Spaces:
Build error
Build error
# | |
# Copyright (C) 2020-2023 Lin Song <linsongui@gmail.com> | |
# | |
# This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 | |
# Unported License: http://creativecommons.org/licenses/by-sa/3.0/ | |
# | |
# Attribution required: please include my name in any derivative and let me | |
# know how you have improved it! | |
name: buildx | |
on: | |
workflow_call: | |
inputs: | |
os_type: | |
required: true | |
type: string | |
secrets: | |
CACHE_NAME: | |
required: true | |
DOCKER_TOKEN: | |
required: true | |
QUAY_USER: | |
required: true | |
QUAY_TOKEN: | |
required: true | |
BUILD_ONLY: | |
required: true | |
jobs: | |
buildx: | |
runs-on: ubuntu-20.04 | |
if: github.repository_owner == 'hwdsl2' | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
persist-credentials: false | |
- name: Cache | |
uses: actions/cache@v3 | |
with: | |
path: | | |
${{ runner.temp }}/.buildx-bin | |
${{ runner.temp }}/.buildx-cache | |
${{ runner.temp }}/.docker-images | |
key: ${{ secrets.CACHE_NAME }}-${{ github.sha }}-${{ github.run_id }} | |
restore-keys: | | |
${{ secrets.CACHE_NAME }}- | |
- name: Set up Buildx | |
env: | |
RUNNER_TEMP: ${{ runner.temp }} | |
run: | | |
[ ! -x /usr/bin/docker ] && exit 1 | |
if [ ! -x /usr/bin/wget ] || [ ! -x /usr/bin/jq ]; then | |
export DEBIAN_FRONTEND=noninteractive | |
sudo apt-get -yq update | |
sudo apt-get -yq install wget jq | |
fi | |
BUILDX_VER=$(wget -t 3 -T 30 -qO- "https://api.github.com/repos/docker/buildx/releases/latest" | jq -r ".tag_name") | |
[ -z "${BUILDX_VER}" ] && exit 1 | |
echo "Buildx version: ${BUILDX_VER}" | |
DOCKER_DIR="${HOME}/.docker/cli-plugins" | |
CACHE_DIR="${RUNNER_TEMP}/.buildx-bin" | |
mkdir -p "${DOCKER_DIR}" | |
if [ -s "${CACHE_DIR}/docker-buildx-${BUILDX_VER}" ]; then | |
echo "Using buildx binary from cache..." | |
cp -f "${CACHE_DIR}/docker-buildx-${BUILDX_VER}" "${DOCKER_DIR}/docker-buildx" | |
else | |
echo "Downloading buildx..." | |
BUILDX_URL="https://github.com/docker/buildx/releases/download/${BUILDX_VER}/buildx-${BUILDX_VER}.linux-amd64" | |
wget -t 3 -T 30 -nv -O "${DOCKER_DIR}/docker-buildx" "${BUILDX_URL}" | |
[ ! -s "${DOCKER_DIR}/docker-buildx" ] && exit 1 | |
/bin/rm -rf "${CACHE_DIR}" | |
mkdir -p "${CACHE_DIR}" | |
/bin/cp -f "${DOCKER_DIR}/docker-buildx" "${CACHE_DIR}/docker-buildx-${BUILDX_VER}" | |
fi | |
chmod a+x "${DOCKER_DIR}/docker-buildx" | |
docker info | |
docker buildx version | |
image_cache_dir="${RUNNER_TEMP}/.docker-images" | |
for image in "quay.io/hwdsl2/qemu-user-static:latest" "moby/buildkit:buildx-stable-1"; do | |
image_file=$(printf '%s' "${image}.tar.gz" | tr '/' '-' | tr ':' '-') | |
if [ -s "${image_cache_dir}/${image_file}" ]; then | |
echo "Using ${image} from cache..." | |
docker load -i "${image_cache_dir}/${image_file}" | |
else | |
echo "Downloading ${image}..." | |
docker pull -q "${image}" | |
mkdir -p "${image_cache_dir}" | |
docker save "${image}" | gzip > "${image_cache_dir}/${image_file}" | |
fi | |
done | |
docker run --rm --privileged quay.io/hwdsl2/qemu-user-static:latest --reset -p yes --credential yes | |
docker buildx create --name "builder-${GITHUB_SHA::8}" --driver docker-container --use | |
docker buildx inspect --bootstrap | |
- name: Docker Hub Login | |
env: | |
DOCKER_USER: ${{ github.repository_owner }} | |
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
run: echo "$DOCKER_TOKEN" | docker login --username "$DOCKER_USER" --password-stdin 2>&1 | |
- name: Quay.io Login | |
env: | |
QUAY_USER: ${{ secrets.QUAY_USER }} | |
QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} | |
run: echo "$QUAY_TOKEN" | docker login quay.io --username "$QUAY_USER" --password-stdin 2>&1 | |
- name: Docker Buildx | |
env: | |
DOCKER_USER: ${{ github.repository_owner }} | |
BUILD_ONLY: ${{ secrets.BUILD_ONLY }} | |
RUNNER_TEMP: ${{ runner.temp }} | |
OS_TYPE: ${{ inputs.os_type }} | |
run: | | |
cd "$GITHUB_WORKSPACE" | |
pwd | |
ls -ld vpn.env.example | |
[ "$BUILD_ONLY" = "true" ] && BUILD_ONLY="" | |
ts_now=$(date -u +'%Y-%m-%dT%H:%M:%SZ') | |
if [ "$OS_TYPE" = "alpine" ]; then | |
docker buildx build \ | |
--progress plain \ | |
--platform=linux/amd64,linux/arm64,linux/arm/v7 \ | |
--build-arg BUILD_DATE=$ts_now \ | |
--build-arg VCS_REF=${GITHUB_SHA::8} \ | |
--build-arg VERSION=alpine-latest \ | |
--cache-from type=local,src="${RUNNER_TEMP}/.buildx-cache" \ | |
--cache-to type=local,dest="${RUNNER_TEMP}/.buildx-cache-new" \ | |
-t "$DOCKER_USER/ipsec-vpn-server:latest" \ | |
--pull \ | |
${BUILD_ONLY:+--push} \ | |
. | |
docker buildx build \ | |
--progress plain \ | |
--platform=linux/amd64,linux/arm64,linux/arm/v7 \ | |
--build-arg BUILD_DATE=$ts_now \ | |
--build-arg VCS_REF=${GITHUB_SHA::8} \ | |
--build-arg VERSION=alpine-latest \ | |
--cache-from type=local,src="${RUNNER_TEMP}/.buildx-cache-new" \ | |
-t "quay.io/$DOCKER_USER/ipsec-vpn-server:latest" \ | |
--pull \ | |
${BUILD_ONLY:+--push} \ | |
. | |
elif [ "$OS_TYPE" = "debian" ]; then | |
docker buildx build \ | |
--progress plain \ | |
--platform=linux/amd64,linux/arm64,linux/arm/v7 \ | |
--build-arg BUILD_DATE=$ts_now \ | |
--build-arg VCS_REF=${GITHUB_SHA::8} \ | |
--build-arg VERSION=debian-latest \ | |
--cache-from type=local,src="${RUNNER_TEMP}/.buildx-cache" \ | |
--cache-to type=local,dest="${RUNNER_TEMP}/.buildx-cache-new" \ | |
-f Dockerfile.debian \ | |
-t "$DOCKER_USER/ipsec-vpn-server:debian" \ | |
--pull \ | |
${BUILD_ONLY:+--push} \ | |
. | |
docker buildx build \ | |
--progress plain \ | |
--platform=linux/amd64,linux/arm64,linux/arm/v7 \ | |
--build-arg BUILD_DATE=$ts_now \ | |
--build-arg VCS_REF=${GITHUB_SHA::8} \ | |
--build-arg VERSION=debian-latest \ | |
--cache-from type=local,src="${RUNNER_TEMP}/.buildx-cache-new" \ | |
-f Dockerfile.debian \ | |
-t "quay.io/$DOCKER_USER/ipsec-vpn-server:debian" \ | |
--pull \ | |
${BUILD_ONLY:+--push} \ | |
. | |
else | |
exit 1 | |
fi | |
/bin/rm -rf "${RUNNER_TEMP}/.buildx-cache" | |
/bin/mv -f "${RUNNER_TEMP}/.buildx-cache-new" "${RUNNER_TEMP}/.buildx-cache" | |
- name: Clear | |
if: always() | |
run: | | |
shred -u "${HOME}/.docker/config.json" | |
rm -f "${HOME}/.docker/config.json" | |
docker buildx rm "builder-${GITHUB_SHA::8}" || true | |