Skip to content

Commit b067344

Browse files
tommyzlitommyzli
authored
Merge pull request #1 from ClickHouse/private-builds
(chore) CI
2 parents 8ae3d33 + 59ebf3b commit b067344

File tree

1 file changed

+117
-0
lines changed

1 file changed

+117
-0
lines changed

.github/workflows/release.yml

Lines changed: 117 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,117 @@
1+
name: Publish Docker image
2+
3+
on:
4+
push:
5+
branches: [master]
6+
tags:
7+
- "v[0-9]+.[0-9]+.[0-9]+*"
8+
9+
jobs:
10+
cross-compile:
11+
runs-on: ubuntu-latest
12+
steps:
13+
- name: Check out the repo
14+
uses: actions/checkout@v3
15+
- name: Setup Go
16+
uses: actions/setup-go@v3
17+
with:
18+
go-version: "1.21"
19+
- name: Cache Go
20+
id: go-cache
21+
uses: actions/cache@v3
22+
with:
23+
path: |
24+
~/go/bin
25+
~/go/pkg/mod
26+
key: go-cache-${{ runner.os }}-${{ hashFiles('**/go.sum') }}
27+
- name: Install promu
28+
run: make promu
29+
shell: bash
30+
- name: Build
31+
run: ~/go/bin/promu -c .promu.yml crossbuild -v -p linux/amd64 -p linux/arm64 -p darwin/amd64 -p darwin/arm64
32+
- name: Upload Binaries
33+
uses: actions/upload-artifact@v3
34+
with:
35+
name: binaries
36+
path: ./build/*
37+
38+
push_to_registries:
39+
name: Push Docker image to multiple registries
40+
runs-on: ubuntu-latest
41+
permissions:
42+
packages: write
43+
contents: read
44+
id-token: write
45+
needs: [cross-compile]
46+
if: (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v'))
47+
steps:
48+
- name: Check out the repo
49+
uses: actions/checkout@v3
50+
51+
- name: Set up Docker Buildx
52+
uses: docker/setup-buildx-action@v2
53+
54+
- name: Sanitize branch name and create version
55+
id: create-version
56+
env:
57+
BRANCH: ${{github.ref_name}}
58+
RUN_NUMBER: ${{github.run_number}}
59+
BASE_VERSION: "0.0.0"
60+
run: |
61+
# let's simply use the k8s namespace rules (even stricter) and have the same version(-suffix) for everything
62+
# lowercase everything and replace all invalid characters with '-' and trim to 60 characters
63+
SANITIZED_BRANCH=$(echo -n "${BRANCH}" | tr '[:upper:]' '[:lower:]' | tr -C 'a-z0-9' '-')
64+
SANITIZED_BRANCH="${SANITIZED_BRANCH:0:60}"
65+
66+
BUILD_VERSION="${BASE_VERSION}-${SANITIZED_BRANCH}-${RUN_NUMBER}"
67+
echo "BUILD_VERSION=${BUILD_VERSION}" | tee -a $GITHUB_ENV $GITHUB_OUTPUT
68+
69+
- name: Download Binaries
70+
uses: actions/download-artifact@v3
71+
with:
72+
name: binaries
73+
path: ./build/
74+
75+
- run: chmod +x bin/*
76+
77+
- id: login-gcp
78+
name: Authenticate with Google Cloud
79+
uses: google-github-actions/auth@v1
80+
with:
81+
token_format: access_token
82+
workload_identity_provider: ${{secrets.GCR_WORKLOAD_IDENTITY_PROVIDER}}
83+
service_account: ${{secrets.GCR_SERVICE_ACCOUNT}}
84+
access_token_lifetime: 1800s
85+
86+
- name: Log in to EU registry
87+
uses: docker/login-action@v2
88+
with:
89+
registry: us-docker.pkg.dev
90+
username: oauth2accesstoken
91+
password: ${{ steps.login-gcp.outputs.access_token }}
92+
93+
- name: Log in to EU registry
94+
uses: docker/login-action@v2
95+
with:
96+
registry: europe-docker.pkg.dev
97+
username: oauth2accesstoken
98+
password: ${{ steps.login-gcp.outputs.access_token }}
99+
100+
- name: Log in to Asia registry
101+
uses: docker/login-action@v2
102+
with:
103+
registry: asia-docker.pkg.dev
104+
username: oauth2accesstoken
105+
password: ${{ steps.login-gcp.outputs.access_token }}
106+
107+
- name: build and push
108+
uses: docker/build-push-action@v5
109+
with:
110+
push: true
111+
context: .
112+
file: Dockerfile
113+
platforms: linux/amd64,linux/arm64,darwin/arm64,darwin/amd64
114+
tags: |
115+
${{secrets.GCR_ASIA_IMAGE}}:${{steps.create-version.outputs.BUILD_VERSION}}
116+
${{secrets.GCR_EUROPE_IMAGE}}:${{steps.create-version.outputs.BUILD_VERSION}}
117+
${{secrets.GCR_US_IMAGE}}:${{steps.create-version.outputs.BUILD_VERSION}}

0 commit comments

Comments
 (0)