Skip to content

Commit

Permalink
chore: Cleanup workflows to be run from just
Browse files Browse the repository at this point in the history
  • Loading branch information
@gmpinder
gmpinder committed Oct 7, 2024
1 parent 7c55789 commit 8c0fda9
Show file tree
Hide file tree
Showing 16 changed files with 310 additions and 265 deletions.
213 changes: 65 additions & 148 deletions .github/workflows/build-pr.yml
View file

Large diffs are not rendered by default.

159 changes: 73 additions & 86 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,47 @@ jobs:
run: |
earthly --ci --push -P +prebuild
build:
build-scripts:
timeout-minutes: 60
runs-on: ubuntu-latest
if: github.repository == 'blue-build/cli'
steps:
- name: Maximize build space
uses: ublue-os/remove-unwanted-software@v6
env:
EARTHLY_SAT_TOKEN: ${{ secrets.EARTHLY_SAT_TOKEN }}
if: env.EARTHLY_SAT_TOKEN == null

- uses: earthly/actions-setup@v1

- name: Earthly login
env:
EARTHLY_SAT_TOKEN: ${{ secrets.EARTHLY_SAT_TOKEN }}
if: env.EARTHLY_SAT_TOKEN != null
run: |
earthly account login --token ${{ secrets.EARTHLY_SAT_TOKEN }} >> /dev/null
earthly org s blue-build
earthly sat s pr
- uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}}

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}

- name: Run build
id: build
run: |
earthly --ci --push -P +build-scripts
build-images:
permissions:
packages: write
timeout-minutes: 60
Expand Down Expand Up @@ -188,7 +228,7 @@ jobs:
runs-on: ubuntu-latest
if: github.repository == 'blue-build/cli'
needs:
- build
- build-scripts

steps:
- name: Maximize build space
Expand Down Expand Up @@ -216,7 +256,7 @@ jobs:
id-token: write
if: github.repository == 'blue-build/cli'
needs:
- build
- build-scripts

steps:
- name: Maximize build space
Expand All @@ -236,36 +276,29 @@ jobs:
with:
ref: main


- name: Install bluebuild
run: |
cargo install --path . --debug --all-features
- name: Expose GitHub Runtime
uses: crazy-max/ghaction-github-runtime@v3

- uses: extractions/setup-just@v1

- name: Run Build
env:
GH_TOKEN: ${{ github.token }}
GH_PR_EVENT_NUMBER: ${{ github.event.number }}
COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
BB_BUILDKIT_CACHE_GHA: true
run: |
cd integration-tests/test-repo
bluebuild template -vv | tee Containerfile
grep -q 'ARG IMAGE_REGISTRY=ghcr.io/blue-build' Containerfile || exit 1
bluebuild build --retry-push -B docker -I docker -S sigstore --push -vv recipes/recipe.yml recipes/recipe-39.yml
run: just test-docker-build

arm64-build:
timeout-minutes: 60
timeout-minutes: 40
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
if: github.repository == 'blue-build/cli'
needs:
- build
- build-scripts

steps:
- name: Maximize build space
Expand All @@ -286,27 +319,18 @@ jobs:
ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}}

- name: Install bluebuild
run: |
cargo install --path . --debug --all-features
- name: Expose GitHub Runtime
uses: crazy-max/ghaction-github-runtime@v3

- uses: extractions/setup-just@v1

- name: Run Build
env:
GH_TOKEN: ${{ github.token }}
GH_PR_EVENT_NUMBER: ${{ github.event.number }}
COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
BB_BUILDKIT_CACHE_GHA: true
run: |
cd integration-tests/test-repo
bluebuild build \
--retry-push \
--platform linux/arm64 \
--push \
-vv \
recipes/recipe-arm64.yml
run: just test-arm64-build

docker-build-external-login:
timeout-minutes: 60
Expand All @@ -317,7 +341,7 @@ jobs:
id-token: write
if: github.repository == 'blue-build/cli'
needs:
- build
- build-scripts

steps:
- name: Maximize build space
Expand Down Expand Up @@ -345,23 +369,17 @@ jobs:
ref: main


- name: Install bluebuild
run: |
cargo install --path . --debug --all-features
- name: Expose GitHub Runtime
uses: crazy-max/ghaction-github-runtime@v3

- uses: extractions/setup-just@v1

- name: Run Build
env:
GH_PR_EVENT_NUMBER: ${{ github.event.number }}
COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
BB_BUILDKIT_CACHE_GHA: true
run: |
cd integration-tests/test-repo
bluebuild template -vv | tee Containerfile
grep -q 'ARG IMAGE_REGISTRY=ghcr.io/blue-build' Containerfile || exit 1
bluebuild build --retry-push -S sigstore --push -vv recipes/recipe.yml recipes/recipe-39.yml
run: just test-docker-build-external-login

docker-build-oauth-login:
timeout-minutes: 60
Expand All @@ -371,7 +389,7 @@ jobs:
packages: write
id-token: write
needs:
- build
- build-scripts
if: github.repository == 'blue-build/cli'

steps:
Expand Down Expand Up @@ -409,28 +427,17 @@ jobs:
with:
ref: main

- name: Install bluebuild
run: |
cargo install --path . --debug --all-features
- name: Expose GitHub Runtime
uses: crazy-max/ghaction-github-runtime@v3

- uses: extractions/setup-just@v1

- name: Run Build
env:
GH_PR_EVENT_NUMBER: ${{ github.event.number }}
COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
BB_BUILDKIT_CACHE_GHA: true
run: |
cd integration-tests/test-repo
bluebuild template -vv | tee Containerfile
bluebuild build \
--registry us-east1-docker.pkg.dev \
--registry-namespace bluebuild-oidc/bluebuild \
--retry-push \
--push \
-vv \
recipes/recipe.yml recipes/recipe-39.yml
run: just test-docker-build-oauth-login

podman-build:
timeout-minutes: 60
Expand All @@ -441,7 +448,7 @@ jobs:
id-token: write
if: github.repository == 'blue-build/cli'
needs:
- build
- build-scripts

steps:
- name: Maximize build space
Expand Down Expand Up @@ -469,20 +476,14 @@ jobs:
ref: main


- name: Install bluebuild
run: |
cargo install --path . --debug --all-features
- uses: extractions/setup-just@v1

- name: Run Build
env:
GH_TOKEN: ${{ github.token }}
GH_PR_EVENT_NUMBER: ${{ github.event.number }}
COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
run: |
cd integration-tests/test-repo
bluebuild template -vv | tee Containerfile
grep -q 'ARG IMAGE_REGISTRY=ghcr.io/blue-build' Containerfile || exit 1
bluebuild build --retry-push -B podman -I podman -S sigstore --push -vv recipes/recipe.yml recipes/recipe-39.yml
run: just test-podman-build

buildah-build:
timeout-minutes: 60
Expand All @@ -493,7 +494,7 @@ jobs:
id-token: write
if: github.repository == 'blue-build/cli'
needs:
- build
- build-scripts

steps:
- name: Maximize build space
Expand Down Expand Up @@ -521,20 +522,14 @@ jobs:
ref: main


- name: Install bluebuild
run: |
cargo install --path . --debug --all-features
- uses: extractions/setup-just@v1

- name: Run Build
env:
GH_TOKEN: ${{ github.token }}
GH_PR_EVENT_NUMBER: ${{ github.event.number }}
COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
run: |
cd integration-tests/test-repo
bluebuild template -vv | tee Containerfile
grep -q 'ARG IMAGE_REGISTRY=ghcr.io/blue-build' Containerfile || exit 1
bluebuild build --retry-push -B buildah -I podman -S sigstore --squash --push -vv recipes/recipe.yml recipes/recipe-39.yml
run: just test-buildah-build

iso-from-image:
timeout-minutes: 60
Expand All @@ -544,7 +539,7 @@ jobs:
packages: write
id-token: write
needs:
- build
- build-scripts
if: github.repository == 'blue-build/cli'

steps:
Expand All @@ -566,22 +561,18 @@ jobs:
ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}}

- name: Install bluebuild
run: |
cargo install --path . --debug --all-features
- name: Expose GitHub Runtime
uses: crazy-max/ghaction-github-runtime@v3

- uses: extractions/setup-just@v1

- name: Run Build
env:
GH_TOKEN: ${{ github.token }}
GH_PR_EVENT_NUMBER: ${{ github.event.number }}
COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
BB_BUILDKIT_CACHE_GHA: true
run: |
cd integration-tests/test-repo
bluebuild generate-iso image ghcr.io/blue-build/cli/test:40
run: just test-generate-iso-image

iso-from-recipe:
timeout-minutes: 60
Expand All @@ -591,7 +582,7 @@ jobs:
packages: write
id-token: write
needs:
- build
- build-scripts
if: github.repository == 'blue-build/cli'

steps:
Expand All @@ -613,19 +604,15 @@ jobs:
ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}}

- name: Install bluebuild
run: |
cargo install --path . --debug --all-features
- name: Expose GitHub Runtime
uses: crazy-max/ghaction-github-runtime@v3

- uses: extractions/setup-just@v1

- name: Run Build
env:
GH_TOKEN: ${{ github.token }}
GH_PR_EVENT_NUMBER: ${{ github.event.number }}
COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }}
BB_BUILDKIT_CACHE_GHA: true
run: |
cd integration-tests/test-repo
bluebuild generate-iso -vv recipe recipes/recipe.yml
run: just test-generate-iso-image
1 change: 1 addition & 0 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ version = "0.8.20"

[workspace.dependencies]
bon = "2"
cached = "0.53"
chrono = "0.4"
clap = "4"
colored = "2"
Expand Down Expand Up @@ -71,6 +72,7 @@ requestty = { version = "0.5", features = ["macros", "termion"] }
shadow-rs = "0.26"
urlencoding = "2"

cached.workspace = true
clap = { workspace = true, features = ["derive", "cargo", "unicode", "env"] }
colored.workspace = true
indicatif.workspace = true
Expand Down
Loading

0 comments on commit 8c0fda9

Please sign in to comment.