Skip to content

ci(GITHUB): support multiple container platforms #40

ci(GITHUB): support multiple container platforms

ci(GITHUB): support multiple container platforms #40

---
name: cicd-tooling-github-workflow-container-multiarch
on:
push:
paths:
- ".github/workflows/workflow-container-multiarch.yml"
- ".github/workflows/job-*-container-*.yml"
- ".cicd-tools/container/Dockerfile"
- ".cicd-tools/container/Dockerfile.sha256"
- "scripts/container.sh"
schedule:
- cron: "0 6 * * 1"
workflow_dispatch:
# secrets:
# SLACK_WEBHOOK:
# description: "Optional, enables Slack notifications."
# required: false
jobs:
configuration:
uses: ./.github/workflows/job-00-cookiecutter-read_configuration.yml
start:
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
uses: ./.github/workflows/job-00-generic-notification.yml
with:
NOTIFICATION_EMOJI: ":vertical_traffic_light:"
NOTIFICATION_MESSAGE: "Multi-arch container build has started!"
WORKFLOW_NAME: "container"
security:
needs: [configuration]
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
uses: ./.github/workflows/job-10-generic-security_scan_credentials.yml
with:
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }}
WORKFLOW_NAME: "container"
scan:
permissions:
security-events: write
needs: [configuration]
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
uses: ./.github/workflows/job-10-container-security_scan_container.yml
with:
BUILD_ARGS: |
BUILD_ARG_ARCH_FORMAT_1=amd64
BUILD_ARG_ARCH_FORMAT_2=x86_64
BUILD_ARG_ARCH_FORMAT_3=x86_64
BUILD_ARG_ARCH_FORMAT_4=64-bit
CONTEXT: .cicd-tools/container
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }}
WORKFLOW_NAME: "container"
lint:
needs: [configuration]
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
uses: ./.github/workflows/job-80-container-dockerfile_linter.yml
with:
DOCKERFILE: .cicd-tools/container/Dockerfile
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }}
WORKFLOW_NAME: "container"
push:
needs: [configuration, lint, scan, security, start]
permissions:
packages: write
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
strategy:
fail-fast: true
matrix:
include:
- build-args: |
BUILD_ARG_ARCH_FORMAT_1=amd64
BUILD_ARG_ARCH_FORMAT_2=x86_64
BUILD_ARG_ARCH_FORMAT_3=x86_64
BUILD_ARG_ARCH_FORMAT_4=64-bit
build-platform: linux/amd64
build-tag: linux-amd64
- build-args: |
BUILD_ARG_ARCH_FORMAT_1=arm64
BUILD_ARG_ARCH_FORMAT_2=arm64
BUILD_ARG_ARCH_FORMAT_3=aarch64
BUILD_ARG_ARCH_FORMAT_4=arm64
build-platform: linux/arm64
build-tag: linux-arm64
max-parallel: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_CONCURRENCY }}
uses: ./.github/workflows/job-95-container-push.yml
with:
BUILD_ARGS: ${{ matrix.build-args }}
CONTEXT: .cicd-tools/container
IMAGE_TAG: ${{ matrix.build-tag }}
PLATFORM: ${{ matrix.build-platform }}
REQUIRES_QEMU: true
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }}
WORKFLOW_NAME: "container"
multiarch:
needs: [configuration, push]
permissions:
packages: write
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
uses: ./.github/workflows/job-95-container-multiarch.yml
with:
IMAGE_GIT: true
IMAGE_LATEST: true
MULTIARCH_TAG: "multiarch"
SOURCE_TAGS: |
linux-amd64
linux-arm64
VERBOSE_NOTIFICATIONS: ${{ fromJSON(needs.configuration.outputs.COOKIECUTTER_CONFIGURATION)._GITHUB_CI_DEFAULT_VERBOSE_NOTIFICATIONS }}
WORKFLOW_NAME: "container"
success:
needs: [multiarch]
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
uses: ./.github/workflows/job-00-generic-notification.yml
with:
NOTIFICATION_EMOJI: ":checkered_flag:"
NOTIFICATION_MESSAGE: "Multi-arch container build has completed successfully!"
WORKFLOW_NAME: "container"