diff --git a/.github/workflows/pull.yaml b/.github/workflows/pull.yaml index 4e7f8e8..3d2d7ea 100644 --- a/.github/workflows/pull.yaml +++ b/.github/workflows/pull.yaml @@ -1,48 +1,34 @@ -name: nginx pull +name: nginx preview deployment on: pull_request: - branches: - - main + branches: + - main +env: + REGISTRY_IMAGE: ghcr.io/arxignis/nginx jobs: - pull: - name: nginx pull - runs-on: ubicloud-standard-8-ubuntu-2404 + prepare: + runs-on: ubicloud-standard-16-ubuntu-2404 + outputs: + matrix: ${{ steps.platforms.outputs.matrix }} steps: - - name: Login to Github Packages - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Set up QEMU - id: qemu - uses: docker/setup-qemu-action@v3 - with: - image: tonistiigi/binfmt:latest - platforms: all - - - name: 🏗 Setup repo + - name: Checkout uses: actions/checkout@v4 - with: - token: ${{ secrets.GITHUB_TOKEN }} - submodules: recursive - - name: Set up Docker Context for Buildx - run: docker context create builders + - name: Create matrix + id: platforms + run: | + echo "matrix=$(docker buildx bake image-all --print | jq -cr '.target."image-all".platforms')" >>${GITHUB_OUTPUT} - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - version: latest - endpoint: builders + - name: Show matrix + run: | + echo ${{ steps.platforms.outputs.matrix }} - name: Docker meta - id: nginx + id: meta uses: docker/metadata-action@v5 with: - images: ghcr.io/arxignis/nginx + images: ${{ env.REGISTRY_IMAGE }} tags: | type=sha,format=short type=match,pattern=v(\d+\.\d+\.\d+),group=1 @@ -50,14 +36,112 @@ jobs: type=match,pattern=v(\d+),group=1 type=raw,value=latest + - name: Rename meta bake definition file + run: | + mv "${{ steps.meta.outputs.bake-file }}" "${{ runner.temp }}/bake-meta.json" + + - name: Upload meta bake definition + uses: actions/upload-artifact@v4 + with: + name: bake-meta + path: ${{ runner.temp }}/bake-meta.json + if-no-files-found: error + retention-days: 1 + + build: + runs-on: ${{ matrix.platform == 'linux/arm64' && 'ubicloud-standard-16-arm-ubuntu-2404' || 'ubicloud-standard-16-ubuntu-2404' }} + needs: + - prepare + strategy: + fail-fast: false + matrix: + platform: ${{ fromJson(needs.prepare.outputs.matrix) }} + steps: + - name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + + - name: Download meta bake definition + uses: actions/download-artifact@v4 + with: + name: bake-meta + path: ${{ runner.temp }} + + - name: Login to Github Packages + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build - uses: docker/build-push-action@v6 - id: build-image + id: bake + uses: docker/bake-action@v6 with: - context: . - platforms: linux/arm64,linux/amd64 - push: false - tags: ${{ steps.nginx.outputs.tags }} - labels: ${{ steps.nginx.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + files: | + ./docker-bake.hcl + cwd://${{ runner.temp }}/bake-meta.json + targets: image + set: | + *.tags=${{ env.REGISTRY_IMAGE }} + *.platform=${{ matrix.platform }} + *.output=type=image,push-by-digest=true,name-canonical=true,push=true + + - name: Export digest + run: | + mkdir -p ${{ runner.temp }}/digests + digest="${{ fromJSON(steps.bake.outputs.metadata).image['containerimage.digest'] }}" + touch "${{ runner.temp }}/digests/${digest#sha256:}" + + # - name: Upload digest + # uses: actions/upload-artifact@v4 + # with: + # name: digests-${{ env.PLATFORM_PAIR }} + # path: ${{ runner.temp }}/digests/* + # if-no-files-found: error + # retention-days: 1 + + # merge: + # runs-on: ubicloud-standard-16-ubuntu-2404 + # needs: + # - build + # steps: + # - name: Download meta bake definition + # uses: actions/download-artifact@v4 + # with: + # name: bake-meta + # path: ${{ runner.temp }} + + # - name: Download digests + # uses: actions/download-artifact@v4 + # with: + # path: ${{ runner.temp }}/digests + # pattern: digests-* + # merge-multiple: true + + # - name: Login to Github Packages + # uses: docker/login-action@v3 + # with: + # registry: ghcr.io + # username: ${{ github.actor }} + # password: ${{ secrets.GITHUB_TOKEN }} + + # - name: Set up Docker Buildx + # uses: docker/setup-buildx-action@v3 + + # - name: Create manifest list and push + # working-directory: ${{ runner.temp }}/digests + # run: | + # docker buildx imagetools create $(jq -cr '.target."docker-metadata-action".tags | map(select(startswith("${{ env.REGISTRY_IMAGE }}")) | "-t " + .) | join(" ")' ${{ runner.temp }}/bake-meta.json) \ + # $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) + + # - name: Inspect image + # run: | + # docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:$(jq -r '.target."docker-metadata-action".args.DOCKER_META_VERSION' ${{ runner.temp }}/bake-meta.json) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index d835c35..937a56c 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -4,11 +4,70 @@ on: push: tags: - "v*.*.*" +env: + REGISTRY_IMAGE: ghcr.io/arxignis/nginx jobs: - deploy: - name: nginx release + prepare: runs-on: ubicloud-standard-16-ubuntu-2404 + outputs: + matrix: ${{ steps.platforms.outputs.matrix }} steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Create matrix + id: platforms + run: | + echo "matrix=$(docker buildx bake image-all --print | jq -cr '.target."image-all".platforms')" >>${GITHUB_OUTPUT} + + - name: Show matrix + run: | + echo ${{ steps.platforms.outputs.matrix }} + + - name: Docker meta + id: nginx + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + tags: | + type=sha,format=short + type=match,pattern=v(\d+\.\d+\.\d+),group=1 + type=match,pattern=v(\d+\.\d+),group=1 + type=match,pattern=v(\d+),group=1 + type=raw,value=latest + + - name: Rename meta bake definition file + run: | + mv "${{ steps.meta.outputs.bake-file }}" "${{ runner.temp }}/bake-meta.json" + + - name: Upload meta bake definition + uses: actions/upload-artifact@v4 + with: + name: bake-meta + path: ${{ runner.temp }}/bake-meta.json + if-no-files-found: error + retention-days: 1 + + build: + runs-on: ${{ matrix.platform == 'linux/arm64' && 'ubicloud-standard-16-arm-ubuntu-2404' || 'ubicloud-standard-16-ubuntu-2404' }} + needs: + - prepare + strategy: + fail-fast: false + matrix: + platform: ${{ fromJson(needs.prepare.outputs.matrix) }} + steps: + - name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + + - name: Download meta bake definition + uses: actions/download-artifact@v4 + with: + name: bake-meta + path: ${{ runner.temp }} + - name: Login to Github Packages uses: docker/login-action@v3 with: @@ -17,47 +76,72 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Set up QEMU - id: qemu uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build + id: bake + uses: docker/bake-action@v6 with: - image: tonistiigi/binfmt:latest - platforms: all + files: | + ./docker-bake.hcl + cwd://${{ runner.temp }}/bake-meta.json + targets: image + set: | + *.tags=${{ env.REGISTRY_IMAGE }} + *.platform=${{ matrix.platform }} + *.output=type=image,push-by-digest=true,name-canonical=true,push=true - - name: 🏗 Setup repo - uses: actions/checkout@v4 + - name: Export digest + run: | + mkdir -p ${{ runner.temp }}/digests + digest="${{ fromJSON(steps.bake.outputs.metadata).image['containerimage.digest'] }}" + touch "${{ runner.temp }}/digests/${digest#sha256:}" + + - name: Upload digest + uses: actions/upload-artifact@v4 with: - token: ${{ secrets.GITHUB_TOKEN }} - submodules: recursive + name: digests-${{ env.PLATFORM_PAIR }} + path: ${{ runner.temp }}/digests/* + if-no-files-found: error + retention-days: 1 - - name: Set up Docker Context for Buildx - run: docker context create builders + merge: + runs-on: ubicloud-standard-16-ubuntu-2404 + needs: + - build + steps: + - name: Download meta bake definition + uses: actions/download-artifact@v4 + with: + name: bake-meta + path: ${{ runner.temp }} - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + - name: Download digests + uses: actions/download-artifact@v4 with: - version: latest - endpoint: builders + path: ${{ runner.temp }}/digests + pattern: digests-* + merge-multiple: true - - name: Docker meta - id: nginx - uses: docker/metadata-action@v5 + - name: Login to Github Packages + uses: docker/login-action@v3 with: - images: ghcr.io/arxignis/nginx - tags: | - type=sha,format=short - type=match,pattern=v(\d+\.\d+\.\d+),group=1 - type=match,pattern=v(\d+\.\d+),group=1 - type=match,pattern=v(\d+),group=1 - type=raw,value=latest + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - - name: Build - uses: docker/build-push-action@v6 - id: build-image - with: - context: . - platforms: linux/arm64,linux/amd64 - push: true - tags: ${{ steps.nginx.outputs.tags }} - labels: ${{ steps.nginx.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Create manifest list and push + working-directory: ${{ runner.temp }}/digests + run: | + docker buildx imagetools create $(jq -cr '.target."docker-metadata-action".tags | map(select(startswith("${{ env.REGISTRY_IMAGE }}")) | "-t " + .) | join(" ")' ${{ runner.temp }}/bake-meta.json) \ + $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) + + - name: Inspect image + run: | + docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:$(jq -r '.target."docker-metadata-action".args.DOCKER_META_VERSION' ${{ runner.temp }}/bake-meta.json) diff --git a/Dockerfile b/Dockerfile index 66a2efd..c144073 100644 --- a/Dockerfile +++ b/Dockerfile @@ -292,7 +292,9 @@ CMD ["/usr/local/openresty/nginx/sbin/nginx", "-g", "daemon off;"] STOPSIGNAL SIGQUIT FROM openresty-builder AS runtime -ENV ARXIGNIS_VERSION="1.2-0" +ENV ARXIGNIS_VERSION="1.2-1" + +WORKDIR /etc/nginx RUN apk --no-cache add git \ && luarocks install lua-resty-arxignis ${ARXIGNIS_VERSION} diff --git a/docker-bake.hcl b/docker-bake.hcl new file mode 100644 index 0000000..8b13b49 --- /dev/null +++ b/docker-bake.hcl @@ -0,0 +1,30 @@ +variable "DEFAULT_TAG" { + default = "ax-nginx:local" +} + +// Special target: https://github.com/docker/metadata-action#bake-definition +target "docker-metadata-action" { + tags = ["${DEFAULT_TAG}"] +} + +// Default target if none specified +group "default" { + targets = ["image-local"] +} + +target "image" { + inherits = ["docker-metadata-action"] +} + +target "image-local" { + inherits = ["image"] + output = ["type=docker"] +} + +target "image-all" { + inherits = ["image"] + platforms = [ + "linux/amd64", + "linux/arm64", + ] +}