +++ b/content/build/ci/github-actions/local-registry.md @@ -12,8 +12,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -26,18 +24,22 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: driver-opts: network=host + - name: Build and push to local registry uses: docker/build-push-action@v5 with: context: . push: true tags: localhost:5000/name/app:latest + - name: Inspect run: | docker buildx imagetools inspect localhost:5000/name/app:latest diff --git a/content/build/ci/github-actions/manage-tags-labels.md b/content/build/ci/github-actions/manage-tags-labels.md index 268de09cd9..8a68557ffd 100644 --- a/content/build/ci/github-actions/manage-tags-labels.md +++ b/content/build/ci/github-actions/manage-tags-labels.md @@ -21,8 +21,6 @@ on: tags: - "v*.*.*" pull_request: - branches: - - "main" jobs: docker: @@ -30,6 +28,7 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Docker meta id: meta uses: docker/metadata-action@v5 @@ -47,16 +46,20 @@ jobs: type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} type=sha + - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GHCR if: github.event_name != 'pull_request' uses: docker/login-action@v3 @@ -64,6 +67,7 @@ jobs: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push uses: docker/build-push-action@v5 with: diff --git a/content/build/ci/github-actions/multi-platform.md b/content/build/ci/github-actions/multi-platform.md index b245991a68..1d56f3888b 100644 --- a/content/build/ci/github-actions/multi-platform.md +++ b/content/build/ci/github-actions/multi-platform.md @@ -19,8 +19,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -28,15 +26,19 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push uses: docker/build-push-action@v5 with: @@ -67,8 +69,6 @@ name: ci on: push: - branches: - - "main" env: REGISTRY_IMAGE: user/app @@ -85,34 +85,33 @@ jobs: - linux/arm/v7 - linux/arm64 steps: - - - name: Prepare + - name: Prepare run: | platform=${{ matrix.platform }} echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - - - name: Checkout + + - name: Checkout uses: actions/checkout@v4 - - - name: Docker meta + + - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} - - - name: Set up QEMU + + - name: Set up QEMU uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx + + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - - name: Login to Docker Hub + + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Build and push by digest + + - name: Build and push by digest id: build uses: docker/build-push-action@v5 with: @@ -120,14 +119,14 @@ jobs: platforms: ${{ matrix.platform }} labels: ${{ steps.meta.outputs.labels }} outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true - - - name: Export digest + + - name: Export digest run: | mkdir -p /tmp/digests digest="${{ steps.build.outputs.digest }}" touch "/tmp/digests/${digest#sha256:}" - - - name: Upload digest + + - name: Upload digest uses: actions/upload-artifact@v4 with: name: digests-${{ env.PLATFORM_PAIR }} @@ -140,36 +139,35 @@ jobs: needs: - build steps: - - - name: Download digests + - name: Download digests uses: actions/download-artifact@v4 with: path: /tmp/digests pattern: digests-* merge-multiple: true - - - name: Set up Docker Buildx + + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - - name: Docker meta + + - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} - - - name: Login to Docker Hub + + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Create manifest list and push + + - name: Create manifest list and push working-directory: /tmp/digests run: | docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) - - - name: Inspect image + + - name: Inspect image run: | docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} ``` @@ -224,8 +222,6 @@ name: ci on: push: - branches: - - "main" env: REGISTRY_IMAGE: user/app @@ -236,30 +232,29 @@ jobs: outputs: matrix: ${{ steps.platforms.outputs.matrix }} steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v4 - - - name: Create matrix + + - name: Create matrix id: platforms run: | echo "matrix=$(docker buildx bake image-all --print | jq -cr '.target."image-all".platforms')" >>${GITHUB_OUTPUT} - - - name: Show matrix + + - name: Show matrix run: | echo ${{ steps.platforms.outputs.matrix }} - - - name: Docker meta + + - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} - - - name: Rename meta bake definition file + + - name: Rename meta bake definition file run: | mv "${{ steps.meta.outputs.bake-file }}" "/tmp/bake-meta.json" - - - name: Upload meta bake definition + + - name: Upload meta bake definition uses: actions/upload-artifact@v4 with: name: bake-meta @@ -276,34 +271,33 @@ jobs: matrix: platform: ${{ fromJson(needs.prepare.outputs.matrix) }} steps: - - - name: Prepare + - name: Prepare run: | platform=${{ matrix.platform }} echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - - - name: Checkout + + - name: Checkout uses: actions/checkout@v4 - - - name: Download meta bake definition + + - name: Download meta bake definition uses: actions/download-artifact@v4 with: name: bake-meta path: /tmp - - - name: Set up QEMU + + - name: Set up QEMU uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx + + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - - name: Login to Docker Hub + + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Build + + - name: Build id: bake uses: docker/bake-action@v4 with: @@ -315,14 +309,14 @@ jobs: *.tags= *.platform=${{ matrix.platform }} *.output=type=image,"name=${{ env.REGISTRY_IMAGE }}",push-by-digest=true,name-canonical=true,push=true - - - name: Export digest + + - name: Export digest run: | mkdir -p /tmp/digests digest="${{ fromJSON(steps.bake.outputs.metadata).image['containerimage.digest'] }}" touch "/tmp/digests/${digest#sha256:}" - - - name: Upload digest + + - name: Upload digest uses: actions/upload-artifact@v4 with: name: digests-${{ env.PLATFORM_PAIR }} @@ -335,36 +329,35 @@ jobs: needs: - build steps: - - - name: Download meta bake definition - uses: actions/download-artifact@v3 + - name: Download meta bake definition + uses: actions/download-artifact@v4 with: name: bake-meta path: /tmp - - - name: Download digests + + - name: Download digests uses: actions/download-artifact@v4 with: path: /tmp/digests pattern: digests-* merge-multiple: true - - - name: Set up Docker Buildx + + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - - name: Login to DockerHub + + - name: Login to DockerHub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Create manifest list and push + + - name: Create manifest list and push working-directory: /tmp/digests run: | docker buildx imagetools create $(jq -cr '.target."docker-metadata-action".tags | map(select(startswith("${{ env.REGISTRY_IMAGE }}")) | "-t " + .) | join(" ")' /tmp/bake-meta.json) \ $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) - - - name: Inspect image + + - name: Inspect image run: | docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:$(jq -r '.target."docker-metadata-action".args.DOCKER_META_VERSION' /tmp/bake-meta.json) ``` diff --git a/content/build/ci/github-actions/named-contexts.md b/content/build/ci/github-actions/named-contexts.md index 070213d407..edfdfdaf9b 100644 --- a/content/build/ci/github-actions/named-contexts.md +++ b/content/build/ci/github-actions/named-contexts.md @@ -26,8 +26,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -35,8 +33,10 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Build uses: docker/build-push-action@v5 with: @@ -65,8 +65,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -74,10 +72,12 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: driver: docker + - name: Build base image uses: docker/build-push-action@v5 with: @@ -85,6 +85,7 @@ jobs: file: ./base/Dockerfile load: true tags: my-base-image:latest + - name: Build uses: docker/build-push-action@v5 with: @@ -113,8 +114,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -127,13 +126,16 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: # network=host driver-opt needed to push to local registry driver-opts: network=host + - name: Build base image uses: docker/build-push-action@v5 with: @@ -141,6 +143,7 @@ jobs: file: ./base/Dockerfile tags: localhost:5000/my-base-image:latest push: true + - name: Build uses: docker/build-push-action@v5 with: diff --git a/content/build/ci/github-actions/push-multi-registries.md b/content/build/ci/github-actions/push-multi-registries.md index 1ca7ef17f1..6fa95d09c1 100644 --- a/content/build/ci/github-actions/push-multi-registries.md +++ b/content/build/ci/github-actions/push-multi-registries.md @@ -12,8 +12,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -21,21 +19,26 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push uses: docker/build-push-action@v5 with: diff --git a/content/build/ci/github-actions/reproducible-builds.md b/content/build/ci/github-actions/reproducible-builds.md index ace4f55fc8..bcb33cd7a3 100644 --- a/content/build/ci/github-actions/reproducible-builds.md +++ b/content/build/ci/github-actions/reproducible-builds.md @@ -26,8 +26,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -35,8 +33,10 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Build uses: docker/build-push-action@v5 with: @@ -54,8 +54,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -63,8 +61,10 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Build uses: docker/bake-action@v4 env: @@ -86,8 +86,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -95,9 +93,13 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV + + - name: Get Git commit timestamps + run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV + - name: Build uses: docker/build-push-action@v5 with: @@ -115,8 +117,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -124,9 +124,13 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV + + - name: Get Git commit timestamps + run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV + - name: Build uses: docker/bake-action@v4 env: diff --git a/content/build/ci/github-actions/secrets.md b/content/build/ci/github-actions/secrets.md index 4a50830903..970a979cf1 100644 --- a/content/build/ci/github-actions/secrets.md +++ b/content/build/ci/github-actions/secrets.md @@ -37,8 +37,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -46,10 +44,13 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Build uses: docker/build-push-action@v5 with: @@ -168,25 +169,22 @@ name: ci on: push: - branches: - - "main" jobs: docker: runs-on: ubuntu-latest steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v3 - - - name: Set up SSH - uses: MrSquaare/ssh-setup-action@7bfdda6ef6839504e3a5b2625ad971b17461a0db # v3.0.0 + + - name: Set up SSH + uses: MrSquaare/ssh-setup-action@2d028b70b5e397cf8314c6eaea229a6c3e34977a # v3.1.0 with: host: github.com private-key: ${{ secrets.SSH_GITHUB_PPK }} private-key-name: github-ppk - - - name: Build and push + + - name: Build and push uses: docker/build-push-action@v5 with: context: . @@ -203,25 +201,22 @@ name: ci on: push: - branches: - - "main" jobs: docker: runs-on: ubuntu-latest steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v3 - - - name: Set up SSH - uses: MrSquaare/ssh-setup-action@7bfdda6ef6839504e3a5b2625ad971b17461a0db # v3.0.0 + + - name: Set up SSH + uses: MrSquaare/ssh-setup-action@2d028b70b5e397cf8314c6eaea229a6c3e34977a # v3.1.0 with: host: github.com private-key: ${{ secrets.SSH_GITHUB_PPK }} private-key-name: github-ppk - - - name: Build + + - name: Build uses: docker/bake-action@v4 with: set: | diff --git a/content/build/ci/github-actions/share-image-jobs.md b/content/build/ci/github-actions/share-image-jobs.md index 1cdf49d0a4..63234ea3a0 100644 --- a/content/build/ci/github-actions/share-image-jobs.md +++ b/content/build/ci/github-actions/share-image-jobs.md @@ -16,8 +16,6 @@ name: ci on: push: - branches: - - "main" jobs: build: @@ -25,16 +23,19 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Build and export uses: docker/build-push-action@v5 with: context: . tags: myimage:latest outputs: type=docker,dest=/tmp/myimage.tar + - name: Upload artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: myimage path: /tmp/myimage.tar @@ -44,10 +45,11 @@ jobs: needs: build steps: - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: myimage path: /tmp + - name: Load image run: | docker load --input /tmp/myimage.tar diff --git a/content/build/ci/github-actions/test-before-push.md b/content/build/ci/github-actions/test-before-push.md index 03f05774c9..119d24d19e 100644 --- a/content/build/ci/github-actions/test-before-push.md +++ b/content/build/ci/github-actions/test-before-push.md @@ -17,8 +17,6 @@ name: ci on: push: - branches: - - "main" env: TEST_TAG: user/app:test @@ -30,24 +28,30 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and export to Docker uses: docker/build-push-action@v5 with: context: . load: true tags: ${{ env.TEST_TAG }} + - name: Test run: | docker run --rm ${{ env.TEST_TAG }} + - name: Build and push uses: docker/build-push-action@v5 with: diff --git a/content/build/ci/github-actions/update-dockerhub-desc.md b/content/build/ci/github-actions/update-dockerhub-desc.md index 7373fa091d..989067b22a 100644 --- a/content/build/ci/github-actions/update-dockerhub-desc.md +++ b/content/build/ci/github-actions/update-dockerhub-desc.md @@ -13,8 +13,6 @@ name: ci on: push: - branches: - - "main" jobs: docker: @@ -22,23 +20,28 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push uses: docker/build-push-action@v5 with: context: . push: true tags: user/app:latest + - name: Update repo description - uses: peter-evans/dockerhub-description@v3 + uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/content/scout/policy/ci.md b/content/scout/policy/ci.md index 8ceed8689b..4b00eb453f 100644 --- a/content/scout/policy/ci.md +++ b/content/scout/policy/ci.md @@ -109,7 +109,7 @@ jobs: - name: Extract metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }}