fix credential vending document #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Docker Image | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| image: | ||
| type: choice | ||
| description: 'Choose the image to build' | ||
| required: true | ||
| default: 'gravitino' | ||
| options: | ||
| - 'gravitino' | ||
| - 'gravitino-ci:hive' | ||
| - 'gravitino-ci:kerberos-hive' | ||
| - 'gravitino-ci:trino' | ||
| - 'gravitino-ci:doris' | ||
| - 'gravitino-ci:ranger' | ||
| - 'gravitino-playground:trino' | ||
| - 'gravitino-playground:hive' | ||
| - 'gravitino-playground:ranger' | ||
| - 'gravitino-iceberg-rest-server' | ||
| version: | ||
| description: 'Docker version to apply to this image' | ||
| required: true | ||
| type: string | ||
| username: | ||
| description: 'Docker username' | ||
| required: true | ||
| type: string | ||
| token: | ||
| description: 'Publish Docker token' | ||
| required: true | ||
| type: string | ||
| latest: | ||
| description: 'whether publish the image to docker latest tag, only used for offical release, don't use it for RC' | ||
| required: false | ||
| type: boolean | ||
| default: false | ||
| jobs: | ||
| publish-docker-image: | ||
| runs-on: ubuntu-latest | ||
| timeout-minutes: 120 | ||
| env: | ||
| input_token: ${{ github.event.inputs.token }} | ||
| secrets_token: ${{ secrets.PUBLISH_DOCKER_TOKEN }} | ||
| steps: | ||
| - name: Set environment variables | ||
| run: | | ||
| if [ "${{ github.event.inputs.image }}" == "gravitino-ci:hive" ]; then | ||
| echo "image_type=hive" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino-ci" >> $GITHUB_ENV | ||
| echo "tag_name=hive" >> $GITHUB_ENV | ||
| elif [ "${{ github.event.inputs.image }}" == "gravitino-ci:kerberos-hive" ]; then | ||
| echo "image_type=kerberos-hive" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino-ci" >> $GITHUB_ENV | ||
| echo "tag_name=kerberos-hive" >> $GITHUB_ENV | ||
| elif [ "${{ github.event.inputs.image }}" == "gravitino-ci:trino" ]; then | ||
| echo "image_type=trino" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino-ci" >> $GITHUB_ENV | ||
| echo "tag_name=trino" >> $GITHUB_ENV | ||
| elif [ "${{ github.event.inputs.image }}" == "gravitino-ci:doris" ]; then | ||
| echo "image_type=doris" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino-ci" >> $GITHUB_ENV | ||
| echo "tag_name=doris" >> $GITHUB_ENV | ||
| elif [ "${{ github.event.inputs.image }}" == "gravitino-ci:ranger" ]; then | ||
| echo "image_type=ranger" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino-ci" >> $GITHUB_ENV | ||
| echo "tag_name=ranger" >> $GITHUB_ENV | ||
| elif [ "${{ github.event.inputs.image }}" == "gravitino" ]; then | ||
| echo "image_type=gravitino" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino" >> $GITHUB_ENV | ||
| # `apache/gravitino` is the default image name, didn't need to tag alias name | ||
| elif [ "${{ github.event.inputs.image }}" == "gravitino-playground:trino" ]; then | ||
| echo "image_type=trino" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino-playground" >> $GITHUB_ENV | ||
| echo "tag_name=trino" >> $GITHUB_ENV | ||
| elif [ "${{ github.event.inputs.image }}" == "gravitino-playground:hive" ]; then | ||
| echo "image_type=hive" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino-playground" >> $GITHUB_ENV | ||
| echo "tag_name=hive" >> $GITHUB_ENV | ||
| elif [ "${{ github.event.inputs.image }}" == "gravitino-playground:ranger" ]; then | ||
| echo "image_type=ranger" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino-playground" >> $GITHUB_ENV | ||
| echo "tag_name=ranger" >> $GITHUB_ENV | ||
| elif [ "${{ github.event.inputs.image }}" == "gravitino-iceberg-rest-server" ]; then | ||
| echo "image_type=iceberg-rest-server" >> $GITHUB_ENV | ||
| echo "image_name=apache/gravitino-iceberg-rest" >> $GITHUB_ENV | ||
| fi | ||
| - name: Check publish Docker token | ||
| run: | | ||
| if [[ "${secrets_token}" != "${input_token}" ]]; then | ||
| echo "You have entered an incorrect token. Please re-enter it." | ||
| exit 1 | ||
| fi | ||
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@v2 | ||
| - name: Login to Docker Hub | ||
| uses: docker/login-action@v2 | ||
| with: | ||
| username: ${{ github.event.inputs.username }} | ||
| password: ${{ secrets.DOCKER_REPOSITORY_PASSWORD }} | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v2 | ||
| - uses: actions/checkout@v3 | ||
| - uses: actions/setup-java@v3 | ||
| with: | ||
| java-version: '8' | ||
| distribution: 'temurin' | ||
| - name: Build and Push the Docker image | ||
| run: | | ||
| sudo rm -rf /usr/local/lib/android | ||
| sudo rm -rf /opt/hostedtoolcache/CodeQL | ||
| if [[ "${image_type}" == "gravitino" || "${image_type}" == "iceberg-rest-server" || "${{ github.event.inputs.latest }}" == "true" ]]; then | ||
| echo "latest" | ||
| #./dev/docker/build-docker.sh --platform all --type ${image_type} --image ${image_name} --tag ${{ github.event.inputs.version }} --latest | ||
| else | ||
| echo "not latest" | ||
| #./dev/docker/build-docker.sh --platform all --type ${image_type} --image ${image_name} --tag "${tag_name}-${{ github.event.inputs.version }}" | ||
| fi | ||
