docker-image-simple #320
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: docker-image-simple | |
on: | |
schedule: | |
- cron: '30 0 * * *' # Scheduled runs every day at 0:30am UTC | |
workflow_dispatch: | |
workflow_call: | |
jobs: | |
"D": # short name because GH will expand with the matrix values | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false # let other jobs try to complete if one fails | |
matrix: | |
include: | |
- os: "ubuntu" | |
release: "jammy" | |
platforms: "linux/amd64,linux/arm64" # linux/riscv64 is on hold - checked 2024-06-06 and it's not at https://hub.docker.com/_/ubuntu/tags?page=&page_size=&ordering=&name=jammy | |
cache-from: "type=gha,scope=docker_build_jammy" # all-automatic GitHub Actions caching | |
cache-to: "type=gha,scope=docker_build_jammy,mode=max" # all-automatic GitHub Actions caching, max mode | |
- os: "debian" | |
release: "bookworm" | |
platforms: "linux/amd64,linux/arm64" # linux/riscv64 is on hold - checked 2024-06-06 and it's not at https://hub.docker.com/_/debian/tags?page=&page_size=&ordering=&name=bookworm | |
cache-from: "" # no caching | |
cache-to: "" # no caching | |
- os: "debian" | |
release: "sid" | |
platforms: "linux/amd64,linux/arm64" # sid has linux/riscv64, but it doesn't carry packages we need yet. | |
cache-from: "" # no caching | |
cache-to: "" # no caching | |
- os: "ubuntu" | |
release: "noble" | |
platforms: "linux/amd64,linux/arm64" # linux/riscv64 is on hold - checked 2024-06-06 and it's not at https://hub.docker.com/_/ubuntu/tags?page=&page_size=&ordering=&name=noble | |
cache-from: "type=gha,scope=docker_build_noble" # all-automatic GitHub Actions caching | |
cache-to: "type=gha,scope=docker_build_noble,mode=max" # all-automatic GitHub Actions caching, max mode | |
name: "${{ matrix.release }} (${{ matrix.os }})" | |
env: | |
DOCKERFILE_OS: "${{ matrix.os }}" | |
DOCKERFILE_RELEASE: "${{ matrix.release }}" | |
steps: | |
- name: Checkout build repo | |
uses: actions/checkout@v4 | |
with: | |
repository: ${{ github.repository_owner }}/armbian-build | |
ref: extensions | |
clean: true # true is default. it *will* delete the hosts /dev if mounted inside. | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Docker Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} # github username or org | |
password: ${{ secrets.GITHUB_TOKEN }} # github actions builtin token. repo has to have pkg access. | |
- name: Prepare | |
id: prep | |
run: echo "created=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT | |
- name: Generate Dockerfile for ${{env.DOCKERFILE_OS}}:${{env.DOCKERFILE_RELEASE}} via Armbian helper script | |
id: generate | |
env: | |
DOCKER_ARMBIAN_BASE_IMAGE: "${{env.DOCKERFILE_OS}}:${{env.DOCKERFILE_RELEASE}}" # Use this base image | |
DOCKERFILE_USE_ARMBIAN_IMAGE_AS_BASE: "no" # Do NOT use the Armbian image as base image to speed up; we're creating it here | |
run: | | |
bash ./compile.sh generate-dockerfile | |
- name: Build and push ${{env.DOCKERFILE_OS}}:${{env.DOCKERFILE_RELEASE}} (first try) | |
id: docker_build_first | |
continue-on-error: true | |
timeout-minutes: 40 | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
provenance: false # until ghcr.io doesn't show provenance attestations properly, it reports an unknown/unknown "arch" instead. disable | |
sbom: false # no SBOM for now, ghcr.io doesn't support it and pukes | |
file: ./Dockerfile | |
platforms: "${{ matrix.platforms }}" | |
pull: true # Pull new version of base image, always; avoid bit-rot | |
push: true | |
labels: | | |
org.opencontainers.image.title=${{ github.repository }} | |
org.opencontainers.image.description=${{ github.event.repository.description }} | |
org.opencontainers.image.url=${{ github.event.repository.html_url }} | |
org.opencontainers.image.source=${{ github.event.repository.clone_url }} | |
org.opencontainers.image.created=${{ steps.prep.outputs.created }} | |
org.opencontainers.image.revision=${{ github.sha }} | |
org.opencontainers.image.licenses=${{ github.event.repository.license.spdx_id }} | |
cache-from: "${{ matrix.cache-from }}" | |
cache-to: "${{ matrix.cache-to }}" | |
tags: ghcr.io/${{ github.repository_owner }}/armbian-builder:armbian-next-${{env.DOCKERFILE_OS}}-${{env.DOCKERFILE_RELEASE}}-latest | |
- name: sleep a random amount of seconds, up to 60, if build/push failed, before trying again | |
if: steps.docker_build_first.outcome == 'failure' | |
run: | | |
echo "::notice os=${{env.DOCKERFILE_OS}},release=${{env.DOCKERFILE_RELEASE}}::Build/push failed, retrying" | |
sleep $((RANDOM % 60)) | |
- name: Build and push again (second try if first failed) | |
id: docker_build_second | |
if: steps.docker_build_first.outcome == 'failure' | |
continue-on-error: false # let the build break if the two tries fail | |
timeout-minutes: 40 | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
provenance: false # until ghcr.io doesn't show provenance attestations properly, it reports an unknown/unknown "arch" instead. disable | |
sbom: false # no SBOM for now, ghcr.io doesn't support it and pukes | |
file: ./Dockerfile | |
platforms: "${{ matrix.platforms }}" | |
pull: false # Don't pull when retrying | |
push: true | |
labels: | | |
org.opencontainers.image.title=${{ github.repository }} | |
org.opencontainers.image.description=${{ github.event.repository.description }} | |
org.opencontainers.image.url=${{ github.event.repository.html_url }} | |
org.opencontainers.image.source=${{ github.event.repository.clone_url }} | |
org.opencontainers.image.created=${{ steps.prep.outputs.created }} | |
org.opencontainers.image.revision=${{ github.sha }} | |
org.opencontainers.image.licenses=${{ github.event.repository.license.spdx_id }} | |
#cache-from: "${{ matrix.cache-from }}" # do NOT reload cache when retrying | |
cache-to: "${{ matrix.cache-to }}" # but do save cache | |
tags: ghcr.io/${{ github.repository }}:armbian-next-${{env.DOCKERFILE_OS}}-${{env.DOCKERFILE_RELEASE}}-latest | |