generated from astronomer/airflow-provider-sample
-
Notifications
You must be signed in to change notification settings - Fork 4
137 lines (126 loc) · 4.18 KB
/
buildkit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
name: Buildkit
on:
push:
branches:
- main
paths:
- 'buildkit/**'
- .github/workflows/buildkit.yml
- .github/workflows/lint.yml
- .github/actions/setup-env'
tags:
- 'buildkit/**'
pull_request:
paths:
- 'buildkit/**'
- .github/workflows/buildkit.yml
- .github/workflows/lint.yml
- .github/actions/setup-env
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- id: setup
name: Setup toolchains
uses: ./.github/actions/setup-env
with:
go: true
- id: test
run: go test ./...
working-directory: buildkit/
lint:
uses: ./.github/workflows/lint.yml
# https://github.com/marketplace/actions/alls-green#why used for branch protection checks
check:
if: always()
needs: [test, lint]
runs-on: ubuntu-latest
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
with:
jobs: ${{ toJSON(needs) }}
build:
# only run on push to main, with tag, or if PR has a "Full Build" label
if: "success() && (github.ref_type == 'tag' || github.ref == 'refs/heads/main' || contains(github.event.pull_request.labels.*.name, 'Full Build'))"
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
outputs:
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
version: ${{ steps.meta.outputs.version }}
json: ${{ steps.meta.outputs.json }}
steps:
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: ghcr.io/${{ github.repository_owner }}/airflow-extensions
labels: |
org.opencontainers.image.title=airflow-extensions
org.opencontainers.image.vendor=astronomer.io
tags: |
type=match,pattern=buildkit/(.*),group=1
type=match,pattern=buildkit/(v\d+)\.\d+\.\d+.*,group=1
type=ref,event=branch
type=ref,event=pr
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Build and push
uses: docker/build-push-action@v4
with:
context: "{{defaultContext}}:buildkit"
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
release:
needs: [build, check]
if: "success() && github.ref_type == 'tag'"
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Login to quay.io (destination)
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
- name: Login to GitHub Container Registry (source)
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Publish to Quay.io
run: |
docker buildx imagetools create \
--tag quay.io/astronomer/airflow-extensions:${{ needs.build.outputs.version }} \
${{ fromJSON(needs.build.outputs.json).tags[0] }}
- uses: actions/checkout@v3
- id: check-version
name: check package version
run: python .github/check-version.py
- name: Publish to Quay.io with major tag
# only if this is not a pre-release
if: ${{ ! steps.check-version.outputs.is_prerelease }}
run: |
docker buildx imagetools create \
--tag quay.io/astronomer/airflow-extensions:v${{ steps.check-version.outputs.major_ver }} \
${{ fromJSON(needs.build.outputs.json).tags[0] }}