mirror of
https://github.com/goharbor/harbor.git
synced 2024-10-31 23:59:32 +01:00
bf7c82b9a8
Since harbor deprecates notary since v2.9.0, this pull request targets to remove the code related with notary. Signed-off-by: Wang Yan <wangyan@vmware.com>
129 lines
5.7 KiB
YAML
129 lines
5.7 KiB
YAML
name: "Build Package Workflow"
|
|
env:
|
|
DOCKER_COMPOSE_VERSION: 1.23.0
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- release-*
|
|
|
|
jobs:
|
|
BUILD_PACKAGE:
|
|
env:
|
|
BUILD_PACKAGE: true
|
|
runs-on:
|
|
- ubuntu-20.04
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- uses: 'google-github-actions/auth@v1'
|
|
with:
|
|
credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
|
|
- uses: google-github-actions/setup-gcloud@v1
|
|
with:
|
|
version: '430.0.0'
|
|
- run: gcloud info
|
|
- name: Set up Go 1.20
|
|
uses: actions/setup-go@v1
|
|
with:
|
|
go-version: 1.20.4
|
|
id: go
|
|
- name: Setup Docker
|
|
uses: docker-practice/actions-setup-docker@master
|
|
with:
|
|
docker_version: 20.10
|
|
docker_channel: stable
|
|
- uses: actions/checkout@v3
|
|
- uses: jitterbit/get-changed-files@v1
|
|
id: changed-files
|
|
with:
|
|
format: space-delimited
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
- uses: actions/checkout@v3
|
|
with:
|
|
path: src/github.com/goharbor/harbor
|
|
- name: Build Base Image
|
|
if: |
|
|
contains(steps.changed-files.outputs.modified, 'Dockerfile.base') ||
|
|
contains(steps.changed-files.outputs.modified, 'VERSION') ||
|
|
contains(steps.changed-files.outputs.modified, '.buildbaselog') ||
|
|
github.ref == 'refs/heads/main'
|
|
run: |
|
|
set -x
|
|
echo "BUILD_BASE=true" >> $GITHUB_ENV
|
|
- name: Build Package
|
|
run: |
|
|
set -x
|
|
env
|
|
df -h
|
|
harbor_target_bucket=""
|
|
target_branch="$(echo ${GITHUB_REF#refs/heads/})"
|
|
harbor_offline_build_bundle=""
|
|
harbor_online_build_bundle=""
|
|
harbor_logs_bucket="harbor-ci-logs"
|
|
harbor_builds_bucket="harbor-builds"
|
|
harbor_releases_bucket="harbor-releases"
|
|
harbor_ci_pipeline_store_bucket="harbor-ci-pipeline-store/latest"
|
|
# the target release version is the version of next release(RC or GA). It needs to be updated on creating new release branch.
|
|
target_release_version=$(cat ./VERSION)
|
|
Harbor_Package_Version=$target_release_version-'build.'$GITHUB_RUN_NUMBER
|
|
|
|
if [[ $target_branch == "main" ]]; then
|
|
Harbor_Assets_Version=$Harbor_Package_Version
|
|
harbor_target_bucket=$harbor_builds_bucket
|
|
else
|
|
Harbor_Assets_Version=$target_release_version
|
|
harbor_target_bucket=$harbor_releases_bucket/$target_branch
|
|
fi
|
|
|
|
if [[ $target_branch == "release-"* ]]; then
|
|
Harbor_Build_Base_Tag=$target_release_version
|
|
else
|
|
Harbor_Build_Base_Tag=dev
|
|
fi
|
|
|
|
build_base_params=" BUILD_BASE=false"
|
|
cd src/github.com/goharbor/harbor
|
|
if [ -z "$BUILD_BASE" ] || [ "$BUILD_BASE" != "true" ]; then
|
|
echo "Do not need to build base images!"
|
|
else
|
|
build_base_params=" BUILD_BASE=true PUSHBASEIMAGE=true REGISTRYUSER=\"${{ secrets.DOCKER_HUB_USERNAME }}\" REGISTRYPASSWORD=\"${{ secrets.DOCKER_HUB_PASSWORD }}\""
|
|
fi
|
|
sudo make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} TRIVYFLAG=true HTTPPROXY= ${build_base_params}
|
|
sudo make package_online GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} TRIVYFLAG=true HTTPPROXY= ${build_base_params}
|
|
harbor_offline_build_bundle=$(basename harbor-offline-installer-*.tgz)
|
|
harbor_online_build_bundle=$(basename harbor-online-installer-*.tgz)
|
|
echo "Package name is: $harbor_offline_build_bundle"
|
|
echo "Package name is: $harbor_online_build_bundle"
|
|
|
|
echo -en "${{ secrets.HARBOR_SIGN_KEY }}" | gpg --import
|
|
gpg -v -ab -u ${{ secrets.HARBOR_SIGN_KEY_ID }} $harbor_offline_build_bundle
|
|
gpg -v -ab -u ${{ secrets.HARBOR_SIGN_KEY_ID }} $harbor_online_build_bundle
|
|
|
|
source tests/ci/build_util.sh
|
|
cp ${harbor_offline_build_bundle} harbor-offline-installer-latest.tgz
|
|
cp ${harbor_offline_build_bundle}.asc harbor-offline-installer-latest.tgz.asc
|
|
cp ${harbor_online_build_bundle} harbor-online-installer-latest.tgz
|
|
cp ${harbor_online_build_bundle}.asc harbor-online-installer-latest.tgz.asc
|
|
uploader ${harbor_offline_build_bundle} $harbor_target_bucket
|
|
uploader ${harbor_offline_build_bundle}.asc $harbor_target_bucket
|
|
uploader ${harbor_online_build_bundle} $harbor_target_bucket
|
|
uploader ${harbor_online_build_bundle}.asc $harbor_target_bucket
|
|
uploader harbor-offline-installer-latest.tgz $harbor_target_bucket
|
|
uploader harbor-offline-installer-latest.tgz.asc $harbor_target_bucket
|
|
uploader harbor-online-installer-latest.tgz $harbor_target_bucket
|
|
uploader harbor-online-installer-latest.tgz.asc $harbor_target_bucket
|
|
echo "BUILD_BUNDLE=$harbor_offline_build_bundle" >> $GITHUB_ENV
|
|
|
|
publishImage $target_branch $Harbor_Assets_Version "${{ secrets.DOCKER_HUB_USERNAME }}" "${{ secrets.DOCKER_HUB_PASSWORD }}"
|
|
|
|
- name: Slack Notification
|
|
uses: sonots/slack-notice-action@v3
|
|
with:
|
|
status: ${{ job.status }}
|
|
title: Build Package - ${{ env.BUILD_BUNDLE }}
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
|
|
if: always()
|