diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 1060e4b5..fc99b29f 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -159,8 +159,8 @@ jobs: echo "Built & pushed AMD64 images to: ${{ env.DOCKERHUB_IMAGE }}:${TAG}" shell: bash - sign-and-package: - name: Sign and Package + create-manifest: + name: Create Multi-Arch Manifests runs-on: [self-hosted, linux, x64, us-east-1] needs: [release-arm, release-amd] if: >- @@ -168,6 +168,40 @@ jobs: needs.release-arm.result == 'success' && needs.release-amd.result == 'success' }} + timeout-minutes: 30 + steps: + - name: Checkout code + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + + - name: Log in to Docker Hub + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + with: + registry: docker.io + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Extract tag name + id: get-tag + run: echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV + shell: bash + + - name: Create multi-arch manifests + run: | + TAG=${{ env.TAG }} + make create-manifests tag=$TAG + echo "Created multi-arch manifests for tag: ${TAG}" + shell: bash + + sign-and-package: + name: Sign and Package + runs-on: [self-hosted, linux, x64, us-east-1] + needs: [release-arm, release-amd, create-manifest] + if: >- + ${{ + needs.release-arm.result == 'success' && + needs.release-amd.result == 'success' && + needs.create-manifest.result == 'success' + }} # Job-level timeout to avoid runaway or stuck runs timeout-minutes: 120 env: @@ -312,13 +346,14 @@ jobs: shell: bash post-run: - needs: [pre-run, release-arm, release-amd, sign-and-package] + needs: [pre-run, release-arm, release-amd, create-manifest, sign-and-package] if: >- ${{ always() && needs.pre-run.result == 'success' && (needs.release-arm.result == 'success' || needs.release-arm.result == 'skipped' || needs.release-arm.result == 'failure') && (needs.release-amd.result == 'success' || needs.release-amd.result == 'skipped' || needs.release-amd.result == 'failure') && + (needs.create-manifest.result == 'success' || needs.create-manifest.result == 'skipped' || needs.create-manifest.result == 'failure') && (needs.sign-and-package.result == 'success' || needs.sign-and-package.result == 'skipped' || needs.sign-and-package.result == 'failure') }} runs-on: ubuntu-latest diff --git a/Makefile b/Makefile index 25e19ef4..3a1bbf59 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -.PHONY: build build-pg build-release build-release-arm build-release-amd build-arm build-x86 test clean +.PHONY: build build-pg build-release build-release-arm build-release-amd create-manifests build-arm build-x86 test clean major_tag := $(shell echo $(tag) | cut -d. -f1) minor_tag := $(shell echo $(tag) | cut -d. -f1,2) @@ -78,37 +78,37 @@ build-release-arm: --build-arg BUILD=oss \ --build-arg DATABASE=sqlite \ --platform linux/arm64 \ - --tag fosrl/pangolin:latest \ - --tag fosrl/pangolin:$$MAJOR_TAG \ - --tag fosrl/pangolin:$$MINOR_TAG \ - --tag fosrl/pangolin:$(tag) \ + --tag fosrl/pangolin:latest-arm64 \ + --tag fosrl/pangolin:$$MAJOR_TAG-arm64 \ + --tag fosrl/pangolin:$$MINOR_TAG-arm64 \ + --tag fosrl/pangolin:$(tag)-arm64 \ --push . && \ docker buildx build \ --build-arg BUILD=oss \ --build-arg DATABASE=pg \ --platform linux/arm64 \ - --tag fosrl/pangolin:postgresql-latest \ - --tag fosrl/pangolin:postgresql-$$MAJOR_TAG \ - --tag fosrl/pangolin:postgresql-$$MINOR_TAG \ - --tag fosrl/pangolin:postgresql-$(tag) \ + --tag fosrl/pangolin:postgresql-latest-arm64 \ + --tag fosrl/pangolin:postgresql-$$MAJOR_TAG-arm64 \ + --tag fosrl/pangolin:postgresql-$$MINOR_TAG-arm64 \ + --tag fosrl/pangolin:postgresql-$(tag)-arm64 \ --push . && \ docker buildx build \ --build-arg BUILD=enterprise \ --build-arg DATABASE=sqlite \ --platform linux/arm64 \ - --tag fosrl/pangolin:ee-latest \ - --tag fosrl/pangolin:ee-$$MAJOR_TAG \ - --tag fosrl/pangolin:ee-$$MINOR_TAG \ - --tag fosrl/pangolin:ee-$(tag) \ + --tag fosrl/pangolin:ee-latest-arm64 \ + --tag fosrl/pangolin:ee-$$MAJOR_TAG-arm64 \ + --tag fosrl/pangolin:ee-$$MINOR_TAG-arm64 \ + --tag fosrl/pangolin:ee-$(tag)-arm64 \ --push . && \ docker buildx build \ --build-arg BUILD=enterprise \ --build-arg DATABASE=pg \ --platform linux/arm64 \ - --tag fosrl/pangolin:ee-postgresql-latest \ - --tag fosrl/pangolin:ee-postgresql-$$MAJOR_TAG \ - --tag fosrl/pangolin:ee-postgresql-$$MINOR_TAG \ - --tag fosrl/pangolin:ee-postgresql-$(tag) \ + --tag fosrl/pangolin:ee-postgresql-latest-arm64 \ + --tag fosrl/pangolin:ee-postgresql-$$MAJOR_TAG-arm64 \ + --tag fosrl/pangolin:ee-postgresql-$$MINOR_TAG-arm64 \ + --tag fosrl/pangolin:ee-postgresql-$(tag)-arm64 \ --push . build-release-amd: @@ -122,38 +122,79 @@ build-release-amd: --build-arg BUILD=oss \ --build-arg DATABASE=sqlite \ --platform linux/amd64 \ - --tag fosrl/pangolin:latest \ - --tag fosrl/pangolin:$$MAJOR_TAG \ - --tag fosrl/pangolin:$$MINOR_TAG \ - --tag fosrl/pangolin:$(tag) \ + --tag fosrl/pangolin:latest-amd64 \ + --tag fosrl/pangolin:$$MAJOR_TAG-amd64 \ + --tag fosrl/pangolin:$$MINOR_TAG-amd64 \ + --tag fosrl/pangolin:$(tag)-amd64 \ --push . && \ docker buildx build \ --build-arg BUILD=oss \ --build-arg DATABASE=pg \ --platform linux/amd64 \ - --tag fosrl/pangolin:postgresql-latest \ - --tag fosrl/pangolin:postgresql-$$MAJOR_TAG \ - --tag fosrl/pangolin:postgresql-$$MINOR_TAG \ - --tag fosrl/pangolin:postgresql-$(tag) \ + --tag fosrl/pangolin:postgresql-latest-amd64 \ + --tag fosrl/pangolin:postgresql-$$MAJOR_TAG-amd64 \ + --tag fosrl/pangolin:postgresql-$$MINOR_TAG-amd64 \ + --tag fosrl/pangolin:postgresql-$(tag)-amd64 \ --push . && \ docker buildx build \ --build-arg BUILD=enterprise \ --build-arg DATABASE=sqlite \ --platform linux/amd64 \ - --tag fosrl/pangolin:ee-latest \ - --tag fosrl/pangolin:ee-$$MAJOR_TAG \ - --tag fosrl/pangolin:ee-$$MINOR_TAG \ - --tag fosrl/pangolin:ee-$(tag) \ + --tag fosrl/pangolin:ee-latest-amd64 \ + --tag fosrl/pangolin:ee-$$MAJOR_TAG-amd64 \ + --tag fosrl/pangolin:ee-$$MINOR_TAG-amd64 \ + --tag fosrl/pangolin:ee-$(tag)-amd64 \ --push . && \ docker buildx build \ --build-arg BUILD=enterprise \ --build-arg DATABASE=pg \ --platform linux/amd64 \ + --tag fosrl/pangolin:ee-postgresql-latest-amd64 \ + --tag fosrl/pangolin:ee-postgresql-$$MAJOR_TAG-amd64 \ + --tag fosrl/pangolin:ee-postgresql-$$MINOR_TAG-amd64 \ + --tag fosrl/pangolin:ee-postgresql-$(tag)-amd64 \ + --push . + +create-manifests: + @if [ -z "$(tag)" ]; then \ + echo "Error: tag is required. Usage: make create-manifests tag="; \ + exit 1; \ + fi + @MAJOR_TAG=$$(echo $(tag) | cut -d. -f1); \ + MINOR_TAG=$$(echo $(tag) | cut -d. -f1,2); \ + echo "Creating multi-arch manifests for sqlite (oss)..." && \ + docker buildx imagetools create \ + --tag fosrl/pangolin:latest \ + --tag fosrl/pangolin:$$MAJOR_TAG \ + --tag fosrl/pangolin:$$MINOR_TAG \ + --tag fosrl/pangolin:$(tag) \ + fosrl/pangolin:latest-arm64 \ + fosrl/pangolin:latest-amd64 && \ + echo "Creating multi-arch manifests for postgresql (oss)..." && \ + docker buildx imagetools create \ + --tag fosrl/pangolin:postgresql-latest \ + --tag fosrl/pangolin:postgresql-$$MAJOR_TAG \ + --tag fosrl/pangolin:postgresql-$$MINOR_TAG \ + --tag fosrl/pangolin:postgresql-$(tag) \ + fosrl/pangolin:postgresql-latest-arm64 \ + fosrl/pangolin:postgresql-latest-amd64 && \ + echo "Creating multi-arch manifests for sqlite (enterprise)..." && \ + docker buildx imagetools create \ + --tag fosrl/pangolin:ee-latest \ + --tag fosrl/pangolin:ee-$$MAJOR_TAG \ + --tag fosrl/pangolin:ee-$$MINOR_TAG \ + --tag fosrl/pangolin:ee-$(tag) \ + fosrl/pangolin:ee-latest-arm64 \ + fosrl/pangolin:ee-latest-amd64 && \ + echo "Creating multi-arch manifests for postgresql (enterprise)..." && \ + docker buildx imagetools create \ --tag fosrl/pangolin:ee-postgresql-latest \ --tag fosrl/pangolin:ee-postgresql-$$MAJOR_TAG \ --tag fosrl/pangolin:ee-postgresql-$$MINOR_TAG \ --tag fosrl/pangolin:ee-postgresql-$(tag) \ - --push . + fosrl/pangolin:ee-postgresql-latest-arm64 \ + fosrl/pangolin:ee-postgresql-latest-amd64 && \ + echo "All multi-arch manifests created successfully!" build-rc: @if [ -z "$(tag)" ]; then \