Skip to content

Commit bf7235f

Browse files
nmjustinchannmjustinchan
committed
refac: push to latest only on master
1 parent 8fbd4a9 commit bf7235f

1 file changed

Lines changed: 70 additions & 65 deletions

File tree

.github/workflows/node_docker_build.yml

Lines changed: 70 additions & 65 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ env:
2020
DOCKER_PUBLIC_REPOSITORY: nethermind/catalyst-node
2121
DOCKER_REGISTRY: nethermind.jfrog.io
2222
DOCKER_REPOSITORY_STAGING: core-oci-local-staging/catalyst-node
23+
MASTER_BRANCH: refs/heads/master
2324

2425
jobs:
2526
build:
@@ -50,7 +51,8 @@ jobs:
5051
- name: Set up Docker Buildx
5152
uses: docker/setup-buildx-action@v3
5253

53-
- uses: docker/login-action@v3
54+
- name: Login to JFrog Artifactory
55+
uses: docker/login-action@v3
5456
with:
5557
registry: ${{ env.DOCKER_REGISTRY }}
5658
username: ${{ secrets.ARTIFACTORY_CORE_USERNAME }}
@@ -69,19 +71,15 @@ jobs:
6971
- name: Set digest output
7072
id: digest
7173
run: |
72-
if [ "${{ matrix.short }}" = "amd64" ]; then
73-
echo "amd64=${{ steps.build.outputs.digest }}" >> $GITHUB_OUTPUT
74-
fi
75-
if [ "${{ matrix.short }}" = "arm64" ]; then
76-
echo "arm64=${{ steps.build.outputs.digest }}" >> $GITHUB_OUTPUT
77-
fi
74+
echo "${{ matrix.short }}=${{ steps.build.outputs.digest }}" >> $GITHUB_OUTPUT
7875
7976
merge:
8077
name: Merge and push multi-arch manifest
8178
runs-on: ubuntu-latest
8279
needs: build
8380
steps:
84-
- uses: docker/login-action@v3
81+
- name: Login to JFrog Artifactory
82+
uses: docker/login-action@v3
8583
with:
8684
registry: ${{ env.DOCKER_REGISTRY }}
8785
username: ${{ secrets.ARTIFACTORY_CORE_USERNAME }}
@@ -90,95 +88,102 @@ jobs:
9088
- name: Set up Docker Buildx
9189
uses: docker/setup-buildx-action@v3
9290

93-
- name: Determine event type and set tags
94-
id: event
91+
- name: Calculate SHA tag
92+
id: sha
9593
run: |
96-
if [[ "${{ github.ref }}" == refs/tags/* ]]; then
97-
echo "is_tag=true" >> $GITHUB_OUTPUT
98-
echo "is_branch=false" >> $GITHUB_OUTPUT
99-
VERSION=${GITHUB_REF#refs/tags/}
100-
echo "version=$VERSION" >> $GITHUB_OUTPUT
101-
echo "tag_list=type=raw,value=$VERSION" >> $GITHUB_OUTPUT
102-
else
103-
echo "is_tag=false" >> $GITHUB_OUTPUT
104-
echo "is_branch=true" >> $GITHUB_OUTPUT
94+
SHORT_SHA="${{ github.sha }}"
95+
SHORT_SHA=${SHORT_SHA:0:7}
96+
echo "tag=sha-${SHORT_SHA}" >> $GITHUB_OUTPUT
97+
echo "short=${SHORT_SHA}" >> $GITHUB_OUTPUT
98+
99+
- name: Determine tags and event type
100+
id: tags
101+
run: |
102+
REF="${{ github.ref }}"
103+
IS_MASTER=false
104+
IS_TAG=false
105+
VERSION_TAG=""
106+
PROMOTE_TAGS=""
107+
108+
if [[ "$REF" == refs/tags/* ]]; then
109+
IS_TAG=true
110+
VERSION_TAG=${REF#refs/tags/}
111+
PROMOTE_TAGS="$VERSION_TAG ${{ steps.sha.outputs.tag }}"
112+
echo "tag_list=type=raw,value=$VERSION_TAG" >> $GITHUB_OUTPUT
113+
elif [[ "$REF" == ${{ env.MASTER_BRANCH }} ]]; then
114+
IS_MASTER=true
115+
PROMOTE_TAGS="latest ${{ steps.sha.outputs.tag }}"
105116
echo "tag_list=type=raw,value=latest" >> $GITHUB_OUTPUT
117+
else
118+
PROMOTE_TAGS="${{ steps.sha.outputs.tag }}"
119+
echo "tag_list=type=sha,value=${{ github.sha }}" >> $GITHUB_OUTPUT
106120
fi
107121
108-
- name: Docker meta
122+
echo "is_master=$IS_MASTER" >> $GITHUB_OUTPUT
123+
echo "is_tag=$IS_TAG" >> $GITHUB_OUTPUT
124+
echo "version_tag=$VERSION_TAG" >> $GITHUB_OUTPUT
125+
echo "promote_tags=$PROMOTE_TAGS" >> $GITHUB_ENV
126+
127+
- name: Generate Docker metadata
109128
id: meta
110129
uses: docker/metadata-action@v5
111130
with:
112131
images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REPOSITORY_STAGING }}
113-
tags: ${{ steps.event.outputs.tag_list }}
132+
tags: ${{ steps.tags.outputs.tag_list }}
114133

115-
- name: Create manifest list and push
134+
- name: Create and push manifest list
116135
run: |
117-
docker buildx imagetools create \
118-
$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
119-
${{ needs.build.outputs.digest-amd64 }} \
120-
${{ needs.build.outputs.digest-arm64 }}
136+
# Filter out "latest" tag if not on master branch
137+
if [[ "${{ steps.tags.outputs.is_master }}" != "true" ]]; then
138+
FILTERED_TAGS=$(jq -cr '.tags | map(select(. | endswith(":latest") | not)) | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON")
139+
else
140+
FILTERED_TAGS=$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON")
141+
fi
142+
143+
if [ -n "$FILTERED_TAGS" ]; then
144+
docker buildx imagetools create \
145+
$FILTERED_TAGS \
146+
${{ needs.build.outputs.digest-amd64 }} \
147+
${{ needs.build.outputs.digest-arm64 }}
148+
fi
121149
122150
- name: Tag with commit SHA
123151
run: |
124-
SHORT_SHA="${{ github.sha }}"
125-
SHORT_SHA=${SHORT_SHA:0:7}
126-
SHA_TAG="sha-${SHORT_SHA}"
127152
docker buildx imagetools create \
128-
-t ${DOCKER_REGISTRY}/${DOCKER_REPOSITORY_STAGING}:${SHA_TAG} \
153+
-t ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REPOSITORY_STAGING }}:${{ steps.sha.outputs.tag }} \
129154
${{ needs.build.outputs.digest-amd64 }} \
130155
${{ needs.build.outputs.digest-arm64 }}
131156
132157
- name: Setup ORAS
133158
uses: oras-project/setup-oras@v1
134159

135-
- name: Check ORAS version
136-
run: oras version
137-
138-
- name: Determine tags to promote
139-
id: promote-tags
140-
run: |
141-
SHORT_SHA="${{ github.sha }}"
142-
SHORT_SHA=${SHORT_SHA:0:7}
143-
SHA_TAG="sha-${SHORT_SHA}"
144-
if [[ "${{ github.ref }}" == refs/tags/* ]]; then
145-
VERSION=${GITHUB_REF#refs/tags/}
146-
echo "TAGS=$VERSION $SHA_TAG" >> $GITHUB_ENV
147-
else
148-
echo "TAGS=latest $SHA_TAG" >> $GITHUB_ENV
149-
fi
150-
151-
- name: Login to Dockerhub registry with ORAS
160+
- name: Login to Docker Hub
152161
run: |
153162
oras login ${{ env.DOCKER_PUBLIC_REGISTRY }} \
154163
-u ${{ secrets.DOCKER_USERNAME }} \
155164
-p ${{ secrets.DOCKER_PASSWORD }}
156165
157-
- name: Promote to Dockerhub Production
166+
- name: Promote to Docker Hub Production
158167
run: |
159168
set -e
160-
for tag in $TAGS; do
161-
echo "Current tag: $tag"
162-
source_image="${DOCKER_REGISTRY}/${DOCKER_REPOSITORY_STAGING}:${tag}"
163-
prod_image="${DOCKER_PUBLIC_REGISTRY}/${DOCKER_PUBLIC_REPOSITORY}:${tag}"
169+
for tag in $PROMOTE_TAGS; do
170+
source_image="${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REPOSITORY_STAGING }}:${tag}"
171+
prod_image="${{ env.DOCKER_PUBLIC_REGISTRY }}/${{ env.DOCKER_PUBLIC_REPOSITORY }}:${tag}"
164172
echo "Promoting ${source_image} to ${prod_image}"
165-
if ! oras cp -r "${source_image}" "${prod_image}"; then
166-
echo "Error: Failed to promote tag ${tag}" >&2
167-
exit 1
168-
fi
173+
oras cp -r "${source_image}" "${prod_image}"
169174
done
170175
171176
- name: Summary
172177
run: |
173178
echo "## Catalyst Node Docker build Completed" >> $GITHUB_STEP_SUMMARY
174-
echo "### Tags" >> $GITHUB_STEP_SUMMARY
175-
for tag in $TAGS; do
176-
echo "- $tag" >> $GITHUB_STEP_SUMMARY
179+
echo "" >> $GITHUB_STEP_SUMMARY
180+
echo "### Tags Promoted" >> $GITHUB_STEP_SUMMARY
181+
for tag in $PROMOTE_TAGS; do
182+
echo "- \`${tag}\`" >> $GITHUB_STEP_SUMMARY
177183
done
178-
echo "### Notes" >> $GITHUB_STEP_SUMMARY
179-
echo "- The images have been pushed to ${DOCKER_REPOSITORY_STAGING} repo" >> $GITHUB_STEP_SUMMARY
180-
echo "- **STAGING Repository**: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REPOSITORY_STAGING }}" >> $GITHUB_STEP_SUMMARY
181-
echo "- **PROD Repository**: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_PUBLIC_REGISTRY }}" >> $GITHUB_STEP_SUMMARY
184+
echo "" >> $GITHUB_STEP_SUMMARY
185+
echo "### Repository Information" >> $GITHUB_STEP_SUMMARY
186+
echo "- **Staging**: \`${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REPOSITORY_STAGING }}\`" >> $GITHUB_STEP_SUMMARY
187+
echo "- **Production**: \`${{ env.DOCKER_PUBLIC_REGISTRY }}/${{ env.DOCKER_PUBLIC_REPOSITORY }}\`" >> $GITHUB_STEP_SUMMARY
182188
echo "- **Platforms**: linux/amd64, linux/arm64" >> $GITHUB_STEP_SUMMARY
183-
echo "- **Commit**: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY
184-
189+
echo "- **Commit**: \`${{ github.sha }}\` (\`${{ steps.sha.outputs.short }}\`)" >> $GITHUB_STEP_SUMMARY

0 commit comments

Comments
 (0)