Build Cloud Cluster image #1750
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Cloud Cluster image | |
| on: | |
| workflow_call: | |
| inputs: | |
| push_image: | |
| description: "Push image" | |
| required: false | |
| type: boolean | |
| default: false | |
| push_image_tag: | |
| description: "Push all-in-one image tag, default is latest" | |
| default: "latest" | |
| required: false | |
| type: string | |
| build_from: | |
| description: "Build all-in-one image from components image tag, default is latest" | |
| default: "latest" | |
| required: false | |
| type: string | |
| workflow_dispatch: | |
| inputs: | |
| push_image: | |
| description: "Push image" | |
| required: false | |
| type: boolean | |
| default: false | |
| push_image_tag: | |
| description: "Push all-in-one image tag, default is latest" | |
| default: "latest" | |
| required: false | |
| type: string | |
| build_from: | |
| description: "Build all-in-one image from components image tag, default is latest" | |
| default: "latest" | |
| required: false | |
| type: string | |
| push: | |
| branches: ["main"] | |
| paths: | |
| - "deploy/cloud/**" | |
| - ".github/workflows/cloud.yml" | |
| - "!**/*.md" | |
| - "!**/*.yaml" | |
| pull_request: | |
| branches: ["*"] | |
| paths: | |
| - "deploy/cloud/**" | |
| - ".github/workflows/cloud.yml" | |
| - "!**/*.md" | |
| - "!**/*.yaml" | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| # Common versions | |
| GO_VERSION: "1.20" | |
| DEFAULT_OWNER: "labring" | |
| ALIYUN_REGISTRY: ${{ secrets.ALIYUN_REGISTRY }} | |
| ALIYUN_REPO_PREFIX: ${{ secrets.ALIYUN_REPO_PREFIX && secrets.ALIYUN_REPO_PREFIX || secrets.ALIYUN_USERNAME && format('{0}/{1}', secrets.ALIYUN_REGISTRY, secrets.ALIYUN_USERNAME) || '' }} | |
| jobs: | |
| build-cluster-image: | |
| if: ${{ (github.event_name == 'release') ||(github.event_name == 'push') || (inputs.push_image == true) }} | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Free Disk Space (Ubuntu) | |
| uses: BRAINSia/free-disk-space@v2 | |
| with: | |
| # this might remove tools that are actually needed, | |
| # if set to "true" but frees about 6 GB | |
| tool-cache: false | |
| # all of these default to true, but feel free to set to | |
| # "false" if necessary for your workflow | |
| mandb: true | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: true | |
| docker-images: true | |
| swap-storage: true | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Expose git commit data | |
| uses: rlespinasse/git-commit-data-action@v1 | |
| - name: Check if tag | |
| id: check_tag | |
| env: | |
| REF: ${{ github.ref }} | |
| run: | | |
| if [[ "$REF" == refs/tags/* ]]; then | |
| echo "isTag=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "isTag=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Prepare | |
| id: prepare | |
| env: | |
| PUSH_IMAGE: ${{ inputs.push_image }} | |
| IS_TAG: ${{ steps.check_tag.outputs.isTag }} | |
| PUSH_IMAGE_TAG: ${{ inputs.push_image_tag }} | |
| REPO_OWNER: ${{ github.repository_owner }} | |
| run: | | |
| bash scripts/resolve-tag-image.sh "$PUSH_IMAGE" "$IS_TAG" "$PUSH_IMAGE_TAG" | |
| echo "repo=ghcr.io/${REPO_OWNER}/sealos-cloud" >> $GITHUB_OUTPUT | |
| if [[ -n "${{ env.ALIYUN_REPO_PREFIX }}" ]]; then | |
| echo "aliyun_repo=${{ env.ALIYUN_REPO_PREFIX }}/sealos-cloud" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Install sealos | |
| run: | | |
| sudo bash ./.github/scripts/install.sh | |
| # todo: mutate image tag in images/shim and scripts or change scripts to use changeable tags | |
| - name: Sealos login to ghcr.io | |
| # if push to master, then login to ghcr.io | |
| env: | |
| REPOSITORY_OWNER: ${{ github.repository_owner }} | |
| GH_PAT: ${{ secrets.GHCR_TOKEN || secrets.GITHUB_TOKEN }} | |
| run: | | |
| sudo sealos login -u "${REPOSITORY_OWNER}" -p "${GH_PAT}" --debug ghcr.io | |
| - name: Sealos login to Aliyun Registry | |
| if: ${{ env.ALIYUN_REGISTRY }} | |
| env: | |
| ALIYUN_USERNAME: ${{ secrets.ALIYUN_USERNAME }} | |
| ALIYUN_PASSWORD: ${{ secrets.ALIYUN_PASSWORD }} | |
| run: | | |
| sudo sealos login -u "$ALIYUN_USERNAME" -p "$ALIYUN_PASSWORD" --debug ${{ env.ALIYUN_REGISTRY }} | |
| - name: Build sealos cloud cluster image | |
| working-directory: deploy/cloud | |
| env: | |
| BUILD_FROM: ${{ inputs.build_from }} | |
| REPOSITORY_OWNER: ${{ github.repository_owner }} | |
| REPO: ${{ steps.prepare.outputs.repo }} | |
| ALIYUN_REPO: ${{ steps.prepare.outputs.aliyun_repo }} | |
| TAG_NAME: ${{ steps.prepare.outputs.tag_name }} | |
| run: | | |
| [ -z "${BUILD_FROM}" ] && BuildFromTag="latest" || BuildFromTag="${BUILD_FROM}"; echo "BuildFromTag=${BuildFromTag}" | |
| sed -i "s#labring#${REPOSITORY_OWNER}#g" init.sh | |
| sed -i "s#latest#${BuildFromTag}#g" init.sh | |
| # Build for GHCR | |
| sudo bash init.sh amd64 | |
| sudo sealos build -t "${REPO}:${TAG_NAME}-amd64" --platform linux/amd64 -f Kubefile | |
| sudo sealos build -t "${REPO}:latest-amd64" --platform linux/amd64 -f Kubefile | |
| # delete old registry cache | |
| sudo rm -rf registry | |
| sudo rm -rf tars | |
| sudo bash init.sh arm64 | |
| sudo sealos build -t "${REPO}:${TAG_NAME}-arm64" --platform linux/arm64 -f Kubefile | |
| sudo sealos build -t "${REPO}:latest-arm64" --platform linux/arm64 -f Kubefile | |
| # Build for Aliyun if enabled | |
| if [[ -n "${ALIYUN_REPO}" ]]; then | |
| # delete old registry cache | |
| sudo rm -rf registry | |
| sudo rm -rf tars | |
| sudo bash init.sh amd64 | |
| sudo sealos build -t "${ALIYUN_REPO}:${TAG_NAME}-amd64" --platform linux/amd64 -f Kubefile | |
| sudo sealos build -t "${ALIYUN_REPO}:latest-amd64" --platform linux/amd64 -f Kubefile | |
| # delete old registry cache | |
| sudo rm -rf registry | |
| sudo rm -rf tars | |
| sudo bash init.sh arm64 | |
| sudo sealos build -t "${ALIYUN_REPO}:${TAG_NAME}-arm64" --platform linux/arm64 -f Kubefile | |
| sudo sealos build -t "${ALIYUN_REPO}:latest-arm64" --platform linux/arm64 -f Kubefile | |
| fi | |
| - name: Manifest Cluster Images | |
| # if push to master, then patch images to ghcr.io | |
| env: | |
| OWNER: ${{ github.repository_owner }} | |
| REPO: ${{ steps.prepare.outputs.repo }} | |
| ALIYUN_REPO: ${{ steps.prepare.outputs.aliyun_repo }} | |
| TAG_NAME: ${{ steps.prepare.outputs.tag_name }} | |
| run: | | |
| sudo sealos images | |
| # Create manifests for GHCR | |
| bash scripts/manifest-cluster-images.sh "$REPO:$TAG_NAME" | |
| bash scripts/manifest-cluster-images.sh "$REPO:latest" | |
| # Create manifests for Aliyun if enabled | |
| if [[ -n "${ALIYUN_REPO}" ]]; then | |
| bash scripts/manifest-cluster-images.sh "$ALIYUN_REPO:$TAG_NAME" | |
| bash scripts/manifest-cluster-images.sh "$ALIYUN_REPO:latest" | |
| fi | |
| # todo: build multi-arch images |