atlantis-image #6
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: atlantis-image | |
on: | |
push: | |
branches: | |
- 'main' | |
- 'release-**' | |
tags: | |
- v*.*.* | |
pull_request: | |
branches: | |
- 'main' | |
- 'release-**' | |
types: | |
- opened | |
- reopened | |
- synchronize | |
- ready_for_review | |
workflow_dispatch: | |
permissions: | |
id-token: write | |
contents: read | |
attestations: write | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
changes: | |
outputs: | |
should-run-build: ${{ steps.changes.outputs.src == 'true' || startsWith(github.ref, 'refs/tags/') }} | |
if: github.event.pull_request.draft == false | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dorny/paths-filter@v3 | |
id: changes | |
with: | |
filters: | | |
src: | |
- 'Dockerfile' | |
- 'docker-entrypoint.sh' | |
- '.github/workflows/atlantis-image.yml' | |
- '**.go' | |
- 'go.*' | |
build: | |
needs: [changes] | |
# if: needs.changes.outputs.should-run-build == 'true' | |
name: Build Image | |
strategy: | |
matrix: | |
image_type: [alpine, debian] | |
runs-on: ubuntu-24.04 | |
env: | |
DOCKER_REPO: ghcr.io/${{ github.repository }} | |
PUSH: ${{ github.event_name != 'pull_request' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')) }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Lint Dockerfile | |
uses: hadolint/[email protected] | |
with: | |
dockerfile: "Dockerfile" | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
image: tonistiigi/binfmt:latest | |
platforms: arm64,arm | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
driver-opts: | | |
image=moby/buildkit:v0.14.0 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
env: | |
SUFFIX: ${{ format('-{0}', matrix.image_type) }} | |
with: | |
images: | | |
${{ env.DOCKER_REPO }} | |
labels: | | |
org.opencontainers.image.authors="@runatlantis Github Org" | |
org.opencontainers.image.licenses=Apache-2.0 | |
tags: | | |
type=semver,pattern={{version}},prefix=v,suffix=${{ env.SUFFIX }} | |
type=semver,pattern={{version}},prefix=v,enable=${{ matrix.image_type == 'alpine' }} | |
type=semver,pattern={{major}}.{{minor}},prefix=v,suffix=${{ env.SUFFIX }} | |
type=raw,event=push,value=dev,enable={{is_default_branch}},suffix=${{ env.SUFFIX }} | |
type=raw,event=push,value=dev,enable={{is_default_branch}},suffix=${{ env.SUFFIX }}-{{ sha }} | |
type=raw,event=push,value=dev,enable=${{ github.ref == format('refs/heads/{0}', 'main') && matrix.image_type == 'alpine' }},suffix= | |
type=raw,event=tag,value=prerelease-latest,enable=${{ startsWith(github.ref, 'refs/tags/') && contains(github.ref, 'pre') && matrix.image_type == 'alpine' }},suffix= | |
type=raw,event=tag,value=prerelease-latest,enable=${{ startsWith(github.ref, 'refs/tags/') && contains(github.ref, 'pre') }},suffix=${{ env.SUFFIX }} | |
type=raw,event=tag,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/') && !contains(github.ref, 'pre') && matrix.image_type == 'alpine' }},suffix= | |
type=raw,event=tag,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/') && !contains(github.ref, 'pre') }},suffix=${{ env.SUFFIX }} | |
type=ref,event=pr,suffix=${{ env.SUFFIX }} | |
flavor: | | |
latest=false | |
- name: Login to Packages Container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Populate release version | |
# if: contains(fromJson('["push", "pull_request"]'), github.event_name) | |
run: echo "RELEASE_VERSION=${{ startsWith(github.ref, 'refs/tags/') && '${GITHUB_REF#refs/*/}' || 'dev' }}" >> $GITHUB_ENV | |
- name: "Build ${{ env.PUSH == 'true' && 'and push' || '' }} ${{ env.DOCKER_REPO }} image" | |
# if: contains(fromJson('["push", "pull_request"]'), github.event_name) | |
uses: docker/build-push-action@v5 | |
with: | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
context: . | |
build-args: | | |
ATLANTIS_BASE_TAG_TYPE=${{ matrix.image_type }} | |
ATLANTIS_VERSION=${{ env.RELEASE_VERSION }} | |
ATLANTIS_COMMIT=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} | |
ATLANTIS_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} | |
platforms: linux/arm64/v8,linux/amd64,linux/arm/v7 | |
push: ${{ env.PUSH }} | |
tags: ${{ steps.meta.outputs.tags }} | |
target: ${{ matrix.image_type }} | |
labels: ${{ steps.meta.outputs.labels }} | |
outputs: type=image,name=target,annotation-index.org.opencontainers.image.description=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.description'] }} | |
- name: Generate artifact attestation | |
# if: ${{ env.PUSH == 'true' }} | |
uses: actions/attest-build-provenance@v1 | |
with: | |
subject-name: ${{ env.DOCKER_REPO }}:${{ env.RELEASE_VERSION }} | |
push: true | |
# test: | |
# needs: [changes] | |
# if: needs.changes.outputs.should-run-build == 'true' | |
# name: Test Image With Goss | |
# runs-on: ubuntu-24.04 | |
# strategy: | |
# matrix: | |
# image_type: [alpine, debian] | |
# env: | |
# DOCKER_REPO: ghcr.io/${{ github.repository }} | |
# steps: | |
# - uses: actions/checkout@v4 | |
# - name: Set up Docker Buildx | |
# uses: docker/setup-buildx-action@v3 | |
# with: | |
# driver-opts: | | |
# image=moby/buildkit:v0.14.0 | |
# - name: "Build and load into Docker" | |
# if: contains(fromJson('["push", "pull_request"]'), github.event_name) | |
# uses: docker/build-push-action@v5 | |
# with: | |
# cache-from: type=gha | |
# cache-to: type=gha,mode=max | |
# context: . | |
# build-args: | | |
# ATLANTIS_BASE_TAG_TYPE=${{ matrix.image_type }} | |
# push: false | |
# load: true | |
# tags: "${{ env.DOCKER_REPO }}:goss-test" | |
# target: ${{ matrix.image_type }} | |
# - name: "Setup Goss" | |
# uses: e1himself/[email protected] | |
# with: | |
# version: "v0.4.7" | |
# - name: Execute Goss tests | |
# run: | | |
# dgoss run --rm ${{ env.DOCKER_REPO }}:goss-test bash -c 'while true; do sleep 1; done;' | |
skip-build: | |
needs: [changes] | |
if: needs.changes.outputs.should-run-build == 'false' | |
name: Build Image | |
strategy: | |
matrix: | |
image_type: [alpine, debian] | |
runs-on: ubuntu-24.04 | |
steps: | |
- run: 'echo "No build required"' |