Sync Upstream Images #156
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Sync Upstream Images | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 0 * * *' | |
| jobs: | |
| matrix: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| upstream_images: ${{ steps.matrix.outputs.result }} | |
| destination_images: ${{ steps.destinations.outputs.result }} | |
| sizes: ${{ steps.sizes.outputs.result }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: matrix all | |
| uses: mikefarah/[email protected] | |
| id: matrix | |
| with: | |
| cmd: yq -o=json '.upstream_images' 'benchmark/sources.yaml' | |
| - name: matrix destinations | |
| uses: mikefarah/[email protected] | |
| id: destinations | |
| with: | |
| cmd: yq -o=json '[.upstream_images[].destination]' 'benchmark/sources.yaml' | |
| - name: matrix sizes | |
| uses: mikefarah/[email protected] | |
| id: sizes | |
| with: | |
| cmd: yq -o=json '.sizes' 'benchmark/sources.yaml' | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| build-profile: 'lto' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions-rust-lang/setup-rust-toolchain@v1 | |
| with: | |
| cache-on-failure: 'false' | |
| rustflags: '-C target-cpu=native' | |
| - name: Run sccache-cache | |
| uses: mozilla-actions/[email protected] | |
| - name: Build | |
| run: cargo build --profile=${{ env.build-profile }} -F perf | |
| env: | |
| SCCACHE_GHA_ENABLED: "true" | |
| RUSTC_WRAPPER: "sccache" | |
| - name: Size | |
| run: du -hs target/${{ env.build-profile }}/docker-repack | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: cli | |
| path: target/${{ env.build-profile }}/docker-repack* | |
| retention-days: 1 | |
| if-no-files-found: error | |
| sync-original-images: | |
| runs-on: ubuntu-latest | |
| needs: [ matrix ] | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: ${{ fromJSON(needs.matrix.outputs.upstream_images) }} | |
| concurrency: | |
| group: "sync-${{ matrix.upstream_image }}" | |
| cancel-in-progress: false | |
| steps: | |
| - name: install skopeo | |
| uses: jaxxstorm/action-install-gh-release@v1 | |
| with: | |
| repo: lework/skopeo-binary | |
| tag: v1.16.1 | |
| cache: true | |
| extension-matching: disable | |
| rename-to: skopeo | |
| chmod: 0755 | |
| - name: "Skopeo authenticate ghcr.io" | |
| run: skopeo login --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} ghcr.io | |
| - name: "Skopeo authenticate dockerhub" | |
| run: skopeo login --username ${{ secrets.DOCKER_HUB_USER }} --password ${{ secrets.DOCKER_HUB_PAT }} docker.io | |
| - name: Download image | |
| run: skopeo copy --all --image-parallel-copies=40 --retry-times=3 "${{ env.source }}" "${{ env.dest }}" | |
| env: | |
| source: docker://${{ matrix.upstream_image }} | |
| dest: oci:image | |
| - name: Upload image - ghcri | |
| run: skopeo copy --all --retry-times=3 --image-parallel-copies=1 "${{ env.source }}" "${{ env.dest }}" | |
| env: | |
| source: oci:image | |
| dest: docker://ghcr.io/${{ github.repository }}/demo:${{ matrix.destination }}-original | |
| - name: Upload image - dockerhub | |
| run: skopeo copy --all --retry-times=3 --image-parallel-copies=1 "${{ env.source }}" "${{ env.dest }}" | |
| shell: bash | |
| env: | |
| source: oci:image | |
| dest: docker://docker.io/orfal/docker-repack-demo:${{ matrix.destination }}-original | |
| - run: skopeo inspect oci:image > manifest-${{ matrix.destination }}-original.json | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: manifest-${{ matrix.destination }}-original | |
| path: manifest-${{ matrix.destination }}-original.json | |
| retention-days: 1 | |
| if-no-files-found: error | |
| repack-image: | |
| runs-on: ubuntu-latest | |
| needs: [ sync-original-images, matrix, build ] | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| image: ${{ fromJSON(needs.matrix.outputs.destination_images) }} | |
| target_size: ${{ fromJSON(needs.matrix.outputs.sizes) }} | |
| concurrency: | |
| group: "push-${{ matrix.image }}-${{ matrix.target_size }}" | |
| cancel-in-progress: false | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: cli | |
| - run: chmod +x docker-repack | |
| - run: ./docker-repack --version | |
| - name: Disk space before | |
| run: df -h | |
| - name: Maximize build space | |
| shell: bash | |
| run: | | |
| sudo rm -rf /usr/share/dotnet/* & | |
| sudo rm -rf /usr/local/lib/android/* & | |
| sudo rm -rf /opt/ghc/* & | |
| sudo rm -rf /opt/hostedtoolcache/CodeQL/* & | |
| sudo docker image prune --all --force & | |
| - name: Disk space after | |
| run: df -h | |
| - name: install skopeo | |
| uses: jaxxstorm/action-install-gh-release@v1 | |
| with: | |
| repo: lework/skopeo-binary | |
| tag: v1.16.1 | |
| cache: true | |
| extension-matching: disable | |
| rename-to: skopeo | |
| chmod: 0755 | |
| - name: "Skopeo authenticate ghcr.io" | |
| run: skopeo login --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} ghcr.io | |
| - name: "Skopeo authenticate dockerhub" | |
| run: skopeo login --username ${{ secrets.DOCKER_HUB_USER }} --password ${{ secrets.DOCKER_HUB_PAT }} docker.io | |
| - name: Download image - ghcr | |
| run: skopeo copy --all --image-parallel-copies=40 --retry-times=3 "${{ env.source }}" "${{ env.dest }}" | |
| shell: bash | |
| env: | |
| source: "docker://ghcr.io/${{ github.repository }}/demo:${{ matrix.image }}-original" | |
| dest: "oci:image" | |
| - name: Repack | |
| id: repack | |
| run: | | |
| ./docker-repack "oci://image" "oci://${{ env.output_dir }}" --target-size="${{ matrix.target_size }}" --platform="linux/{amd64,arm64}" --concurrency=4 | |
| echo "output-dir=${{ env.output_dir }}" >> $GITHUB_OUTPUT | |
| shell: bash | |
| env: | |
| output_dir: "oci/${{ matrix.target_size }}/" | |
| - name: Upload image - ghcr | |
| run: skopeo copy --all --image-parallel-copies=40 --retry-times=3 "${{ env.source }}" "${{ env.dest }}" | |
| shell: bash | |
| env: | |
| source: 'oci:${{ steps.repack.outputs.output-dir }}' | |
| dest: docker://ghcr.io/${{ github.repository }}/demo:${{ matrix.image }}-${{ matrix.target_size }} | |
| - name: Upload image - dockerhub | |
| run: skopeo copy --all --image-parallel-copies=40 --retry-times=3 "${{ env.source }}" "${{ env.dest }}" | |
| shell: bash | |
| env: | |
| source: 'oci:${{ steps.repack.outputs.output-dir }}' | |
| dest: docker://docker.io/orfal/docker-repack-demo:${{ matrix.image }}-${{ matrix.target_size }} | |
| - run: skopeo inspect oci:${{ steps.repack.outputs.output-dir }} > manifest-${{ matrix.image }}-${{ matrix.target_size }}.json | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: manifest-${{ matrix.image }}-${{ matrix.target_size }} | |
| path: manifest-${{ matrix.image }}-${{ matrix.target_size }}.json | |
| retention-days: 1 | |
| if-no-files-found: error | |
| create-artifact: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - repack-image | |
| - sync-original-images | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| merge-multiple: true | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: image-manifests | |
| path: manifest-*.json | |
| retention-days: 5 | |
| if-no-files-found: error |