This repository has been archived by the owner on Nov 5, 2024. It is now read-only.

CD workflow improvements #211

Workflow file for this run

	name: CD

	on:
	push:
	branches: [master]
	schedule:
	- cron: '30 4 /3 *'
	workflow_dispatch:
	inputs:
	force_rebuild:
	description: 'Force container rebuild'
	required: true
	type: choice
	options: [yes, no]

	permissions:
	packages: write
	contents: read

	env:
	IMAGE_NAME: ${{ github.repository }}

	jobs:
	Hadolint:
	name: Hadolint
	runs-on: ubuntu-latest

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Check dockerfiles with Hadolint
	uses: essentialkaos/hadolint-action@v1
	with:
	files: jruby.docker ruby.docker ruby-jemalloc.docker

	Ruby:
	name: Ruby
	runs-on: ubuntu-latest
	timeout-minutes: 10

	needs: Hadolint

	strategy:
	fail-fast: false
	max-parallel: 1
	matrix:
	version: [
	'2.7.7',
	'2.7.8',
	'3.0.5',
	'3.0.6',
	'3.1.3',
	'3.1.4',
	'3.2.0',
	'3.2.1',
	'3.2.2',
	'3.2.3',
	'3.2.4',
	'3.3.0',
	'3.3.1'
	]

	steps:
	- name: Login to DockerHub
	uses: docker/login-action@v2
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v2
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Checkout
	uses: actions/checkout@v4

	- name: Prepare metadata for build
	id: metadata
	run: \|
	docker_file="ruby.docker"
	base_image=$(grep 'FROM ' $docker_file \| grep -v 'installer' \| sed 's#${REGISTRY}/##' \| tail -1 \| cut -f2 -d' ')

	if [[ -z "$base_image" ]] ; then
	echo "::error::Can't extract base image info"
	exit 1
	fi

	echo "dockerfile=$docker_file" >> $GITHUB_OUTPUT
	echo "baseimage=$base_image" >> $GITHUB_OUTPUT

	echo -e "\033[34mDockerfile:\033[0m $docker_file"
	echo -e "\033[34mBase image:\033[0m $base_image"

	- name: Check if build/rebuild is required
	id: build_check
	continue-on-error: true
	run: \|
	# [build-check]

	if [[ "${{github.event.inputs.force_rebuild}}" == "true" ]] ; then
	echo "::warning::Rebuild ${{matrix.version}} (reason: forced rebuild)"
	echo "build=true" >> $GITHUB_OUTPUT
	exit 0
	fi

	echo -e "::group::\033[34mFetching manifest of image…\033[0m"

	docker manifest inspect "ghcr.io/${{env.IMAGE_NAME}}:${{matrix.version}}" \| jq
	docker manifest inspect "ghcr.io/${{env.IMAGE_NAME}}:${{matrix.version}}" \| jq '.'
	docker manifest inspect "ghcr.io/${{env.IMAGE_NAME}}:${{matrix.version}}" \| jq '.layers'
	docker manifest inspect "ghcr.io/${{env.IMAGE_NAME}}:${{matrix.version}}" \| jq '.layers[]'
	docker manifest inspect "ghcr.io/${{env.IMAGE_NAME}}:${{matrix.version}}" \| jq '.layers[].digest'

	image_base_layers=$(docker manifest inspect "ghcr.io/${{env.IMAGE_NAME}}:${{matrix.version}}" -v \| jq '.layers[].digest')

	if [[ -z "$image_base_layers" ]] ; then
	echo "::warning::Rebuild ${{matrix.version}} (reason: new image)"
	echo "build=true" >> $GITHUB_OUTPUT
	exit 0
	fi

	echo "::endgroup::"
	echo -e "::group::\033[34mFetching manifest of base image…\033[0m"

	base_layer=$(docker manifest inspect "${{steps.metadata.outputs.baseimage}}" -v \| jq '.SchemaV2Manifest.layers[-1].digest')

	if [[ -z "$base_layer" ]] ; then
	echo "::error::Can't download image ${{steps.metadata.outputs.baseimage}} manifest"
	exit 1
	fi

	echo "::endgroup::"

	if ! echo "$image_base_layers" \| grep -q "$base_layer" ; then
	echo "::warning::Rebuild image (reason: base image rebuilt)"
	echo "build=true" >> $GITHUB_OUTPUT
	exit 0
	fi

	- name: Setup Docker BuildX
	if: ${{ steps.build_check.outputs.build == 'true' }}
	uses: docker/setup-buildx-action@v3

	- name: Build and push Docker images (Docker)
	if: ${{ steps.build_check.outputs.build == 'true' }}
	uses: docker/build-push-action@v5
	with:
	push: true
	context: .
	cache-from: type=gha
	cache-to: type=gha,mode=max
	file: ${{steps.metadata.outputs.dockerfile}}
	build-args: \|
	REGISTRY=docker.io
	RUBY_VERSION=${{matrix.version}}
	tags: ${{github.repository}}:${{matrix.version}}

	- name: Build and push Docker images (GHCR)
	if: ${{ steps.build_check.outputs.build == 'true' }}
	uses: docker/build-push-action@v5
	with:
	push: true
	context: .
	cache-from: type=gha
	cache-to: type=gha,mode=max
	file: ${{steps.metadata.outputs.dockerfile}}
	build-args: \|
	REGISTRY=ghcr.io
	RUBY_VERSION=${{matrix.version}}
	tags: ghcr.io/${{github.repository}}:${{matrix.version}}

	- name: Show info about images
	uses: essentialkaos/docker-info-action@v1
	with:
	image: ghcr.io/${{github.repository}}:${{matrix.version}}

	RubyJemalloc:
	name: Ruby+Jemalloc
	runs-on: ubuntu-latest
	timeout-minutes: 10

	needs: Hadolint

	strategy:
	fail-fast: false
	max-parallel: 1
	matrix:
	version: [
	'2.7.7',
	'2.7.8',
	'3.0.5',
	'3.0.6',
	'3.1.3',
	'3.1.4',
	'3.2.0',
	'3.2.1',
	'3.2.2',
	'3.2.3',
	'3.2.4',
	'3.3.0',
	'3.3.1'
	]

	steps:
	- name: Login to DockerHub
	uses: docker/login-action@v2
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v2
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Checkout
	uses: actions/checkout@v4

	- name: Prepare metadata for build
	id: metadata
	run: \|
	docker_file="ruby-jemalloc.docker"
	base_image=$(grep 'FROM ' $docker_file \| grep -v 'installer' \| sed 's#${REGISTRY}/##' \| tail -1 \| cut -f2 -d' ')

	if [[ -z "$base_image" ]] ; then
	echo "::error::Can't extract base image info"
	exit 1
	fi

	echo "dockerfile=$docker_file" >> $GITHUB_OUTPUT
	echo "baseimage=$base_image" >> $GITHUB_OUTPUT

	echo -e "\033[34mDockerfile:\033[0m $docker_file"
	echo -e "\033[34mBase image:\033[0m $base_image"

	- name: Check if build/rebuild is required
	id: build_check
	continue-on-error: true
	run: \|
	# [build-check]

	if [[ "${{github.event.inputs.force_rebuild}}" == "true" ]] ; then
	echo "::warning::Rebuild ${{matrix.version}} (reason: forced rebuild)"
	echo "build=true" >> $GITHUB_OUTPUT
	exit 0
	fi

	echo -e "::group::\033[34mFetching manifest of image…\033[0m"

	image_base_layers=$(docker manifest inspect "ghcr.io/${{env.IMAGE_NAME}}:${{matrix.version}}-jemalloc" -v 2>/dev/null \| jq '.[0].OCIManifest.layers[].digest')

	if [[ -z "$image_base_layers" ]] ; then
	echo "::warning::Rebuild ${{matrix.version}} (reason: new image)"
	echo "build=true" >> $GITHUB_OUTPUT
	exit 0
	fi

	echo "::endgroup::"
	echo -e "::group::\033[34mFetching manifest of base image…\033[0m"

	base_layer=$(docker manifest inspect "${{steps.metadata.outputs.baseimage}}" -v 2>/dev/null \| jq '.SchemaV2Manifest.layers[-1].digest')

	if [[ -z "$base_layer" ]] ; then
	echo "::error::Can't download image ${{steps.metadata.outputs.baseimage}} manifest"
	exit 1
	fi

	echo "::endgroup::"

	if ! echo "$image_base_layers" \| grep -q "$base_layer" ; then
	echo "::warning::Rebuild image (reason: base image rebuilt)"
	echo "build=true" >> $GITHUB_OUTPUT
	exit 0
	fi

	- name: Setup Docker BuildX
	if: ${{ steps.build_check.outputs.build == 'true' }}
	uses: docker/setup-buildx-action@v3

	- name: Build and push Docker images (Docker)
	if: ${{ steps.build_check.outputs.build == 'true' }}
	uses: docker/build-push-action@v5
	with:
	push: true
	context: .
	cache-from: type=gha
	cache-to: type=gha,mode=max
	file: ${{steps.metadata.outputs.dockerfile}}
	build-args: \|
	REGISTRY=docker.io
	RUBY_VERSION=${{matrix.version}}
	tags: ${{github.repository}}:${{matrix.version}}-jemalloc

	- name: Build and push Docker images (GHCR)
	if: ${{ steps.build_check.outputs.build == 'true' }}
	uses: docker/build-push-action@v5
	with:
	push: true
	context: .
	cache-from: type=gha
	cache-to: type=gha,mode=max
	file: ${{steps.metadata.outputs.dockerfile}}
	build-args: \|
	REGISTRY=ghcr.io
	RUBY_VERSION=${{matrix.version}}
	tags: ghcr.io/${{github.repository}}:${{matrix.version}}-jemalloc

	- name: Show info about images
	uses: essentialkaos/docker-info-action@v1
	with:
	image: ghcr.io/${{github.repository}}:${{matrix.version}}-jemalloc

	JRuby:
	name: JRuby
	runs-on: ubuntu-latest
	timeout-minutes: 10

	needs: Hadolint

	strategy:
	fail-fast: false
	max-parallel: 1
	matrix:
	version: [
	'9.3.9.0',
	'9.3.10.0',
	'9.4.0.0',
	'9.4.1.0',
	'9.4.2.0',
	'9.4.3.0',
	'9.4.4.0',
	'9.4.5.0',
	'9.4.6.0'
	]

	steps:
	- name: Login to DockerHub
	uses: docker/login-action@v2
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v2
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Checkout
	uses: actions/checkout@v4

	- name: Prepare metadata for build
	id: metadata
	run: \|
	docker_file="jruby.docker"
	base_image=$(grep 'FROM ' $docker_file \| grep -v 'installer' \| sed 's#${REGISTRY}/##' \| tail -1 \| cut -f2 -d' ')

	if [[ -z "$base_image" ]] ; then
	echo "::error::Can't extract base image info"
	exit 1
	fi

	echo "dockerfile=$docker_file" >> $GITHUB_OUTPUT
	echo "baseimage=$base_image" >> $GITHUB_OUTPUT

	echo -e "\033[34mDockerfile:\033[0m $docker_file"
	echo -e "\033[34mBase image:\033[0m $base_image"

	- name: Check if build/rebuild is required
	id: build_check
	continue-on-error: true
	run: \|
	# [build-check]

	if [[ "${{github.event.inputs.force_rebuild}}" == "true" ]] ; then
	echo "::warning::Rebuild ${{matrix.version}} (reason: forced rebuild)"
	echo "build=true" >> $GITHUB_OUTPUT
	exit 0
	fi

	echo -e "::group::\033[34mFetching manifest of image…\033[0m"

	image_base_layers=$(docker manifest inspect "ghcr.io/${{env.IMAGE_NAME}}:jruby-${{matrix.version}}" -v 2>/dev/null \| jq '.[0].OCIManifest.layers[].digest')

	if [[ -z "$image_base_layers" ]] ; then
	echo "::warning::Rebuild ${{matrix.version}} (reason: new image)"
	echo "build=true" >> $GITHUB_OUTPUT
	exit 0
	fi

	echo "::endgroup::"
	echo -e "::group::\033[34mFetching manifest of base image…\033[0m"

	base_layer=$(docker manifest inspect "${{steps.metadata.outputs.baseimage}}" -v 2>/dev/null \| jq '.SchemaV2Manifest.layers[-1].digest')

	if [[ -z "$base_layer" ]] ; then
	echo "::error::Can't download image ${{steps.metadata.outputs.baseimage}} manifest"
	exit 1
	fi

	echo "::endgroup::"

	if ! echo "$image_base_layers" \| grep -q "$base_layer" ; then
	echo "::warning::Rebuild image (reason: base image rebuilt)"
	echo "build=true" >> $GITHUB_OUTPUT
	exit 0
	fi

	- name: Setup Docker BuildX
	if: ${{ steps.build_check.outputs.build == 'true' }}
	uses: docker/setup-buildx-action@v3

	- name: Build and push Docker images (Docker)
	if: ${{ steps.build_check.outputs.build == 'true' }}
	uses: docker/build-push-action@v5
	with:
	push: true
	context: .
	cache-from: type=gha
	cache-to: type=gha,mode=max
	file: ${{steps.metadata.outputs.dockerfile}}
	build-args: \|
	REGISTRY=docker.io
	RUBY_VERSION=${{matrix.version}}
	tags: ${{github.repository}}:jruby-${{matrix.version}}

	- name: Build and push Docker images (GHCR)
	if: ${{ steps.build_check.outputs.build == 'true' }}
	uses: docker/build-push-action@v5
	with:
	push: true
	context: .
	cache-from: type=gha
	cache-to: type=gha,mode=max
	file: ${{steps.metadata.outputs.dockerfile}}
	build-args: \|
	REGISTRY=ghcr.io
	RUBY_VERSION=${{matrix.version}}
	tags: ghcr.io/${{github.repository}}:jruby-${{matrix.version}}

	- name: Show info about images
	uses: essentialkaos/docker-info-action@v1
	with:
	image: ghcr.io/${{github.repository}}:jruby-${{matrix.version}}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CD workflow improvements #211

Workflow file

CD workflow improvements #211

Jobs

Run details

Workflow file for this run