diff --git a/.github/workflows/publish-dev.yaml b/.github/workflows/publish-dev.yaml index cb2a79c6..b36f02a9 100644 --- a/.github/workflows/publish-dev.yaml +++ b/.github/workflows/publish-dev.yaml @@ -116,4 +116,29 @@ jobs: --push . - name: Inspect binaries if: needs.check.outputs.build_multi_arch == 'true' - run: "# Image for one arhitecture has digest in config field.\n# Image with multiple manifests has digest in each manifest.\nmanifests=$(docker buildx imagetools inspect \"${GHCR_IO_IMAGE_NAME}\" --raw)\nif grep manifests <<<\"${manifests}\" 2>&1 >/dev/null ; then\n jq -r '.manifests[]? | .digest + \" \" + .platform.os + \"/\" + .platform.architecture' <<<\"${manifests}\" \\\n | while read digest platform ; do\n image=${GHCR_IO_IMAGE_NAME}@${digest}\n if [[ ${BUILDX_PLATFORMS} != *\"${platform}\"* ]] ; then\n echo \"=====================================\"\n echo \"Ignore image for non-runnable platform ${platform}\"\n echo \" ${image}\"\n echo \"=====================================\"\n continue \n fi\n echo \"=====================================\"\n echo \"Inspect image for platform ${platform}\"\n echo \" ${image}\"\n echo \"=====================================\"\n docker run --rm --platform ${platform} --entrypoint sh ${image} -c \\\n 'apk add file > /dev/null; file /bin/kubectl; file /bin/busybox; file /shell-operator'\n done\nelse\n echo Not a multi-arhitecture image.\n #echo $(echo -n \"${manifests}\" | openssl dgst -sha256) ' linux/amd64'\nfi\n" + run: | + # Image for one arhitecture has digest in config field. + # Image with multiple manifests has digest in each manifest. + manifests=$(docker buildx imagetools inspect "${GHCR_IO_IMAGE_NAME}" --raw) + if grep manifests <<<"${manifests}" 2>&1 >/dev/null ; then + jq -r '.manifests[]? | .digest + " " + .platform.os + "/" + .platform.architecture' <<<"${manifests}" \ + | while read digest platform ; do + image=${GHCR_IO_IMAGE_NAME}@${digest} + if [[ ${BUILDX_PLATFORMS} != *"${platform}"* ]] ; then + echo "=====================================" + echo "Ignore image for non-runnable platform ${platform}" + echo " ${image}" + echo "=====================================" + continue + fi + echo "=====================================" + echo "Inspect image for platform ${platform}" + echo " ${image}" + echo "=====================================" + docker run --rm --platform ${platform} --entrypoint sh ${image} -c \ + 'apk add file > /dev/null; file /bin/kubectl; file /bin/busybox; file /shell-operator' + done + else + echo Not a multi-arhitecture image. + #echo $(echo -n "${manifests}" | openssl dgst -sha256) ' linux/amd64' + fi diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml index ed8c3c21..3f475965 100644 --- a/.github/workflows/publish-release.yaml +++ b/.github/workflows/publish-release.yaml @@ -139,7 +139,31 @@ jobs: --push \ . - name: Inspect binaries - run: "# Image for one arhitecture has digest in config field.\n# Image with multiple manifests has digest in each manifest.\nmanifests=$(docker buildx imagetools inspect \"${GHCR_IO_IMAGE_NAME}\" --raw)\nif grep manifests <<<\"${manifests}\" 2>&1 >/dev/null ; then\n jq -r '.manifests[]? | .digest + \" \" + .platform.os + \"/\" + .platform.architecture' <<<\"${manifests}\"\nelse\n echo $(echo -n \"${manifests}\" | openssl dgst -sha256 | sed s/^.stdin.*\\ //) ' linux/amd64'\nfi \\\n| while read digest platform ; do\n if [[ ${BUILDX_PLATFORMS} != *\"${platform}\"* ]] ; then\n echo \"=====================================\"\n echo \"Ignore image for non-runnable platform ${platform}\"\n echo \" ${image}\"\n echo \"=====================================\"\n continue \n fi\n image=${GHCR_IO_IMAGE_NAME}@${digest}\n echo \"=====================================\"\n echo \"Inspect image for platform ${platform}\"\n echo \" ${image}\"\n echo \"=====================================\"\n docker run --rm --platform ${platform} --entrypoint sh ${image} -c \\\n 'apk add file > /dev/null; file /bin/kubectl; file /bin/busybox; file /shell-operator'\ndone\n" + run: | + # Image for one arhitecture has digest in config field. + # Image with multiple manifests has digest in each manifest. + manifests=$(docker buildx imagetools inspect "${GHCR_IO_IMAGE_NAME}" --raw) + if grep manifests <<<"${manifests}" 2>&1 >/dev/null ; then + jq -r '.manifests[]? | .digest + " " + .platform.os + "/" + .platform.architecture' <<<"${manifests}" + else + echo $(echo -n "${manifests}" | openssl dgst -sha256 | sed s/^.stdin.*\ //) ' linux/amd64' + fi \ + | while read digest platform ; do + if [[ ${BUILDX_PLATFORMS} != *"${platform}"* ]] ; then + echo "=====================================" + echo "Ignore image for non-runnable platform ${platform}" + echo " ${image}" + echo "=====================================" + continue + fi + image=${GHCR_IO_IMAGE_NAME}@${digest} + echo "=====================================" + echo "Inspect image for platform ${platform}" + echo " ${image}" + echo "=====================================" + docker run --rm --platform ${platform} --entrypoint sh ${image} -c \ + 'apk add file > /dev/null; file /bin/kubectl; file /bin/busybox; file /shell-operator' + done - name: Copy image to Docker Hub env: DOCKER_USER: ${{ secrets.DOCKER_USER }} diff --git a/Makefile b/Makefile index 05a2a08b..13407678 100644 --- a/Makefile +++ b/Makefile @@ -50,7 +50,9 @@ update-k8s-version: go-check .PHONY: update-workflows-go-version update-workflows-go-version: yq for file in $$(find .github/workflows -name "*.yaml"); do \ - $(YQ) -i '(.jobs[]?.steps[]? | select(.uses | test("actions/setup-go")) | .with."go-version") = "$(GO_BUILDER_VERSION)"' $$file; \ + if grep -q "actions/setup-go" $$file; then \ + $(YQ) -i '(.jobs[]?.steps[]? | select(.uses | test("actions/setup-go")) | .with."go-version") = "$(GO_BUILDER_VERSION)"' $$file; \ + fi; \ done echo "Updated go-version in workflow files to $(GO_BUILDER_VERSION)"