GitHub Actions Runner in Docker - Base #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: GitHub Actions Runner in Docker - Base | |
| on: | |
| push: | |
| paths: | |
| - Dockerfile.base | |
| - .github/workflows/base.yml | |
| - goss* | |
| branches: | |
| - master | |
| - develop | |
| schedule: | |
| - cron: '0 22 * * *' | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| ubuntu_base_tests: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| release: [jammy, focal, noble] | |
| platform: [amd64, arm64] | |
| fail-fast: false | |
| steps: | |
| - name: Copy Repo Files | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - name: Get GitHub organization or user | |
| run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 | |
| with: | |
| image: tonistiigi/binfmt:qemu-v7.0.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 | |
| - name: Copy Dockerfile | |
| run: cp Dockerfile.base Dockerfile.base.ubuntu-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM ubuntu:${{ matrix.release }}/' Dockerfile.base.ubuntu-${{ matrix.release }} | |
| - name: Install Goss and dgoss | |
| run: | | |
| curl -fsSL https://goss.rocks/install | sh | |
| export PATH=$PATH:/usr/local/bin | |
| - name: Get current Git SHA | |
| id: vars | |
| run: echo "GIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV | |
| - name: set testable image environment variable | |
| id: testvars | |
| run: echo "GH_RUNNER_IMAGE=ubuntu-${{ matrix.release }}-${{ env.GIT_SHA }}-${{ matrix.platform }}" >> $GITHUB_ENV | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Retry build and load | |
| uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 | |
| with: | |
| timeout_minutes: 60 | |
| max_attempts: 3 | |
| command: | | |
| docker buildx build \ | |
| --file Dockerfile \ | |
| --platform linux/${{ matrix.platform }} \ | |
| --tag ${{ env.GH_RUNNER_IMAGE }} \ | |
| --load \ | |
| --pull \ | |
| --cache-from type=gha \ | |
| --cache-to type=gha,mode=max \ | |
| . | |
| - name: Run goss tests | |
| uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 | |
| with: | |
| timeout_minutes: 60 | |
| max_attempts: 3 | |
| command: | | |
| echo "os: ubuntu" >goss_vars_${GH_RUNNER_IMAGE}.yaml | |
| echo "oscodename: ${{ matrix.release }}" >>goss_vars_${GH_RUNNER_IMAGE}.yaml | |
| echo "arch: ${{ matrix.platform }}" >>goss_vars_${GH_RUNNER_IMAGE}.yaml | |
| GOSS_VARS=goss_vars_${GH_RUNNER_IMAGE}.yaml GOSS_FILE=goss_base.yaml GOSS_SLEEP=1 dgoss run --entrypoint /usr/bin/sleep -e RUNNER_NAME=test -e DEBUG_ONLY=true ${GH_RUNNER_IMAGE} 10 | |
| if [ $? -ne 0 ]; then | |
| exit 1 | |
| fi | |
| debian_base_tests: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| release: [bookworm, trixie] | |
| platform: [amd64, arm64] | |
| fail-fast: false | |
| steps: | |
| - name: Copy Repo Files | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - name: Get GitHub organization or user | |
| run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 | |
| with: | |
| image: tonistiigi/binfmt:qemu-v7.0.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 | |
| - name: Copy Dockerfile | |
| run: cp Dockerfile.base Dockerfile.base.debian-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM debian:${{ matrix.release }}/' Dockerfile.base.debian-${{ matrix.release }} | |
| - name: Install Goss and dgoss | |
| run: | | |
| curl -fsSL https://goss.rocks/install | sh | |
| export PATH=$PATH:/usr/local/bin | |
| - name: Get current Git SHA | |
| id: vars | |
| run: echo "GIT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV | |
| - name: set testable image environment variable | |
| id: testvars | |
| run: echo "GH_RUNNER_IMAGE=debian-${{ matrix.release }}-${{ env.GIT_SHA }}-${{ matrix.platform }}" >> $GITHUB_ENV | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Retry build | |
| uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 | |
| with: | |
| timeout_minutes: 60 | |
| max_attempts: 3 | |
| command: | | |
| docker buildx build \ | |
| --file Dockerfile.base.debian-${{ matrix.release }} \ | |
| --platform linux/${{ matrix.platform }} \ | |
| --tag ${{ env.GH_RUNNER_IMAGE }} \ | |
| --load \ | |
| --pull \ | |
| --cache-from type=gha \ | |
| --cache-to type=gha,mode=max \ | |
| . | |
| - name: Run goss tests | |
| uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 | |
| with: | |
| timeout_minutes: 60 | |
| max_attempts: 3 | |
| command: | | |
| echo "os: debian" >goss_vars_${GH_RUNNER_IMAGE}.yaml | |
| echo "oscodename: ${{ matrix.release }}" >>goss_vars_${GH_RUNNER_IMAGE}.yaml | |
| echo "arch: ${{ matrix.platform }}" >>goss_vars_${GH_RUNNER_IMAGE}.yaml | |
| GOSS_VARS=goss_vars_${GH_RUNNER_IMAGE}.yaml GOSS_FILE=goss_base.yaml GOSS_SLEEP=1 dgoss run --entrypoint /usr/bin/sleep -e RUNNER_NAME=test -e DEBUG_ONLY=true ${GH_RUNNER_IMAGE} 10 | |
| if [ $? -ne 0 ]; then | |
| exit 1 | |
| fi | |
| ubuntu_base_latest_deploy: | |
| runs-on: ubuntu-latest | |
| needs: ubuntu_base_tests | |
| steps: | |
| - name: Copy Repo Files | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - name: Get GitHub organization or user | |
| run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 | |
| with: | |
| image: tonistiigi/binfmt:qemu-v7.0.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Retry build and push | |
| uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 | |
| with: | |
| timeout_minutes: 60 | |
| max_attempts: 3 | |
| command: | | |
| docker buildx build \ | |
| --file Dockerfile.base \ | |
| --platform linux/amd64,linux/arm64 \ | |
| --tag ghcr.io/${{ github.repository }}-base:latest \ | |
| --push \ | |
| --pull \ | |
| --cache-from type=gha \ | |
| --cache-to type=gha,mode=max \ | |
| . | |
| ubuntu_base_deploy: | |
| runs-on: ubuntu-latest | |
| needs: ubuntu_base_tests | |
| strategy: | |
| matrix: | |
| release: [jammy, focal, noble] | |
| fail-fast: false | |
| steps: | |
| - name: Copy Repo Files | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - name: Get GitHub organization or user | |
| run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 | |
| with: | |
| image: tonistiigi/binfmt:qemu-v7.0.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 | |
| - name: Copy Dockerfile | |
| run: cp Dockerfile.base Dockerfile.base.ubuntu-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM ubuntu:${{ matrix.release }}/' Dockerfile.base.ubuntu-${{ matrix.release }} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Retry build and push | |
| uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 | |
| with: | |
| timeout_minutes: 60 | |
| max_attempts: 3 | |
| command: | | |
| docker buildx build \ | |
| --file Dockerfile.base.ubuntu-${{ matrix.release }} \ | |
| --platform linux/amd64,linux/arm64 \ | |
| --tag ghcr.io/${{ github.repository }}-base:ubuntu-${{ matrix.release }} \ | |
| --push \ | |
| --pull \ | |
| --cache-from type=gha \ | |
| --cache-to type=gha,mode=max \ | |
| . | |
| debian_base_deploy: | |
| runs-on: ubuntu-latest | |
| needs: debian_base_tests | |
| strategy: | |
| matrix: | |
| release: [bookworm, trixie] | |
| fail-fast: false | |
| steps: | |
| - name: Copy Repo Files | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - name: Get GitHub organization or user | |
| run: echo 'ORG='$(echo $(dirname ${GITHUB_REPOSITORY}) | awk '{print tolower($0)}') >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 | |
| with: | |
| image: tonistiigi/binfmt:qemu-v7.0.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 | |
| - name: Copy Dockerfile | |
| run: cp Dockerfile.base Dockerfile.base.debian-${{ matrix.release }}; sed -i.bak 's/FROM.*/FROM debian:${{ matrix.release }}/' Dockerfile.base.debian-${{ matrix.release }} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Retry build and push | |
| uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 | |
| with: | |
| timeout_minutes: 60 | |
| max_attempts: 3 | |
| command: | | |
| docker buildx build \ | |
| --file Dockerfile.base.debian-${{ matrix.release }} \ | |
| --platform linux/amd64,linux/arm64 \ | |
| --tag ghcr.io/${{ github.repository }}-base:debian-${{ matrix.release }} \ | |
| --push \ | |
| --pull \ | |
| --cache-from type=gha \ | |
| --cache-to type=gha,mode=max \ | |
| . |