mirrors/brew
1
0
Fork 0
mirror of https://github.com/Homebrew/brew.git synced 2025-07-14 16:09:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

workflows/docker: fix publishing master images

Browse Source 
Follow-up to #19275. Publishing `master` images was broken because the
different matrix jobs were overwriting each other's outputs in the
`merge` job.

The fix is to pre-generate all the required data once up-front which we
do in the `generate-tags` job.
This commit is contained in:
Carlo Cabrera 2025-03-13 22:37:53 +08:00 committed by Carlo Cabrera
parent 35b301e416
commit 9f844b9bfd
No known key found for this signature in database
GPG Key ID: C74D447FC549A1D0
1 changed files with 137 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

205
.github/workflows/docker.yml vendored
View File

@ -17,22 +17,17 @@ defaults:
run: run:
shell: bash -xeuo pipefail {0} shell: bash -xeuo pipefail {0}
env:
VERSIONS: '["18.04", "20.04", "22.04", "24.04"]'
jobs: jobs:
build: generate-tags:
if: github.repository_owner == 'Homebrew' if: github.repository_owner == 'Homebrew'
name: docker (${{ matrix.arch }} Ubuntu ${{ matrix.version }}) runs-on: ubuntu-latest
runs-on: ${{ matrix.arch == 'arm64' && 'ubuntu-24.04-arm' || 'ubuntu-latest' }}
strategy:
fail-fast: false
matrix:
version: ["18.04", "20.04", "22.04", "24.04"]
arch: ["x86_64", "arm64"]
exclude:
- version: "18.04"
arch: "arm64"
- arch: ${{ github.event_name == 'release' && 'arm64' }}
outputs: outputs:
matrix: ${{ steps.attributes.outputs.matrix }}
tags: ${{ steps.attributes.outputs.tags }} tags: ${{ steps.attributes.outputs.tags }}
labels: ${{ steps.attributes.outputs.labels }}
push: ${{ steps.attributes.outputs.push }} push: ${{ steps.attributes.outputs.push }}
steps: steps:
- name: Checkout - name: Checkout
@ -44,11 +39,6 @@ jobs:
- name: Fetch origin/master from Git - name: Fetch origin/master from Git
run: git fetch origin master run: git fetch origin master
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
with:
cache-binary: false
- name: Determine build attributes - name: Determine build attributes
id: attributes id: attributes
run: | run: |
@ -69,48 +59,119 @@ jobs:
${DELIMITER} ${DELIMITER}
EOS EOS
tags=() typeset -A tag_hash
if [[ "${GITHUB_EVENT_NAME}" == "release" ]]; then typeset -A push_hash
tags+=( matrix=()
"ghcr.io/homebrew/ubuntu${{matrix.version}}:${brew_version}" while IFS=$'\n' read -r version; do
"ghcr.io/homebrew/ubuntu${{matrix.version}}:latest" tags=()
"homebrew/ubuntu${{matrix.version}}:${brew_version}" if [[ "${GITHUB_EVENT_NAME}" == "release" ]]; then
"homebrew/ubuntu${{matrix.version}}:latest"
)
if [[ "${{ matrix.version }}" == "22.04" ]]; then
tags+=( tags+=(
"ghcr.io/homebrew/brew:${brew_version}" "ghcr.io/homebrew/ubuntu${version}:${brew_version}"
"ghcr.io/homebrew/brew:latest" "ghcr.io/homebrew/ubuntu${version}:latest"
"homebrew/brew:${brew_version}" "homebrew/ubuntu${version}:${brew_version}"
"homebrew/brew:latest" "homebrew/ubuntu${version}:latest"
)
if [[ "${version}" == "22.04" ]]; then
tags+=(
"ghcr.io/homebrew/brew:${brew_version}"
"ghcr.io/homebrew/brew:latest"
"homebrew/brew:${brew_version}"
"homebrew/brew:latest"
)
fi
elif [[ "${GITHUB_EVENT_NAME}" == "push" &&
"${GITHUB_REF}" == "refs/heads/master" &&
"${version}" == "22.04" ]]; then
tags+=(
"ghcr.io/homebrew/brew:master"
"ghcr.io/homebrew/ubuntu${version}:master"
"homebrew/brew:master"
"homebrew/ubuntu${version}:master"
) )
fi fi
elif [[ "${GITHUB_EVENT_NAME}" == "push" &&
"${GITHUB_REF}" == "refs/heads/master" && if [[ "${#tags[@]}" -ne 0 ]]; then
"${{ matrix.version }}" == "22.04" ]]; then tag_hash["${version}"]="${tags[*]}"
tags+=( push_hash["${version}"]=true
"ghcr.io/homebrew/brew:master" matrix+=("${version}")
"ghcr.io/homebrew/ubuntu${{ matrix.version }}:master" else
"homebrew/brew:master" push_hash["${version}"]=false
"homebrew/ubuntu${{matrix.version}}:master" fi
) done <<<"$(jq --raw-output '.[]' <<<"${VERSIONS}")"
fi
if [[ "${{ matrix.version }}" == "18.04" ]]; then # Transform the `matrix` variable into a JSON array.
echo "matrix=$(jq --null-input --compact-output '$ARGS.positional' --args "${matrix[@]}")" >>"${GITHUB_OUTPUT}"
{
DELIMITER="END_TAGS_$(uuidgen)"
has_previous=
echo "tags<<${DELIMITER}"
printf '{'
for version in "${!tag_hash[@]}"; do
[[ -n "${has_previous:-}" ]] && printf ','
printf '"%s": "%s"' "${version}" "${tag_hash[$version]}"
has_previous=1
done
echo '}'
echo "${DELIMITER}"
} | tee -a "${GITHUB_OUTPUT}"
{
DELIMITER="END_PUSH_$(uuidgen)"
has_previous=
echo "push<<${DELIMITER}"
printf '{'
for version in "${!push_hash[@]}"; do
[[ -n "${has_previous:-}" ]] && printf ','
printf '"%s": "%s"' "${version}" "${push_hash[$version]}"
has_previous=1
done
echo '}'
echo "${DELIMITER}"
} | tee -a "${GITHUB_OUTPUT}"
build:
needs: generate-tags
if: github.repository_owner == 'Homebrew'
name: docker (${{ matrix.arch }} Ubuntu ${{ matrix.version }})
runs-on: ${{ matrix.arch == 'arm64' && 'ubuntu-24.04-arm' || 'ubuntu-latest' }}
strategy:
fail-fast: false
matrix:
version: ["18.04", "20.04", "22.04", "24.04"]
arch: ["x86_64", "arm64"]
exclude:
- version: "18.04"
arch: "arm64"
- arch: ${{ github.event_name == 'release' && 'arm64' }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
persist-credentials: false
- name: Fetch origin/master from Git
run: git fetch origin master
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
with:
cache-binary: false
- name: Retrieve build attributes
id: attributes
env:
VERSION: ${{ matrix.version }}
PUSH: ${{ needs.generate-tags.outputs.push }}
run: |
if [[ "${VERSION}" == "18.04" ]]; then
# odeprecated: remove this in Homebrew >=4.5 # odeprecated: remove this in Homebrew >=4.5
echo "The homebrew/ubuntu18.04 image is deprecated and will soon be retired. Use homebrew/ubuntu22.04 or homebrew/ubuntu24.04 or homebrew/ubuntu20.04 or homebrew/brew." > .docker-deprecate echo "The homebrew/ubuntu18.04 image is deprecated and will soon be retired. Use homebrew/ubuntu22.04 or homebrew/ubuntu24.04 or homebrew/ubuntu20.04 or homebrew/brew." > .docker-deprecate
fi fi
{ filter="$(printf '.["%s"]' "${VERSION}")"
if [[ "${#tags[@]}" -ne 0 ]]; then echo "push=$(jq --raw-output "${filter}" <<<"${PUSH}")" >>"${GITHUB_OUTPUT}"
DELIMITER="END_TAGS_$(uuidgen)"
echo "tags<<${DELIMITER}"
printf "%s\n" "${tags[@]}"
echo "${DELIMITER}"
echo "push=true"
else
echo "push=false"
fi
} | tee -a "${GITHUB_OUTPUT}"
- name: Log in to GitHub Packages (github-actions[bot]) - name: Log in to GitHub Packages (github-actions[bot])
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
@ -127,7 +188,7 @@ jobs:
tags: brew tags: brew
cache-from: type=registry,ref=ghcr.io/homebrew/ubuntu${{ matrix.version }}:cache cache-from: type=registry,ref=ghcr.io/homebrew/ubuntu${{ matrix.version }}:cache
build-args: version=${{ matrix.version }} build-args: version=${{ matrix.version }}
labels: ${{ steps.attributes.outputs.labels }} labels: ${{ needs.generate-tags.outputs.labels }}
- name: Run brew test-bot --only-setup - name: Run brew test-bot --only-setup
# TODO: Remove this conditional when `brew doctor` no longer throws an error on ARM64 Linux. # TODO: Remove this conditional when `brew doctor` no longer throws an error on ARM64 Linux.
@ -135,7 +196,7 @@ jobs:
run: docker run --rm brew brew test-bot --only-setup run: docker run --rm brew brew test-bot --only-setup
- name: Log in to GitHub Packages (BrewTestBot) - name: Log in to GitHub Packages (BrewTestBot)
if: steps.attributes.outputs.push == 'true' if: fromJSON(steps.attributes.outputs.push)
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with: with:
registry: ghcr.io registry: ghcr.io
@ -144,18 +205,18 @@ jobs:
- name: Deploy the Docker image by digest - name: Deploy the Docker image by digest
id: digest id: digest
if: steps.attributes.outputs.push == 'true' if: fromJSON(steps.attributes.outputs.push)
uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0 uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
with: with:
context: . context: .
cache-from: type=registry,ref=ghcr.io/homebrew/ubuntu${{ matrix.version }}:cache cache-from: type=registry,ref=ghcr.io/homebrew/ubuntu${{ matrix.version }}:cache
cache-to: type=registry,ref=ghcr.io/homebrew/ubuntu${{ matrix.version }}:cache,mode=max cache-to: type=registry,ref=ghcr.io/homebrew/ubuntu${{ matrix.version }}:cache,mode=max
build-args: version=${{ matrix.version }} build-args: version=${{ matrix.version }}
labels: ${{ steps.attributes.outputs.labels }} labels: ${{ needs.generate-tags.outputs.labels }}
outputs: type=image,name=ghcr.io/homebrew/ubuntu${{ matrix.version }},name-canonical=true,push=true,push-by-digest=true outputs: type=image,name=ghcr.io/homebrew/ubuntu${{ matrix.version }},name-canonical=true,push=true,push-by-digest=true
- name: Export the Docker image digest - name: Export the Docker image digest
if: steps.attributes.outputs.push == 'true' if: fromJSON(steps.attributes.outputs.push)
run: | run: |
mkdir -p "${RUNNER_TEMP}"/digests mkdir -p "${RUNNER_TEMP}"/digests
echo "${DIGEST#sha256:}" >"${RUNNER_TEMP}/digests/${VERSION}-${ARCH}" echo "${DIGEST#sha256:}" >"${RUNNER_TEMP}/digests/${VERSION}-${ARCH}"
@ -165,20 +226,20 @@ jobs:
ARCH: ${{ matrix.arch }} ARCH: ${{ matrix.arch }}
- name: Upload the Docker image digest - name: Upload the Docker image digest
if: steps.attributes.outputs.push == 'true' if: fromJSON(steps.attributes.outputs.push)
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with: with:
name: digest-${{ matrix.version }}-${{ matrix.arch }} name: digest-${{ matrix.version }}-${{ matrix.arch }}
path: ${{ runner.temp }}/digests/* path: ${{ runner.temp }}/digests/*
merge: merge:
needs: build needs: [generate-tags, build]
if: github.repository_owner == 'Homebrew' && needs.build.outputs.push == 'true' if: github.repository_owner == 'Homebrew'
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
version: ["18.04", "20.04", "22.04", "24.04"] version: ${{ fromJSON(needs.generate-tags.outputs.matrix) }}
steps: steps:
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
@ -205,6 +266,15 @@ jobs:
username: BrewTestBot username: BrewTestBot
password: ${{ secrets.HOMEBREW_BREW_GITHUB_PACKAGES_TOKEN }} password: ${{ secrets.HOMEBREW_BREW_GITHUB_PACKAGES_TOKEN }}
- name: Export TAGS and VERSION to environment
env:
TAGS: ${{ needs.generate-tags.outputs.tags }}
VERSION: ${{ matrix.version }}
run: |
filter="$(printf '.["%s"]' "${VERSION}")"
echo "TAGS=$(jq --raw-output "${filter}" <<<"${TAGS}")" >>"${GITHUB_ENV}"
echo "VERSION=${VERSION}" >>"${GITHUB_ENV}"
- name: Merge and push Docker image - name: Merge and push Docker image
run: | run: |
tag_args=() tag_args=()
@ -213,10 +283,9 @@ jobs:
tag_args+=("--tag=${tag}") tag_args+=("--tag=${tag}")
done <<<"${TAGS}" done <<<"${TAGS}"
docker buildx imagetools create \ image_args=("ghcr.io/homebrew/ubuntu${VERSION}@sha256:$(<"${RUNNER_TEMP}/digests/${VERSION}-x86_64")")
"${tag_args[@]}" \ if [[ "${VERSION}" != 18.04 ]]; then
"ghcr.io/homebrew/ubuntu${VERSION}@sha256:$(cat "${RUNNER_TEMP}/digests/${VERSION}-x86_64")" \ image_args+=("ghcr.io/homebrew/ubuntu${VERSION}@sha256:$(<"${RUNNER_TEMP}/digests/${VERSION}-arm64")")
"ghcr.io/homebrew/ubuntu${VERSION}@sha256:$(cat "${RUNNER_TEMP}/digests/${VERSION}-arm64")" fi
env:
TAGS: ${{ needs.build.outputs.tags }} docker buildx imagetools create "${tag_args[@]}" "${image_args[@]}"
VERSION: ${{ matrix.version }}