Build GHCR liquibase-workertools image #138

Workflow file for this run

.github/workflows/liquibase-ghcr-build-push.yml at 87e3ca9

	name: Build GHCR liquibase-workertools image

	permissions:
	packages: write

	on:
	push:
	branches:
	- main
	paths:
	- liquibase/**
	schedule:
	- cron: '0 7 * * *'
	workflow_dispatch:

	env:
	REGISTRY_IMAGE_BASE: ghcr.io/octopusdeploylabs/workertools
	REGISTRY_IMAGE: ghcr.io/octopusdeploylabs/liquibase-workertools

	jobs:

	get-version-number:
	runs-on: windows-latest
	outputs:
	CONTINUE: ${{ steps.check-version.outputs.CONTINUE }}
	VERSION: ${{ steps.check-version.outputs.VERSION }}
	steps:
	- uses: actions/checkout@v4
	- id: check-version
	name: Compare latest version with container
	run: \|
	$Repository = "liquibase/liquibase"
	$releasesUrl = "https://api.github.com/repos/$Repository/releases"

	$tags = (Invoke-WebRequest $releasesUrl -UseBasicParsing \| ConvertFrom-Json)
	$tagsWithAssets = @($tags \| Where-Object {$_.assets.Count -gt 0 })

	if($null -eq $tagsWithAssets) {
	throw "No valid tags found for liquibase tool!"
	}

	$latestLiquibaseTag = ($tagsWithAssets \| Select-Object -First 1)
	$latestLiquibaseVersion = $latestLiquibaseTag.tag_name -Replace "v",""

	[System.Version]$version = $null
	$versionParsed = [System.Version]::TryParse($latestLiquibaseVersion, [ref]$version)
	if(-not $versionParsed) {
	Write-Host "Unable to parse '$latestLiquibaseVersion' as a valid version. Won't continue"
	echo "CONTINUE=No" >> $env:GITHUB_OUTPUT
	}
	else {
	$versionToCompare = "$($version.Major).$($version.Minor).$($version.Build)"
	Write-Host "Parsed version as $versionToCompare"

	$token = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("${{ secrets.GITHUB_TOKEN }}"))
	$workerToolsTags = Invoke-RestMethod -Uri "https://ghcr.io/v2/${{ env.REGISTRY_IMAGE }}/tags/list" -Headers @{Authorization="Bearer $token"} -SkipHttpErrorCheck
	$matchingTag = $workerToolsTags.tags \| Where-Object { $_ -eq $versionToCompare }

	echo "VERSION=$versionToCompare" >> $env:GITHUB_OUTPUT

	if ($null -ne $matchingTag -or ($null -ne $workerToolsTags.errors -and $workerToolsTags.errors[0].code -ne "NAME_UNKNOWN"))
	{
	Write-Host "Docker container already has the latest version of liquibase"
	echo "CONTINUE=No" >> $env:GITHUB_OUTPUT
	}
	else
	{
	Write-Host "We need to upgrade the liquibase container to $versionToCompare"
	Write-Host "We have everything we need, continuing."
	echo "CONTINUE=Yes" >> $env:GITHUB_OUTPUT
	}
	}
	shell: pwsh

	build-linux:
	needs: [get-version-number]
	if: ${{ needs.get-version-number.outputs.CONTINUE == 'Yes' }}
	strategy:
	matrix:
	os:
	- ubuntu-latest
	platform:
	- linux/amd64
	- linux/arm64
	runs-on: ${{ matrix.os }}
	env:
	VERSION_NUMBER: ${{ needs.get-version-number.outputs.VERSION }}
	steps:

	- name: Prepare
	run: \|
	platform=${{ matrix.platform }}
	echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
	echo "PLATFORM_ARCH=${platform//[linux\/]/}" >> $GITHUB_ENV

	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	with:
	platforms: linux/amd64,linux/arm64

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to GHCR
	uses: docker/login-action@v3
	with:
	registry: https://ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Build and push image
	id: build
	uses: docker/build-push-action@v5
	with:
	context: liquibase/${{ env.PLATFORM_PAIR }}
	platforms: ${{ matrix.platform }}
	provenance: false
	build-args: \|
	BASE_IMAGE=${{ env.REGISTRY_IMAGE_BASE }}
	LIQUIBASE_VERSION=${{ env.VERSION_NUMBER }}
	outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true

	- name: Export digest
	run: \|
	mkdir -p /tmp/digests
	digest="${{ steps.build.outputs.digest }}"
	touch "/tmp/digests/${digest#sha256:}"

	- name: Upload digest
	uses: actions/upload-artifact@v4
	with:
	name: digests-${{ env.PLATFORM_PAIR }}
	path: /tmp/digests/*
	if-no-files-found: error
	retention-days: 1
	merge:
	needs: [get-version-number, build-linux]
	if: ${{ needs.get-version-number.outputs.CONTINUE == 'Yes' }}
	runs-on: ubuntu-latest
	env:
	VERSION_NUMBER: ${{ needs.get-version-number.outputs.VERSION }}
	steps:
	- name: Download digests
	uses: actions/download-artifact@v4
	with:
	path: /tmp/digests
	pattern: digests-*
	merge-multiple: true
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY_IMAGE }}
	tags: \|
	${{ env.VERSION_NUMBER }}
	latest
	- name: Login to GHCR
	uses: docker/login-action@v3
	with:
	registry: https://ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Create manifest list and push
	working-directory: /tmp/digests
	run: \|
	docker buildx imagetools create $(jq -cr '.tags \| map("-t " + .) \| join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
	$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
	- name: Inspect image
	run: \|
	docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build GHCR liquibase-workertools image #138

Workflow file

Build GHCR liquibase-workertools image #138

Jobs

Run details

Workflow file for this run