CI Workflow breakdonw #247
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: WG-Easy Image CI | |
| on: | |
| push: | |
| branches: [ main ] | |
| tags: [ 'v*' ] | |
| paths: | |
| - 'applications/wg-easy/**' | |
| - '.github/workflows/wg-easy-image.yml' | |
| pull_request: | |
| paths: | |
| - 'applications/wg-easy/**' | |
| - '.github/workflows/wg-easy-image.yml' | |
| workflow_dispatch: | |
| env: | |
| # GitHub Container Registry | |
| GHCR_REGISTRY: ghcr.io | |
| GHCR_IMAGE: replicatedhq/platform-examples/wg-easy-tools | |
| # Google Artifact Registry | |
| GAR_LOCATION: us-central1 | |
| GAR_PROJECT_ID: replicated-qa | |
| GAR_REPOSITORY: wg-easy | |
| GAR_IMAGE: wg-easy-tools | |
| # Replicated Registry | |
| REPLICATED_REGISTRY: registry.replicated.com | |
| REPLICATED_APP: wg-easy-cre | |
| REPLICATED_IMAGE: wg-easy-tools | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| image-digest: ${{ steps.build.outputs.digest }} | |
| metadata: ${{ steps.meta.outputs.json }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Set branch variables | |
| id: vars | |
| run: | | |
| # Check if this is a tag push | |
| if [[ "${{ github.ref }}" == refs/tags/* ]]; then | |
| TAG_NAME="${{ github.ref_name }}" | |
| echo "is-tag=true" >> $GITHUB_OUTPUT | |
| echo "tag-name=$TAG_NAME" >> $GITHUB_OUTPUT | |
| echo "Tag: $TAG_NAME" | |
| else | |
| # Get branch name and normalize to lowercase with hyphens | |
| BRANCH_NAME="${{ github.head_ref || github.ref_name }}" | |
| NORMALIZED_BRANCH=$(echo "$BRANCH_NAME" | tr '[:upper:]' '[:lower:]' | tr '/' '-') | |
| IS_MAIN=${{ github.ref_name == 'main' || github.ref_name == 'refs/heads/main' }} | |
| echo "is-tag=false" >> $GITHUB_OUTPUT | |
| echo "branch-name=$BRANCH_NAME" >> $GITHUB_OUTPUT | |
| echo "normalized-branch=$NORMALIZED_BRANCH" >> $GITHUB_OUTPUT | |
| echo "is-main=$IS_MAIN" >> $GITHUB_OUTPUT | |
| echo "Branch: $BRANCH_NAME, Normalized: $NORMALIZED_BRANCH, Is Main: $IS_MAIN" | |
| fi | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_IMAGE }} | |
| ${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.GAR_PROJECT_ID }}/${{ env.GAR_REPOSITORY }}/${{ env.GAR_IMAGE }} | |
| ${{ env.REPLICATED_REGISTRY }}/${{ env.REPLICATED_APP }}/${{ env.REPLICATED_IMAGE }} | |
| tags: | | |
| # Git tag releases (semver tags) | |
| type=ref,event=tag | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| # Main branch tags | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| type=raw,value=sha-{{sha}},enable={{is_default_branch}} | |
| # Non-main branch tags - branch name as "latest" for that branch | |
| type=raw,value=${{ steps.vars.outputs.normalized-branch }},enable=${{ steps.vars.outputs.is-tag == 'false' && steps.vars.outputs.is-main == 'false' }} | |
| # SHA-suffixed tags for all branches (main and non-main) | |
| type=raw,value=${{ steps.vars.outputs.normalized-branch }}-sha-{{sha}},enable=${{ steps.vars.outputs.is-tag == 'false' && steps.vars.outputs.is-main == 'false' }} | |
| - name: Build multi-arch image | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: applications/wg-easy | |
| file: applications/wg-easy/container/Containerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: false | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| push-ghcr: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.GHCR_REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract GHCR tags | |
| id: ghcr-tags | |
| run: | | |
| GHCR_TAGS=$(echo '${{ needs.build.outputs.metadata }}' | jq -r '.tags[]' | grep "^${{ env.GHCR_REGISTRY }}" | tr '\n' ',') | |
| echo "tags=${GHCR_TAGS%,}" >> $GITHUB_OUTPUT | |
| echo "GHCR tags: ${GHCR_TAGS%,}" | |
| - name: Build and push to GHCR | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: applications/wg-easy | |
| file: applications/wg-easy/container/Containerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.ghcr-tags.outputs.tags }} | |
| labels: ${{ needs.build.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| push-gar: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Authenticate to Google Cloud | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_KEY }} | |
| - name: Configure Docker for Artifact Registry | |
| run: gcloud auth configure-docker ${{ env.GAR_LOCATION }}-docker.pkg.dev | |
| - name: Log in to Google Artifact Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.GAR_LOCATION }}-docker.pkg.dev | |
| username: _json_key | |
| password: ${{ secrets.GCP_SA_KEY }} | |
| - name: Extract GAR tags | |
| id: gar-tags | |
| run: | | |
| GAR_TAGS=$(echo '${{ needs.build.outputs.metadata }}' | jq -r '.tags[]' | grep "^${{ env.GAR_LOCATION }}-docker.pkg.dev" | tr '\n' ',') | |
| echo "tags=${GAR_TAGS%,}" >> $GITHUB_OUTPUT | |
| echo "GAR tags: ${GAR_TAGS%,}" | |
| - name: Build and push to GAR | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: applications/wg-easy | |
| file: applications/wg-easy/container/Containerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.gar-tags.outputs.tags }} | |
| labels: ${{ needs.build.outputs.labels }} | |
| cache-from: type=gha | |
| push-replicated: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Setup tools | |
| uses: ./.github/actions/setup-tools | |
| with: | |
| app-dir: applications/wg-easy | |
| - name: Log in to Replicated Registry | |
| run: | | |
| replicated registry login | |
| docker login ${{ env.REPLICATED_REGISTRY }} -u "${{ secrets.WG_EASY_REPLICATED_API_TOKEN }}" -p "${{ secrets.WG_EASY_REPLICATED_API_TOKEN }}" | |
| env: | |
| REPLICATED_API_TOKEN: ${{ secrets.WG_EASY_REPLICATED_API_TOKEN }} | |
| - name: Extract Replicated tags | |
| id: replicated-tags | |
| run: | | |
| REPLICATED_TAGS=$(echo '${{ needs.build.outputs.metadata }}' | jq -r '.tags[]' | grep "^${{ env.REPLICATED_REGISTRY }}" | tr '\n' ',') | |
| echo "tags=${REPLICATED_TAGS%,}" >> $GITHUB_OUTPUT | |
| echo "Replicated tags: ${REPLICATED_TAGS%,}" | |
| - name: Build and push to Replicated Registry | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: applications/wg-easy | |
| file: applications/wg-easy/container/Containerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.replicated-tags.outputs.tags }} | |
| labels: ${{ needs.build.outputs.labels }} | |
| cache-from: type=gha |