Skip to content

wip

wip #264

Workflow file for this run

name: Build
env:
QUAY_BASE: quay.io/jlebon/pet
FEDORA_TOOLBOX: quay.io/fedora/fedora-toolbox
CENTOS_TOOLBOX: quay.io/toolbx-images/centos-toolbox
on:
push:
branches: [main]
schedule:
- cron: '0 0 * * 6'
workflow_dispatch:
permissions:
contents: write
jobs:
query:
name: "Query Fedora versions"
runs-on: ubuntu-latest
outputs:
cosa: ${{steps.query_versions.outputs.cosa}}
matrix: ${{steps.query_versions.outputs.matrix}}
steps:
- name: Query Fedora versions
id: query_versions
run: |
set -xeuo pipefail
stable=$(curl -L https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/builds.json | jq -r .builds[0].id | cut -f1 -d.)
rawhide=$(curl -L https://builds.coreos.fedoraproject.org/prod/streams/rawhide/builds/builds.json | jq -r .builds[0].id | cut -f1 -d.)
cosa=$(curl -L https://raw.githubusercontent.com/coreos/coreos-assembler/main/Dockerfile | grep '^FROM ' | cut -f2 -d:)
echo "cosa=$cosa" >> $GITHUB_OUTPUT
echo "matrix=$(seq $stable $rawhide | jq -cnR '[inputs]')" >> $GITHUB_OUTPUT
build-fedora:
name: "Build Fedora container images"
needs: query
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
releasever: ${{fromJson(needs.query.outputs.matrix)}}
steps:
# - name: Free Disk Space (Ubuntu)
# uses: jlumbroso/[email protected]
- name: Check out repository
uses: actions/checkout@v4
- name: Build
run: |
set -xeuo pipefail
n=${{ matrix.releasever }}
podman build --cap-add=CAP_DAC_OVERRIDE --from $FEDORA_TOOLBOX:$n -t "${{ env.QUAY_BASE }}:f$n" .
- name: Push
run: |
set -xeuo pipefail
mkdir -p ~/.docker
cat > ~/.docker/config.json <<EOF
${{ secrets.QUAY_AUTH }}
EOF
n=${{ matrix.releasever }}
podman push "${{ env.QUAY_BASE }}:f$n"
if [[ $n == ${{ needs.query.outputs.cosa }} ]]; then
podman tag "${{ env.QUAY_BASE }}:f$n" "${{ env.QUAY_BASE }}:latest"
podman push "${{ env.QUAY_BASE }}:latest"
fi
rm ~/.docker/config.json
- name: Update README and Containerfile
if: ${{ matrix.releasever == needs.query.outputs.cosa }}
run: |
# This is load-bearing: GitHub will disable the job if the repo
# doesn't stay active. Do not enable branch protection for main;
# it'll break this.
set -xeuo pipefail
git config user.name 'Jonathan Lebon'
git config user.email [email protected]
sed -i "s/updated-.*-green/updated-$(date +%Y--%m--%d)-green/" README.md
sed -i "s/fedora-toolbox:.*/fedora-toolbox:${{ matrix.releasever }}/" Containerfile
git add README.md Containerfile
if git diff --quiet --staged --exit-code; then
echo "README.md already up to date"
exit 0
fi
git commit -m "README.md: update build date"
git push
build-centos:
name: "Build CentOS container images"
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
tag: ["stream9:c9s"]
steps:
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/[email protected]
- name: Check out repository
uses: actions/checkout@v4
- name: Build
run: |
set -xeuo pipefail
from_tag=${{ matrix.tag }}; from_tag=${from_tag%:*}
to_tag=${{ matrix.tag }}; to_tag=${to_tag#*:}
podman build --from $CENTOS_TOOLBOX:$from_tag -t "${{ env.QUAY_BASE }}:$to_tag" -f Containerfile
- name: Push
run: |
set -xeuo pipefail
mkdir -p ~/.docker
cat > ~/.docker/config.json <<EOF
${{ secrets.QUAY_AUTH }}
EOF
to_tag=${{ matrix.tag }}; to_tag=${to_tag#*:}
podman push "${{ env.QUAY_BASE }}:$to_tag"
rm ~/.docker/config.json