| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201 |
- name: Build and push docker images
- concurrency:
- group: docker-build-${{ github.event_name }}-${{ github.ref }}
- cancel-in-progress: true
- on:
- push:
- tags:
- - v*
- - e*
- - docker-latest-*
- workflow_dispatch:
- inputs:
- branch_or_tag:
- required: false
- profile:
- required: false
- default: 'emqx'
- is_latest:
- required: false
- default: false
- jobs:
- prepare:
- runs-on: ubuntu-22.04
- # prepare source with any OTP version, no need for a matrix
- container: "ghcr.io/emqx/emqx-builder/5.0-33:1.13.4-24.3.4.2-3-ubuntu22.04"
- outputs:
- PROFILE: ${{ steps.get_profile.outputs.PROFILE }}
- EDITION: ${{ steps.get_profile.outputs.EDITION }}
- IS_LATEST: ${{ steps.get_profile.outputs.IS_LATEST }}
- IS_EXACT_TAG: ${{ steps.get_profile.outputs.IS_EXACT_TAG }}
- VERSION: ${{ steps.get_profile.outputs.VERSION }}
- steps:
- - uses: actions/checkout@v3
- with:
- ref: ${{ github.event.inputs.branch_or_tag }} # when input is not given, the event tag is used
- path: source
- fetch-depth: 0
- - name: Get profiles to build
- id: get_profile
- env:
- INPUTS_PROFILE: ${{ github.event.inputs.profile }}
- run: |
- cd source
- # tag docker-latest-ce or docker-latest-ee
- if git describe --tags --exact --match 'docker-latest-*' 2>/dev/null; then
- echo 'is_latest=true due to docker-latest-* tag'
- is_latest=true
- elif [ "${{ inputs.is_latest }}" = "true" ]; then
- echo 'is_latest=true due to manual input from workflow_dispatch'
- is_latest=true
- else
- echo 'is_latest=false'
- is_latest=false
- fi
- # resolve profile
- if git describe --tags --match "v*" --exact; then
- echo "This is an exact git tag, will publish images"
- is_exact='true'
- PROFILE=emqx
- elif git describe --tags --match "e*" --exact; then
- echo "This is an exact git tag, will publish images"
- is_exact='true'
- PROFILE=emqx-enterprise
- else
- echo "This is NOT an exact git tag, will not publish images"
- is_exact='false'
- fi
- case "${PROFILE:-$INPUTS_PROFILE}" in
- emqx)
- EDITION='Opensource'
- ;;
- emqx-enterprise)
- EDITION='Enterprise'
- ;;
- *)
- echo "ERROR: Failed to resolve build profile"
- exit 1
- ;;
- esac
- VSN="$(./pkg-vsn.sh "$PROFILE")"
- echo "Building emqx/$PROFILE:$VSN image (latest=$is_latest)"
- echo "Push = $is_exact"
- echo "IS_LATEST=$is_latest" >> $GITHUB_OUTPUT
- echo "IS_EXACT_TAG=$is_exact" >> $GITHUB_OUTPUT
- echo "PROFILE=$PROFILE" >> $GITHUB_OUTPUT
- echo "EDITION=$EDITION" >> $GITHUB_OUTPUT
- echo "VERSION=$VSN" >> $GITHUB_OUTPUT
- - name: get_all_deps
- env:
- PROFILE: ${{ steps.get_profile.outputs.PROFILE }}
- run: |
- PROFILE=$PROFILE make -C source deps-$PROFILE
- zip -ryq source.zip source/* source/.[^.]*
- - uses: actions/upload-artifact@v3
- with:
- name: source
- path: source.zip
- docker:
- runs-on: ubuntu-22.04
- needs: prepare
- strategy:
- fail-fast: false
- matrix:
- profile:
- - "${{ needs.prepare.outputs.PROFILE }}"
- registry:
- - 'docker.io'
- - 'public.ecr.aws'
- os:
- - [debian11, "debian:11-slim", "deploy/docker/Dockerfile"]
- # NOTE: 'otp' and 'elixir' are to configure emqx-builder image
- # only support latest otp and elixir, not a matrix
- builder:
- - 5.0-33 # update to latest
- otp:
- - 24.3.4.2-3 # switch to 25 once ready to release 5.1
- elixir:
- - 'no_elixir'
- - '1.13.4' # update to latest
- exclude: # TODO: publish enterprise to ecr too?
- - registry: 'public.ecr.aws'
- profile: emqx-enterprise
- steps:
- - uses: actions/download-artifact@v3
- with:
- name: source
- path: .
- - name: unzip source code
- run: unzip -q source.zip
- - uses: docker/setup-qemu-action@v2
- - uses: docker/setup-buildx-action@v2
- - name: Login to hub.docker.com
- uses: docker/login-action@v2
- if: matrix.registry == 'docker.io'
- with:
- username: ${{ secrets.DOCKER_HUB_USER }}
- password: ${{ secrets.DOCKER_HUB_TOKEN }}
- - name: Login to AWS ECR
- uses: docker/login-action@v2
- if: matrix.registry == 'public.ecr.aws'
- with:
- registry: public.ecr.aws
- username: ${{ secrets.AWS_ACCESS_KEY_ID }}
- password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- ecr: true
- - name: prepare for docker/metadata-action
- id: pre-meta
- shell: bash
- run: |
- extra_labels=
- img_suffix=
- if [ "${{ matrix.elixir }}" != 'no_elixir' ]; then
- img_suffix="-elixir"
- extra_labels="org.opencontainers.image.elixir.version=${{ matrix.elixir }}"
- fi
- echo "img_suffix=$img_suffix" >> $GITHUB_OUTPUT
- echo "extra_labels=$extra_labels" >> $GITHUB_OUTPUT
- - uses: docker/metadata-action@v4
- id: meta
- with:
- images: |
- ${{ matrix.registry }}/${{ github.repository_owner }}/${{ matrix.profile }}
- flavor: |
- suffix=${{ steps.pre-meta.outputs.img_suffix }}
- tags: |
- type=raw,value=${{ needs.prepare.outputs.VERSION }}
- type=raw,value=latest,enable=${{ needs.prepare.outputs.IS_LATEST }}
- labels: |
- org.opencontainers.image.otp.version=${{ matrix.otp }}
- org.opencontainers.image.edition=${{ needs.prepare.outputs.EDITION }}
- ${{ steps.pre-meta.outputs.extra_labels }}
- - uses: docker/build-push-action@v3
- with:
- push: ${{ needs.prepare.outputs.IS_EXACT_TAG == 'true' || github.repository_owner != 'emqx' }}
- pull: true
- no-cache: true
- platforms: linux/amd64,linux/arm64
- tags: ${{ steps.meta.outputs.tags }}
- labels: ${{ steps.meta.outputs.labels }}
- build-args: |
- EMQX_NAME=${{ matrix.profile }}${{ steps.pre-meta.outputs.img_suffix }}
- file: source/${{ matrix.os[2] }}
- context: source
|
