Added script to generate versions manifest #27

Workflow file for this run

	# https://docs.docker.com/build/ci/github-actions/multi-platform/
	name: CI

	on:
	# https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows
	push:
	tags:
	# match on year.month[.day]: YY.MM[.dd]
	# https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
	- '[2-9][0-9].[0-1][0-9].?[0-3]?[0-9]?'

	env:
	REGISTRY_IMAGE: erhhung/al2023-devops

	jobs:
	launch-runner:
	runs-on: ubuntu-latest
	steps:
	# https://github.com/aws-actions/configure-aws-credentials
	- name: Configure AWS Credentials
	id: aws
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-region: ${{ vars.RUNNER_AWS_REGION }}
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

	# https://github.com/erhhung/ec2-github-runner
	- name: Launch Temporary EC2 Runner
	id: runner
	uses: erhhung/ec2-github-runner@v3
	env:
	RUN_INFO: ${{ github.run_id }}-${{ github.run_attempt }}
	with:
	mode: start
	github-token: ${{ secrets.RUNNER_GITHUB_REPOS_PAT }}
	labels: Linux,ARM64,AL2023
	ec2-image-id: ${{ vars.RUNNER_ARM64_AMI_ID }}
	# runner could lose connection to GitHub Actions
	# if using instance type smaller than t4g.xlarge
	ec2-instance-type: ${{ vars.RUNNER_ARM64_INSTANCE_TYPE }}
	spot-instance: 'true'
	subnet-id: ${{ vars.RUNNER_SUBNET_ID }}
	security-group-id: ${{ vars.RUNNER_SECURITY_GROUP_ID }}
	iam-role-name: ${{ vars.RUNNER_INSTANCE_ROLE_NAME }}
	aws-resource-tags: >
	[
	{"Key": "Name", "Value": "github-runner-${{ env.RUN_INFO }}"},
	{"Key": "GitHubRepo", "Value": "${{ github.repository }}"}
	]
	pre-runner-script: \|
	hostname="runner-$(date '+%y%m%d%H%M')-${{ env.RUN_INFO }}" && \
	hostnamectl set-hostname $hostname # host name == runner name
	# iptables is required to set up Docker
	# libicu is required by GHA Dotnet Core
	dnf update && dnf install -y git iptables libicu

	- name: Prepare Job Output Values
	id: output
	run: \|
	csv="self-hosted,${{ steps.runner.outputs.labels }}"
	cat <<EOF >> $GITHUB_OUTPUT
	labels-csv=$csv
	labels-json=["${csv//,/\",\"}"]
	EOF
	outputs:
	labels-csv: '${{ steps.output.outputs.labels-csv }}'
	labels-json: '${{ steps.output.outputs.labels-json }}'
	instance-id: ${{ steps.runner.outputs.ec2-instance-id }}

	build:
	needs: launch-runner
	# use self-hosted runner for arm64 build; use GitHub-hosted runner otherwise
	runs-on: ${{ matrix.platform == 'linux/arm64' && fromJSON( needs.launch-runner.outputs.labels-json ) \|\| 'ubuntu-latest' }}
	strategy:
	fail-fast: false
	matrix:
	platform:
	- linux/amd64
	- linux/arm64
	steps:
	# https://github.com/actions/checkout
	- name: Checkout Source Code
	id: checkout
	uses: actions/checkout@v4

	- name: Set Environment Variables
	id: env
	run: \|
	platform=${{ matrix.platform }}
	cat <<EOF >> $GITHUB_ENV
	PLATFORM_PAIR=${platform//\//-}
	EOF

	# https://github.com/crazy-max/ghaction-setup-docker
	- name: Set up Docker Daemon
	id: docker
	uses: crazy-max/ghaction-setup-docker@v3

	# https://github.com/docker/setup-qemu-action
	- name: Set up QEMU Emulator
	id: qemu
	uses: docker/setup-qemu-action@v3
	with:
	platforms: ${{ matrix.platform }}

	# https://github.com/docker/setup-buildx-action
	- name: Set up Docker BuildX
	id: buildx
	uses: docker/setup-buildx-action@v3
	with:
	version: latest
	platforms: ${{ matrix.platform }}
	buildkitd-flags: >-
	--allow-insecure-entitlement security.insecure
	--allow-insecure-entitlement network.host

	# https://github.com/docker/metadata-action
	- name: Extract Metadata for Docker
	id: metadata
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY_IMAGE }}

	# https://github.com/aws-actions/configure-aws-credentials
	- name: Configure AWS Credentials
	id: aws
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-region: us-east-1
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

	# https://github.com/aws-actions/amazon-ecr-login
	- name: Log in to ECR Public
	id: ecr
	uses: aws-actions/amazon-ecr-login@v2
	with:
	registry-type: public

	# https://github.com/docker/login-action
	- name: Log in to Docker Hub
	id: docker-hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_HUB_USERNAME }}
	password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

	# https://github.com/docker/build-push-action
	- name: Build and Push by Digest
	id: build
	uses: docker/build-push-action@v6
	env:
	BUILDKIT_PROGRESS: plain
	with:
	platforms: ${{ matrix.platform }}
	labels: ${{ steps.metadata.outputs.labels }}
	outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true

	# create 0-byte file named /tmp/digests/<digest>
	- name: Export Digest
	id: export
	run: \|
	digest="${{ steps.build.outputs.digest }}"
	[ "$digest" ] \|\| exit 1
	mkdir -p /tmp/digests
	touch "/tmp/digests/${digest#sha256:}"

	# https://github.com/actions/upload-artifact
	- name: Upload Digest
	id: upload
	uses: actions/upload-artifact@v4
	with:
	name: digests-${{ env.PLATFORM_PAIR }}
	path: /tmp/digests/*
	if-no-files-found: error
	retention-days: 1

	merge:
	needs: build
	runs-on: ubuntu-latest
	steps:
	# https://github.com/actions/download-artifact
	- name: Download Digests
	id: download
	uses: actions/download-artifact@v4
	with:
	path: /tmp/digests
	pattern: digests-*
	merge-multiple: true

	# https://github.com/crazy-max/ghaction-setup-docker
	- name: Set up Docker Daemon
	id: docker
	uses: crazy-max/ghaction-setup-docker@v3

	# https://github.com/docker/setup-buildx-action
	- name: Set up Docker BuildX
	id: buildx
	uses: docker/setup-buildx-action@v3

	# https://github.com/docker/metadata-action
	- name: Extract Metadata for Docker
	id: metadata
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY_IMAGE }}

	# https://github.com/docker/login-action
	- name: Log in to Docker Hub
	id: docker-hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_HUB_USERNAME }}
	password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

	- name: Create Manifests and Push
	id: manifests
	working-directory: /tmp/digests
	run: \|
	tags=($(jq -cr '[.tags[] \| "-t \(.)"] \| join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON"))
	images=($(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *))
	docker buildx imagetools create "${tags[@]}" "${images[@]}"

	# confirm merged image manifests
	- name: Inspect Image
	id: inspect
	run: \|
	tag="${{ env.REGISTRY_IMAGE }}:$DOCKER_METADATA_OUTPUT_VERSION"
	docker buildx imagetools inspect $tag

	terminate-runner:
	needs:
	- launch-runner
	- build
	runs-on: ubuntu-latest
	if: ${{ always() }}
	steps:
	# https://github.com/aws-actions/configure-aws-credentials
	- name: Configure AWS Credentials
	id: aws
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-region: ${{ vars.RUNNER_AWS_REGION }}
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

	# https://github.com/erhhung/ec2-github-runner
	- name: Terminate Temporary EC2 Runner
	id: runner
	uses: erhhung/ec2-github-runner@v3
	with:
	mode: stop
	github-token: ${{ secrets.RUNNER_GITHUB_REPOS_PAT }}
	labels: ${{ needs.launch-runner.outputs.labels-csv }}
	ec2-instance-id: ${{ needs.launch-runner.outputs.instance-id }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Added script to generate versions manifest #27

Workflow file

Added script to generate versions manifest #27

Jobs

Run details

Workflow file for this run