Skip to content

Commit

Permalink
Use native runners to build Docker images
Browse files Browse the repository at this point in the history 
Instead of relying on QEMU emulation to build multi-arch images, use
native arm64 and amd64 build runners to build architecture-specific
images, then publish multi-arch metadata with each of the image
manifests.

Signed-off-by: Mark S. Lewis <Mark.S.Lewis@outlook.com>
  • Loading branch information
@bestbeforetoday
bestbeforetoday committed Feb 20, 2025
1 parent da27c6a commit 768f5de
Showing 1 changed file with 83 additions and 39 deletions.
122 changes: 83 additions & 39 deletions .github/workflows/release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,11 @@ name: Release
on:
push:
tags:
- "v2.*"
workflow_dispatch:
- "v[0-9]+.[0-9]+.[0-9]+"
- "v[0-9]+.[0-9]+.[0-9]+-*"

env:
IMAGE_NAME: ${{ github.repository_owner }}/fabric-nodeenv

jobs:
test:
Expand All @@ -33,60 +36,101 @@ jobs:
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
publishdocker:
runs-on: ubuntu-latest
docker-build-push:
name: Push Docker image
needs: test
runs-on: ${{ matrix.arch.runner }}
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
arch:
- platform: linux-amd64
runner: ubuntu-24.04
- platform: linux-arm64
runner: ubuntu-24.04-arm
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- uses: actions/checkout@v4
- name: Get commit timestamp
run: echo "SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)" >> "${GITHUB_ENV}"
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
buildkitd-flags: --debug
buildkitd-config-inline: |
[worker.oci]
max-parallelism = 1
- name: Checkout
uses: actions/checkout@v4
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Docker Hub
# If testing on a fork, login error may occur and can be ignored
continue-on-error: true
if: ${{ github.repository_owner == 'hyperledger' }}
uses: docker/login-action@v3
with:
registry: docker.io
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build image
id: build
uses: docker/build-push-action@v6
with:
file: docker/fabric-nodeenv/Dockerfile
context: docker/fabric-nodeenv
outputs: type=registry,name=${{ env.OUTPUT_NAME }},push-by-digest=true,name-canonical=true
env:
SOURCE_DATE_EPOCH: ${{ env.SOURCE_DATE_EPOCH }}
OUTPUT_NAME: ${{ github.repository_owner == 'hyperledger' && format('ghcr.io/{0},docker.io/{0}', env.IMAGE_NAME) || format('ghcr.io/{0}', env.IMAGE_NAME) }}
- name: Export digest
run: |
mkdir -p ${{ runner.temp }}/digests
digest="${{ steps.build.outputs.digest }}"
touch "${{ runner.temp }}/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digest-${{ matrix.arch.platform }}
path: ${{ runner.temp }}/digests/*
if-no-files-found: error

docker-meta:
needs: docker-build-push
name: Publish Docker metadata
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
registry: ${{ fromJSON(github.repository_owner == 'hyperledger' && '["docker.io", "ghcr.io"]' || '["ghcr.io"]') }}
steps:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: ${{ runner.temp }}/digests
pattern: digest-*
merge-multiple: true
- name: Login to ${{ matrix.registry }}
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
registry: ${{ matrix.registry }}
username: ${{ matrix.registry == 'docker.io' && secrets.DOCKERHUB_USERNAME || github.actor }}
password: ${{ matrix.registry == 'docker.io' && secrets.DOCKERHUB_TOKEN || secrets.GITHUB_TOKEN }}
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
# If testing on a fork, Docker Hub publish might fail so place it last
images: |
ghcr.io/${{ github.repository_owner }}/fabric-nodeenv
docker.io/${{ github.repository_owner }}/fabric-nodeenv
images: ${{ matrix.registry }}/${{ env.IMAGE_NAME }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}.{{minor}}.{{patch}}
- name: Get Git commit timestamps
run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV
- name: Build and push image
id: push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
file: docker/fabric-nodeenv/Dockerfile
context: docker/fabric-nodeenv
tags: ${{ steps.meta.outputs.tags }}
push: ${{ github.event_name != 'pull_request' }}
labels: ${{ steps.meta.outputs.labels }}
env:
SOURCE_DATE_EPOCH: ${{ env.TIMESTAMP }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Create and push manifest list
working-directory: ${{ runner.temp }}/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("--tag " + .) | join(" ")' <<< "${DOCKER_METADATA_OUTPUT_JSON}") \
$(printf '${{ matrix.registry }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
- name: Inspect image
run: docker buildx imagetools inspect '${{ matrix.registry }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}'

0 comments on commit 768f5de

Please sign in to comment.