chore: more github token testing #4
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Multi-Architecture Docker Build' | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| images: | ||
| description: 'Name of images to build' | ||
| required: true | ||
| type: string | ||
| acr-registry-url: | ||
| description: 'The url of the ACR registry to fetch credentials from' | ||
| required: false | ||
| type: string | ||
| default: 'tignis.azurecr.io' | ||
| push: | ||
| description: 'Also push the image to the remote repository' | ||
| required: false | ||
| type: string | ||
| default: 'true' | ||
| docker-build-context: | ||
| description: 'Build context for docker' | ||
| required: false | ||
| type: string | ||
| default: '.' | ||
| dockerfile: | ||
| description: 'Name of the docker file to use' | ||
| required: false | ||
| type: string | ||
| default: 'Dockerfile' | ||
| GITHUB_TOKEN: | ||
| description: 'Github token of the repository (automatically created by Github)' | ||
| required: false | ||
| default: ${{ github.token }} | ||
| secrets: | ||
| acr-username: | ||
| description: 'Username to use when logging into ACR' | ||
| required: true | ||
| acr-password: | ||
| description: 'Password to use when logging into ACR' | ||
| required: true | ||
| pip-extra-index-url: | ||
| description: 'The PIP_EXTRA_INDEX_URL for private pip packages' | ||
| required: true | ||
| outputs: | ||
| tag: | ||
| description: 'Final tag used for the multi-architecture docker image' | ||
| value: ${{ jobs.docker-manifest.outputs.tag }} | ||
| jobs: | ||
| docker-amd64: | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| tag: ${{ steps.docker.outputs.tag }} | ||
| digest: ${{ steps.digest.outputs.digest }} | ||
| image: ${{ inputs.images }} | ||
| tag-prefix: arm64- | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Build and Push docker image (AMD64) | ||
| id: docker | ||
| uses: tignis/docker-github-action@31f23964bad69de8e2731bdbe4977825e3447b6b | ||
| with: | ||
| images: ${{ inputs.images }} | ||
| acr-username: ${{ secrets.acr-username }} | ||
| acr-password: ${{ secrets.acr-password }} | ||
| acr-registry-url: ${{ inputs.acr-registry-url }} | ||
| pip-extra-index-url: ${{ secrets.pip-extra-index-url }} | ||
| push: ${{ inputs.push }} | ||
| docker-build-context: ${{ inputs.docker-build-context }} | ||
| dockerfile: ${{ inputs.dockerfile }} | ||
| platforms: 'linux/amd64' | ||
| tag-prefix: 'amd64-' | ||
| GITHUB_TOKEN: ${{ inputs.token }} | ||
| docker-arm64: | ||
| runs-on: [self-hosted, linux, ARM64] | ||
| outputs: | ||
| tag: ${{ steps.docker.outputs.tag }} | ||
| digest: ${{ steps.digest.outputs.digest }} | ||
| tag-prefix: arm64- | ||
| image: ${{ inputs.images }} | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Build and Push docker image (ARM64) | ||
| id: docker | ||
| uses: tignis/docker-github-action@31f23964bad69de8e2731bdbe4977825e3447b6b | ||
| with: | ||
| images: ${{ inputs.images }} | ||
| acr-username: ${{ secrets.acr-username }} | ||
| acr-password: ${{ secrets.acr-password }} | ||
| acr-registry-url: ${{ inputs.acr-registry-url }} | ||
| pip-extra-index-url: ${{ secrets.pip-extra-index-url }} | ||
| push: ${{ inputs.push }} | ||
| docker-build-context: ${{ inputs.docker-build-context }} | ||
| dockerfile: ${{ inputs.dockerfile }} | ||
| platforms: 'linux/arm64' | ||
| tag-prefix: 'arm64-' | ||
| GITHUB_TOKEN: ${{ inputs.token }} | ||
| docker-manifest: | ||
| needs: [docker-amd64, docker-arm64] | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| tag: ${{ steps.manifest.outputs.tag }} | ||
| steps: | ||
| - name: Login to ACR | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ${{ inputs.acr-registry-url }} | ||
| username: ${{ secrets.acr-username }} | ||
| password: ${{ secrets.acr-password }} | ||
| - name: Build manifest | ||
| shell: bash | ||
| run: | | ||
| TAG=${{ needs.docker-amd64.outputs.tag }} | ||
| TAG=${TAG#${{ needs.docker-amd64.outputs.image }}:${{ needs.docker-amd64.outputs.tag-prefix }}} | ||
| DIGEST_ARM64=$(docker manifest inspect ${{ needs.docker-arm64.outputs.tag }} | jq -r '.manifests[] | select(.platform.architecture=="arm64") | .digest') | ||
| DIGEST_AMD64=$(docker manifest inspect ${{ needs.docker-amd64.outputs.tag }} | jq -r '.manifests[] | select(.platform.architecture=="amd64") | .digest') | ||
| docker manifest create ${{ needs.docker-amd64.outputs.image }}:${TAG} ${{ needs.docker-arm64.outputs.image }}@${DIGEST_ARM64} ${{ needs.docker-amd64.outputs.image }}@${DIGEST_AMD64} | ||
| docker manifest push ${{ needs.docker-amd64.outputs.image }}:${TAG} | ||
