linkerd
/
linkerd2-proxy
mirror of https://github.com/linkerd/linkerd2-proxy.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

wip

This commit is contained in:
Oliver Gould 2025-08-19 04:45:10 +00:00
parent 91c15fe8dd
commit b630d768f4
No known key found for this signature in database
3 changed files with 80 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
.github/actions/oci-build-push/action.yml vendored
View File

@ -1,14 +1,23 @@
name: oci-build-push
description: Builds and pushes OCI images from the workspace context
inputs: inputs:
ref: cache-from:
required: false required: false
tags: cache-to:
required: false required: false
features: features:
required: false required: false
vendor: outputs:
required: false required: false
version: profile:
required: false
default: release
description: Build profile
platforms:
required: false
default: linux/amd64,linux/arm64
push:
required: false required: false
rustflags: rustflags:
required: false required: false
@ -16,41 +25,55 @@ inputs:
target: target:
required: false required: false
default: bin default: bin
platforms: vendor:
required: false required: false
default: linux/amd64,linux/arm64 version:
cache-scope:
required: false
outputs:
required: false required: false
outputs: outputs:
imageid: ${{ steps.build.outputs.imageid }} imageid:
digest: ${{ steps.build.outputs.digest }} description: The ID of the built image
metadata: ${{ steps.build.outputs.metadata }} value: ${{ steps.build.outputs.imageid }}
digest:
description: The digest of the built image
value: ${{ steps.build.outputs.digest }}
metadata:
description: The metadata of the built image
value: ${{ steps.build.outputs.metadata }}
runs: runs:
using: composite using: composite
steps: steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f
id: meta
with: with:
ref: ${{ inputs.ref || github.ref }} images: |
- uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 ghcr.io/${{ github.repository_owner }}/proxy
tags: |
type=raw,value=${{ inputs.version }}
flavor: |
latest=false
prefix=bin-
- if: inputs.platforms != 'linux/amd64'
uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392
- uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435
- uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83
id: build id: build
with: with:
context: .
build-args: | build-args: |
PROFILE=release
RUSTFLAGS=${{ inputs.rustflags }}
LINKERD2_PROXY_VENDOR=${{ inputs.vendor }} LINKERD2_PROXY_VENDOR=${{ inputs.vendor }}
LINKERD2_PROXY_VERSION=${{ inputs.version }} LINKERD2_PROXY_VERSION=${{ inputs.version }}
PROFILE=${{ inputs.profile }}
PROXY_FEATURES=${{ inputs.features }} PROXY_FEATURES=${{ inputs.features }}
RUSTFLAGS=${{ inputs.rustflags }}
cache-from: type=gha,scope=${{ inputs.cache-from }}
cache-to: type=gha,scope=${{ inputs.cache-to }},mode=max
context: .
outputs: ${{ inputs.outputs }} outputs: ${{ inputs.outputs }}
tags: ${{ inputs.tags }}
target: ${{ inputs.target }}
platforms: ${{ inputs.platforms }} platforms: ${{ inputs.platforms }}
cache-from: type=gha,scope=${{ inputs.cache-scope || github.head_ref }} push: ${{ inputs.push }}
cache-to: type=gha,scope=${{ inputs.cache-scope || github.head_ref }},mode=max target: ${{ inputs.target }}
annotations: ${{ steps.meta.outputs.annotations }}
labels: ${{ steps.meta.outputs.labels }}
tags: ${{ steps.meta.outputs.tags }}

29
.github/workflows/cache-oci.yml vendored
View File

@ -1,29 +0,0 @@
on:
pull_request: {}
push:
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: true
jobs:
build:
runs-on: ${{ vars.LINKERD2_PROXY_RUNNER || 'ubuntu-24.04' }}
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
- id: meta
uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c
with:
files: |
.github/workflows/cache-oci.yml
.github/workflows/oci-build-push.yml
- if: steps.meta.outputs.any_changed == 'true' || github.event_name == 'push'
uses: ./.github/actions/oci-build-push
with:
outputs: type=local,dest=out
- if: steps.meta.outputs.any_changed == 'true' || github.event_name == 'push'
run: find out -type f -ls

46
.github/workflows/release.yml vendored
View File

@ -6,7 +6,7 @@ on:
inputs: inputs:
version: version:
description: "Version in the form v1.2.3-prerelease+buildinfo" description: "Version in the form v1.2.3-prerelease+buildinfo"
required: true required: false
type: string type: string
tag-prefix: tag-prefix:
description: "Tag prefix" description: "Tag prefix"
@ -29,6 +29,11 @@ on:
required: false required: false
type: string type: string
default: "" default: ""
do-oci-push:
description: "Push the Docker image to the OCI registry?"
required: false
type: boolean
default: false
prerelease: prerelease:
description: "Is this a prerelease?" description: "Is this a prerelease?"
required: false required: false
@ -84,8 +89,8 @@ jobs:
run: | run: |
set -euo pipefail set -euo pipefail
shopt -s extglob shopt -s extglob
if [[ "$GITHUB_EVENT_NAME" == pull_request ]]; then if [[ -z "$VERSION" ]]; then
echo version="0.0.0-test.${GITHUB_SHA:0:7}" >> "$GITHUB_OUTPUT" echo version="0.0.0-sha-${GITHUB_SHA:0:7}" >> "$GITHUB_OUTPUT"
exit 0 exit 0
fi fi
if ! [[ "$VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z-]+)?(\+[0-9A-Za-z-]+)?$ ]]; then if ! [[ "$VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z-]+)?(\+[0-9A-Za-z-]+)?$ ]]; then
@ -101,7 +106,8 @@ jobs:
run: | run: |
if [[ "$GITHUB_EVENT_NAME" == pull_request && "$WORKFLOW_CHANGED" != 'true' ]]; then if [[ "$GITHUB_EVENT_NAME" == pull_request && "$WORKFLOW_CHANGED" != 'true' ]]; then
( echo archs='["amd64"]' ( echo archs='["amd64"]'
echo oses='["linux"]' ) >> "$GITHUB_OUTPUT" echo oses='["linux"]'
) >> "$GITHUB_OUTPUT"
exit 0 exit 0
fi fi
( echo archs='["amd64", "arm64"]' ( echo archs='["amd64", "arm64"]'
@ -137,13 +143,6 @@ jobs:
${{ toJson(needs.meta.outputs) }} ${{ toJson(needs.meta.outputs) }}
EOF EOF
# oci:
# needs: meta
# if: needs.meta.outputs.package == 'true'
# uses: ./.github/workflows/oci-build-push.yml
# with:
# outputs: type=oci,dest=linkerd2-proxy.tar
package: package:
needs: meta needs: meta
if: needs.meta.outputs.package == 'true' if: needs.meta.outputs.package == 'true'
@ -192,6 +191,31 @@ jobs:
name: ${{ matrix.arch }}-${{ matrix.os }}-artifacts name: ${{ matrix.arch }}-${{ matrix.os }}-artifacts
path: target/package/* path: target/package/*
# TODO(ver) Drop `package` in favor of build-push-image.
build-push-image:
needs: meta
if: needs.meta.outputs.package == 'true'
runs-on: ${{ vars.LINKERD2_PROXY_RUNNER || 'ubuntu-24.04' }}
permissions:
contents: write
steps:
- uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772
if: inputs.do-oci-push
with:
registry: ghcr.io
username: ${{ vars.LINKERD2_PROXY_GITHUB_USERNAME || github.actor }}
password: ${{ secrets.LINKERD2_PROXY_GITHUB_TOKEN || github.token }}
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
with:
ref: ${{ needs.meta.outputs.ref }}
- uses: ./.github/actions/oci-build-push
with:
platforms: linux/amd64,linux/arm64
push: ${{ inputs.do-oci-push }}
rustflags: '-D warnings -A deprecated --cfg tokio_unstable'
vendor: ${{ github.repository_owner }}
version: ${{ needs.meta.outputs.version }}
publish: publish:
needs: [meta, package] needs: [meta, package]
runs-on: ${{ vars.LINKERD2_PROXY_RUNNER || 'ubuntu-24.04' }} runs-on: ${{ vars.LINKERD2_PROXY_RUNNER || 'ubuntu-24.04' }}