workflow debugging

This commit is contained in:
neilotoole 2024-02-10 11:52:27 -07:00
parent 36431442cc
commit db1f8fcbbf
3 changed files with 19 additions and 44 deletions

View File

@ -1,25 +1,11 @@
name: Docker Publish (CI)
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow publishes ghcr.io/neilotoole/sq as part of the CI process.
# It is called from the main workflow.
on:
workflow_call:
# Allows you to run this workflow manually from the Actions tab
# workflow_dispatch:
# schedule:
# - cron: '25 4 * * *'
# push:
# branches: [ "master" ]
# # Publish semver tags as releases.
# tags: [ 'v*.*.*' ]
# pull_request:
# branches: [ "master" ]
env:
# Use docker.io for Docker Hub if empty
@ -27,7 +13,6 @@ env:
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
@ -52,8 +37,6 @@ jobs:
- name: Install cosign
if: github.event_name != 'pull_request'
uses: sigstore/cosign-installer@v3.3.0
# with:
# cosign-release: 'v3.1.1'
# Set up BuildKit Docker container builder to be able to build
# multi-platform images and export cache
@ -90,7 +73,6 @@ jobs:
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
# labels: latest
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max

View File

@ -1,26 +1,14 @@
name: Docker Publish (dispatch)
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow publishes ghcr.io/neilotoole/sq:latest using
# the latest sq release. This workflow is intended for manual
# execution from the Actions tab, and is not triggered by
# any events. Ultimately this workflow may be deleted; it was
# created to facilitate testing of the Docker publishing
# process.
on:
workflow_call:
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# schedule:
# - cron: '25 4 * * *'
# push:
# branches: [ "master" ]
# # Publish semver tags as releases.
# tags: [ 'v*.*.*' ]
# pull_request:
# branches: [ "master" ]
env:
# Use docker.io for Docker Hub if empty
@ -54,8 +42,6 @@ jobs:
- name: Install cosign
if: github.event_name != 'pull_request'
uses: sigstore/cosign-installer@v3.3.0
# with:
# cosign-release: 'v3.1.1'
# Set up BuildKit Docker container builder to be able to build
# multi-platform images and export cache
@ -90,7 +76,7 @@ jobs:
file: packages/docker/alpine.Dockerfile
context: packages/docker
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ env.IMAGE_FQ_TAG }}
tags: ${{ env.IMAGE_FQ_TAG }} # Explicitly set the tag to push
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
cache-from: type=gha
@ -105,7 +91,7 @@ jobs:
if: ${{ github.event_name != 'pull_request' }}
env:
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
TAGS: ${{ env.IMAGE_FQ_TAG }}
TAGS: ${{ env.IMAGE_FQ_TAG }} # Explicitly set the tag to sign
DIGEST: ${{ steps.build-and-push.outputs.digest }}
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.

View File

@ -1,4 +1,4 @@
name: Main pipeline
name: Main Pipeline
on:
push:
paths-ignore:
@ -326,7 +326,7 @@ jobs:
FURY_TOKEN: ${{ secrets.FURY_TOKEN }}
AUR_PRIVATE_KEY: ${{ secrets.AUR_PRIVATE_KEY }}
install:
test-install:
# Verify that install mechanisms are working on the various
# supported platforms. This workflow runs *after* the new release
# has been published. So, if this workflow fails, it means that
@ -334,3 +334,10 @@ jobs:
needs: publish
if: startsWith(github.ref, 'refs/tags/v')
uses: ./.github/workflows/test-install.yml
docker-publish:
# Publish docker image to registry. This runs *after* the new release
# has been published and test-install has passed.
needs: test-install
if: startsWith(github.ref, 'refs/tags/v')
uses: ./.github/workflows/docker-publish-ci.yml