rebuild to bump seccomp_fake_xattr #287
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: gardenlinux/workflow-telemetry-action@v2 | |
| with: | |
| metric_frequency: 1 | |
| comment_on_pr: false | |
| - uses: actions/checkout@v4 | |
| - name: build builder container images | |
| run: | | |
| sudo apt-get update | |
| sudo env DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends qemu-user-static | |
| podman build --squash-all --arch amd64 --tag ghcr.io/${{ github.repository }}:amd64-${{ github.sha }} . | |
| podman build --squash-all --arch arm64 --tag ghcr.io/${{ github.repository }}:arm64-${{ github.sha }} . | |
| - name: publish builder container images | |
| if: github.ref == 'refs/heads/main' | |
| run: | | |
| podman login -u token -p ${{ github.token }} ghcr.io | |
| podman push ghcr.io/${{ github.repository }}:amd64-${{ github.sha }} | |
| podman push ghcr.io/${{ github.repository }}:arm64-${{ github.sha }} | |
| podman manifest create ghcr.io/${{ github.repository }}:${{ github.sha }} | |
| podman manifest add ghcr.io/${{ github.repository }}:${{ github.sha }} ghcr.io/${{ github.repository }}:amd64-${{ github.sha }} | |
| podman manifest add ghcr.io/${{ github.repository }}:${{ github.sha }} ghcr.io/${{ github.repository }}:arm64-${{ github.sha }} | |
| podman push ghcr.io/${{ github.repository }}:${{ github.sha }} | |
| sed -i 's|container_image=localhost/builder|container_image=ghcr.io/${{ github.repository }}:${{ github.sha }}|' build | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: build | |
| path: build | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: build.config | |
| path: build.config | |
| # Run for new commits on the main branch | |
| release-latest: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: tag latest | |
| run: | | |
| git tag --force latest | |
| git push --force origin latest | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: build | |
| path: download | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: build.config | |
| path: download | |
| - name: create release | |
| run: | | |
| release="$(.github/workflows/release.sh ${{ secrets.GITHUB_TOKEN }} ${{ github.repository }} create latest "Builder (latest)")" | |
| .github/workflows/release.sh ${{ secrets.GITHUB_TOKEN }} ${{ github.repository }} upload "$release" download/build | |
| .github/workflows/release.sh ${{ secrets.GITHUB_TOKEN }} ${{ github.repository }} upload "$release" download/build.config |