Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

platforms per-release in matrix; disable provenance & sbom (unknown/unknown arch shown on ghcr.io) #3

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

platforms per-release in matrix; disable provenance & sbom (unknown/unknown arch shown on ghcr.io) #3

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 10 additions & 2 deletions .github/workflows/update_docker.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,18 +25,22 @@ jobs:
include:
- os: "ubuntu"
release: "jammy"
platforms: "linux/amd64,linux/arm64" # linux/riscv64 is on hold - checked 2024-06-06 and it's not at https://hub.docker.com/_/ubuntu/tags?page=&page_size=&ordering=&name=jammy
cache-from: "type=gha,scope=docker_build_jammy" # all-automatic GitHub Actions caching
cache-to: "type=gha,scope=docker_build_jammy,mode=max" # all-automatic GitHub Actions caching, max mode
- os: "debian"
release: "bookworm"
platforms: "linux/amd64,linux/arm64" # linux/riscv64 is on hold - checked 2024-06-06 and it's not at https://hub.docker.com/_/debian/tags?page=&page_size=&ordering=&name=bookworm
cache-from: "" # no caching
cache-to: "" # no caching
- os: "debian"
release: "sid"
platforms: "linux/amd64,linux/arm64" # sid has linux/riscv64, but it doesn't carry packages we need yet (rpardini 2024-06-06)
cache-from: "" # no caching
cache-to: "" # no caching
- os: "ubuntu"
release: "noble"
platforms: "linux/amd64,linux/arm64" # linux/riscv64 is on hold - checked 2024-06-06 and it's not at https://hub.docker.com/_/ubuntu/tags?page=&page_size=&ordering=&name=noble
cache-from: "type=gha,scope=docker_build_noble" # all-automatic GitHub Actions caching
cache-to: "type=gha,scope=docker_build_noble,mode=max" # all-automatic GitHub Actions caching, max mode
name: "${{ matrix.release }} (${{ matrix.os }})"
Expand Down Expand Up @@ -96,8 +100,10 @@ jobs:
uses: docker/build-push-action@v5
with:
context: .
provenance: false # until ghcr.io doesn't show provenance attestations properly, it reports an unknown/unknown "arch" instead. disable
sbom: false # no SBOM for now, ghcr.io doesn't support it and pukes
file: ./Dockerfile
platforms: linux/amd64,linux/arm64 # arm64 is done under qemu and is _very_ slow. Thanks, GitHub!
platforms: "${{ matrix.platforms }}"
pull: true # Pull new version of base image, always; avoid bit-rot
push: true
labels: |
Expand Down Expand Up @@ -126,8 +132,10 @@ jobs:
uses: docker/build-push-action@v5
with:
context: .
provenance: false # until ghcr.io doesn't show provenance attestations properly, it reports an unknown/unknown "arch" instead. disable
sbom: false # no SBOM for now, ghcr.io doesn't support it and pukes
file: ./Dockerfile
platforms: linux/amd64,linux/arm64 # arm64 is done under qemu and is _very_ slow. Thanks, GitHub!
platforms: "${{ matrix.platforms }}"
pull: false # Don't pull when retrying
push: true
labels: |
Expand Down