name: "Build Package Workflow" env: DOCKER_COMPOSE_VERSION: 1.23.0 on: push: branches: - master - release-* tags: - v* jobs: BUILD_PACKAGE: env: BUILD_PACKAGE: true runs-on: #- self-hosted - ubuntu-latest steps: - uses: actions/checkout@v2 - uses: google-github-actions/setup-gcloud@master with: version: '285.0.0' project_id: ${{ secrets.GCP_PROJECT_ID }} service_account_email: ${{ secrets.GCP_SA_EMAIL }} service_account_key: ${{ secrets.GCP_SA_KEY }} export_default_credentials: true - run: gcloud info - name: Set up Go 1.16 uses: actions/setup-go@v1 with: go-version: 1.16.5 id: go - name: setup Docker uses: docker-practice/actions-setup-docker@0.0.1 with: docker_version: 18.09 docker_channel: stable - uses: actions/checkout@v2.1.0 - uses: jitterbit/get-changed-files@v1 id: changed-files with: format: space-delimited token: ${{ secrets.GITHUB_TOKEN }} - uses: actions/checkout@v2 with: path: src/github.com/goharbor/harbor - name: Build Base Image if: | contains(steps.changed-files.outputs.modified, 'Dockerfile.base') || contains(steps.changed-files.outputs.modified, 'VERSION') || contains(steps.changed-files.outputs.modified, '.buildbaselog') run: | set -x echo "BUILD_BASE=true" >> $GITHUB_ENV - name: Build Package run: | set -x env df -h harbor_target_bucket="" target_branch="$(echo ${GITHUB_REF#refs/heads/})" harbor_offline_build_bundle="" harbor_online_build_bundle="" harbor_logs_bucket="harbor-ci-logs" harbor_builds_bucket="harbor-builds" harbor_releases_bucket="harbor-releases" harbor_ci_pipeline_store_bucket="harbor-ci-pipeline-store/latest" # the target release version is the version of next release(RC or GA). It needs to be updated on creating new release branch. target_release_version=$(cat ./VERSION) Harbor_Package_Version=$target_release_version-'build.'$GITHUB_RUN_NUMBER if [[ $target_branch == "master" ]]; then Harbor_Assets_Version=$Harbor_Package_Version harbor_target_bucket=$harbor_builds_bucket else Harbor_Assets_Version=$target_release_version harbor_target_bucket=$harbor_releases_bucket/$target_branch fi if [[ $target_branch == "release-"* ]]; then Harbor_Build_Base_Tag=$target_release_version else Harbor_Build_Base_Tag=dev fi build_base_params=" BUILD_BASE=false" cd src/github.com/goharbor/harbor if [ -z "$BUILD_BASE" ] || [ "$BUILD_BASE" != "true" ]; then echo "Do not need to build base images!" else build_base_params=" BUILD_BASE=true PUSHBASEIMAGE=true REGISTRYUSER=\"${{ secrets.DOCKER_HUB_USERNAME }}\" REGISTRYPASSWORD=\"${{ secrets.DOCKER_HUB_PASSWORD }}\"" fi sudo make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} BUILDBIN=true NOTARYFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY= ${build_base_params} sudo make package_online GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} BUILDBIN=true NOTARYFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY= ${build_base_params} harbor_offline_build_bundle=$(basename harbor-offline-installer-*.tgz) harbor_online_build_bundle=$(basename harbor-online-installer-*.tgz) echo "Package name is: $harbor_offline_build_bundle" echo "Package name is: $harbor_online_build_bundle" echo -en "${{ secrets.HARBOR_SIGN_KEY }}" | gpg --import gpg -v -ab -u ${{ secrets.HARBOR_SIGN_KEY_ID }} $harbor_offline_build_bundle gpg -v -ab -u ${{ secrets.HARBOR_SIGN_KEY_ID }} $harbor_online_build_bundle source tests/ci/build_util.sh cp ${harbor_offline_build_bundle} harbor-offline-installer-latest.tgz cp ${harbor_offline_build_bundle}.asc harbor-offline-installer-latest.tgz.asc uploader ${harbor_offline_build_bundle} $harbor_target_bucket uploader ${harbor_offline_build_bundle}.asc $harbor_target_bucket uploader ${harbor_online_build_bundle} $harbor_target_bucket uploader ${harbor_online_build_bundle}.asc $harbor_target_bucket uploader harbor-offline-installer-latest.tgz $harbor_target_bucket uploader harbor-offline-installer-latest.tgz.asc $harbor_target_bucket echo "BUILD_BUNDLE=$harbor_offline_build_bundle" >> $GITHUB_ENV publishImage $target_branch $Harbor_Assets_Version "${{ secrets.DOCKER_HUB_USERNAME }}" "${{ secrets.DOCKER_HUB_PASSWORD }}" - name: Slack Notification uses: sonots/slack-notice-action@v3 with: status: ${{ job.status }} title: Build Package - ${{ env.BUILD_BUNDLE }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} if: always()