mirror of
https://github.com/docker/build-push-action.git
synced 2024-12-24 07:42:14 -05:00
Merge pull request #800 from crazy-max/e2e-local
e2e: local harbor and nexus
This commit is contained in:
commit
70cc701b9c
6 changed files with 264 additions and 12 deletions
8
.github/e2e/harbor/env
vendored
Normal file
8
.github/e2e/harbor/env
vendored
Normal file
|
@ -0,0 +1,8 @@
|
|||
REGISTRY_FQDN=localhost:8081
|
||||
REGISTRY_USER=admin
|
||||
REGISTRY_PASSWORD=Harbor12345
|
||||
REGISTRY_SLUG=localhost:8081/test-docker-action/test-docker-action
|
||||
|
||||
HARBOR_HOST=localhost
|
||||
HARBOR_PORT=8081
|
||||
HARBOR_PROJECT=test-docker-action
|
79
.github/e2e/harbor/install.sh
vendored
Executable file
79
.github/e2e/harbor/install.sh
vendored
Executable file
|
@ -0,0 +1,79 @@
|
|||
#!/usr/bin/env bash
|
||||
set -eu
|
||||
|
||||
: "${HARBOR_VERSION:=v2.7.0}"
|
||||
: "${HARBOR_HOST:=localhost}"
|
||||
: "${HARBOR_PORT:=49154}"
|
||||
: "${REGISTRY_USER:=admin}"
|
||||
: "${REGISTRY_PASSWORD:=Harbor12345}"
|
||||
|
||||
: "${HARBOR_PROJECT:=test-docker-action}"
|
||||
|
||||
project_post_data() {
|
||||
cat <<EOF
|
||||
{
|
||||
"project_name": "$HARBOR_PROJECT",
|
||||
"public": true
|
||||
}
|
||||
EOF
|
||||
}
|
||||
|
||||
export TERM=xterm
|
||||
|
||||
# download
|
||||
echo "::group::Downloading Harbor $HARBOR_VERSION"
|
||||
(
|
||||
cd /tmp
|
||||
set -x
|
||||
wget -q "https://github.com/goharbor/harbor/releases/download/${HARBOR_VERSION}/harbor-offline-installer-${HARBOR_VERSION}.tgz" -O harbor-online-installer.tgz
|
||||
tar xvf harbor-online-installer.tgz
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
# config
|
||||
echo "::group::Configuring Harbor"
|
||||
(
|
||||
cd /tmp/harbor
|
||||
set -x
|
||||
cp harbor.yml.tmpl harbor.yml
|
||||
harborConfig="$(harborHost="$HARBOR_HOST" harborPort="$HARBOR_PORT" harborPwd="$REGISTRY_PASSWORD" yq --no-colors '.hostname = env(harborHost) | .http.port = env(harborPort) | .harbor_admin_password = env(harborPwd) | del(.https)' harbor.yml)"
|
||||
tee harbor.yml <<<"$harborConfig" >/dev/null
|
||||
yq --no-colors harbor.yml
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
# install and start
|
||||
echo "::group::Installing Harbor"
|
||||
(
|
||||
cd /tmp/harbor
|
||||
set -x
|
||||
./install.sh
|
||||
sleep 10
|
||||
netstat -aptn
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
# compose config
|
||||
echo "::group::Compose config"
|
||||
(
|
||||
cd /tmp/harbor
|
||||
set -x
|
||||
docker compose config
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
# create project
|
||||
echo "::group::Creating project"
|
||||
(
|
||||
set -x
|
||||
curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -X POST -H "Content-Type: application/json" -d "$(project_post_data)" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects"
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
# list projects
|
||||
echo "::group::List projects"
|
||||
(
|
||||
set -x
|
||||
curl --fail -s -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -H "Content-Type: application/json" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects" | jq
|
||||
)
|
||||
echo "::endgroup::"
|
8
.github/e2e/nexus/docker-compose.yml
vendored
Normal file
8
.github/e2e/nexus/docker-compose.yml
vendored
Normal file
|
@ -0,0 +1,8 @@
|
|||
services:
|
||||
nexus:
|
||||
image: sonatype/nexus3:${NEXUS_VERSION:-latest}
|
||||
volumes:
|
||||
- "./data:/nexus-data"
|
||||
ports:
|
||||
- "8081:8081"
|
||||
- "8082:8082"
|
9
.github/e2e/nexus/env
vendored
Normal file
9
.github/e2e/nexus/env
vendored
Normal file
|
@ -0,0 +1,9 @@
|
|||
REGISTRY_FQDN=localhost:8082
|
||||
REGISTRY_USER=admin
|
||||
REGISTRY_PASSWORD=Nexus12345
|
||||
REGISTRY_SLUG=localhost:8082/test-docker-action
|
||||
|
||||
NEXUS_HOST=localhost
|
||||
NEXUS_PORT=8081
|
||||
NEXUS_REGISTRY_PORT=8082
|
||||
NEXUS_REPO=test-docker-action
|
93
.github/e2e/nexus/install.sh
vendored
Executable file
93
.github/e2e/nexus/install.sh
vendored
Executable file
|
@ -0,0 +1,93 @@
|
|||
#!/usr/bin/env bash
|
||||
set -eu
|
||||
|
||||
SCRIPT_DIR=$(cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd)
|
||||
|
||||
: "${NEXUS_VERSION:=3.47.1}"
|
||||
: "${NEXUS_HOST:=localhost}"
|
||||
: "${NEXUS_PORT:=8081}"
|
||||
: "${NEXUS_REGISTRY_PORT:=8082}"
|
||||
: "${REGISTRY_USER:=admin}"
|
||||
: "${REGISTRY_PASSWORD:=Nexus12345}"
|
||||
|
||||
: "${NEXUS_REPO:=test-docker-action}"
|
||||
|
||||
createrepo_post_data() {
|
||||
cat <<EOF
|
||||
{
|
||||
"name": "${NEXUS_REPO}",
|
||||
"online": true,
|
||||
"storage": {
|
||||
"blobStoreName": "default",
|
||||
"strictContentTypeValidation": true,
|
||||
"writePolicy": "ALLOW"
|
||||
},
|
||||
"docker": {
|
||||
"v1Enabled": false,
|
||||
"forceBasicAuth": true,
|
||||
"httpPort": ${NEXUS_REGISTRY_PORT},
|
||||
"httpsPort": null,
|
||||
"subdomain": null
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
|
||||
export NEXUS_VERSION
|
||||
|
||||
mkdir -p /tmp/nexus/data
|
||||
chown 200:200 /tmp/nexus/data
|
||||
cp "${SCRIPT_DIR}/docker-compose.yml" /tmp/nexus/docker-compose.yml
|
||||
|
||||
echo "::group::Pulling Nexus $NEXUS_VERSION"
|
||||
(
|
||||
cd /tmp/nexus
|
||||
set -x
|
||||
docker compose pull
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
echo "::group::Compose config"
|
||||
(
|
||||
cd /tmp/nexus
|
||||
set -x
|
||||
docker compose config
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
echo "::group::Running Nexus"
|
||||
(
|
||||
cd /tmp/nexus
|
||||
set -x
|
||||
docker compose up -d
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
echo "::group::Running Nexus"
|
||||
(
|
||||
cd /tmp/nexus
|
||||
set -x
|
||||
docker compose up -d
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
echo "::group::Waiting for Nexus to be ready"
|
||||
until $(curl --output /dev/null --silent --head --fail "http://$NEXUS_HOST:$NEXUS_PORT"); do
|
||||
printf '.'
|
||||
sleep 5
|
||||
done
|
||||
echo "::endgroup::"
|
||||
|
||||
echo "::group::Change user's password"
|
||||
(
|
||||
set -x
|
||||
curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$(cat /tmp/nexus/data/admin.password)" -X PUT -H 'Content-Type: text/plain' -d "$REGISTRY_PASSWORD" "http://$NEXUS_HOST:$NEXUS_PORT/service/rest/v1/security/users/$REGISTRY_USER/change-password"
|
||||
)
|
||||
echo "::endgroup::"
|
||||
|
||||
echo "::group::Create Docker repository"
|
||||
(
|
||||
set -x
|
||||
curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -X POST -H 'Content-Type: application/json' -d "$(createrepo_post_data)" "http://$NEXUS_HOST:$NEXUS_PORT/service/rest/v1/repositories/docker/hosted"
|
||||
)
|
||||
echo "::endgroup::"
|
79
.github/workflows/e2e.yml
vendored
79
.github/workflows/e2e.yml
vendored
|
@ -25,69 +25,124 @@ on:
|
|||
env:
|
||||
BUILDX_VERSION: latest
|
||||
BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1
|
||||
HARBOR_VERSION: v2.7.0
|
||||
NEXUS_VERSION: 3.47.1
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
include:
|
||||
-
|
||||
name: Docker Hub
|
||||
registry: ''
|
||||
slug: ghactionstest/ghactionstest
|
||||
username_secret: DOCKERHUB_USERNAME
|
||||
password_secret: DOCKERHUB_TOKEN
|
||||
type: remote
|
||||
-
|
||||
name: GitHub
|
||||
registry: ghcr.io
|
||||
slug: ghcr.io/docker-ghactiontest/test
|
||||
username_secret: GHCR_USERNAME
|
||||
password_secret: GHCR_PAT
|
||||
type: remote
|
||||
-
|
||||
name: GitLab
|
||||
registry: registry.gitlab.com
|
||||
slug: registry.gitlab.com/test1716/test
|
||||
username_secret: GITLAB_USERNAME
|
||||
password_secret: GITLAB_TOKEN
|
||||
type: remote
|
||||
-
|
||||
name: AWS ECR
|
||||
registry: 175142243308.dkr.ecr.us-east-2.amazonaws.com
|
||||
slug: 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action
|
||||
username_secret: AWS_ACCESS_KEY_ID
|
||||
password_secret: AWS_SECRET_ACCESS_KEY
|
||||
type: remote
|
||||
-
|
||||
name: AWS ECR Public
|
||||
registry: public.ecr.aws
|
||||
slug: public.ecr.aws/q3b5f1u4/test-docker-action
|
||||
username_secret: AWS_ACCESS_KEY_ID
|
||||
password_secret: AWS_SECRET_ACCESS_KEY
|
||||
type: remote
|
||||
-
|
||||
name: Google Artifact Registry
|
||||
registry: us-east4-docker.pkg.dev
|
||||
slug: us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action
|
||||
username_secret: GAR_USERNAME
|
||||
password_secret: GAR_JSON_KEY
|
||||
type: remote
|
||||
-
|
||||
name: Google Container Registry
|
||||
registry: gcr.io
|
||||
slug: gcr.io/sandbox-298914/test-docker-action
|
||||
username_secret: GCR_USERNAME
|
||||
password_secret: GCR_JSON_KEY
|
||||
type: remote
|
||||
-
|
||||
name: Azure Container Registry
|
||||
registry: officialgithubactions.azurecr.io
|
||||
slug: officialgithubactions.azurecr.io/test-docker-action
|
||||
username_secret: AZURE_CLIENT_ID
|
||||
password_secret: AZURE_CLIENT_SECRET
|
||||
type: remote
|
||||
-
|
||||
name: Quay
|
||||
registry: quay.io
|
||||
slug: quay.io/crazymax/build-push-action
|
||||
username_secret: QUAY_USERNAME
|
||||
password_secret: QUAY_TOKEN
|
||||
type: remote
|
||||
-
|
||||
name: Harbor
|
||||
id: harbor
|
||||
type: local
|
||||
-
|
||||
name: Nexus
|
||||
id: nexus
|
||||
type: local
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up env
|
||||
if: matrix.type == 'local'
|
||||
run: |
|
||||
cat ./.github/e2e/${{ matrix.id }}/env >> $GITHUB_ENV
|
||||
-
|
||||
name: Set up BuildKit config
|
||||
run: |
|
||||
touch /tmp/buildkitd.toml
|
||||
if [ "${{ matrix.type }}" = "local" ]; then
|
||||
echo -e "[registry.\"${{ env.REGISTRY_FQDN }}\"]\nhttp = true\ninsecure = true" > /tmp/buildkitd.toml
|
||||
fi
|
||||
-
|
||||
name: Set up Docker daemon
|
||||
if: matrix.type == 'local'
|
||||
run: |
|
||||
if [ ! -e /etc/docker/daemon.json ]; then
|
||||
echo '{}' | tee /etc/docker/daemon.json >/dev/null
|
||||
fi
|
||||
DOCKERD_CONFIG=$(jq '.+{"insecure-registries":["http://${{ env.REGISTRY_FQDN }}"]}' /etc/docker/daemon.json)
|
||||
sudo tee /etc/docker/daemon.json <<<"$DOCKERD_CONFIG" >/dev/null
|
||||
sudo service docker restart
|
||||
-
|
||||
name: Install ${{ matrix.name }}
|
||||
if: matrix.type == 'local'
|
||||
run: |
|
||||
sudo -E bash ./.github/e2e/${{ matrix.id }}/install.sh
|
||||
-
|
||||
name: Docker meta
|
||||
id: meta
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: ${{ matrix.slug }}
|
||||
images: ${{ env.REGISTRY_SLUG || matrix.slug }}
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=ref,event=tag
|
||||
|
@ -100,17 +155,19 @@ jobs:
|
|||
uses: docker/setup-buildx-action@v2
|
||||
with:
|
||||
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
|
||||
buildkitd-flags: --debug
|
||||
config: /tmp/buildkitd.toml
|
||||
buildkitd-flags: --debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
|
||||
driver-opts: |
|
||||
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
|
||||
network=host
|
||||
-
|
||||
name: Login to Registry
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ${{ matrix.registry }}
|
||||
username: ${{ secrets[matrix.username_secret] }}
|
||||
password: ${{ secrets[matrix.password_secret] }}
|
||||
registry: ${{ env.REGISTRY_FQDN || matrix.registry }}
|
||||
username: ${{ env.REGISTRY_USER || secrets[matrix.username_secret] }}
|
||||
password: ${{ env.REGISTRY_PASSWORD || secrets[matrix.password_secret] }}
|
||||
-
|
||||
name: Build and push
|
||||
uses: ./
|
||||
|
@ -121,16 +178,14 @@ jobs:
|
|||
push: ${{ github.event_name != 'pull_request' }}
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
cache-from: type=registry,ref=${{ matrix.slug }}:master
|
||||
cache-from: type=registry,ref=${{ env.REGISTRY_SLUG || matrix.slug }}:master
|
||||
cache-to: type=inline
|
||||
-
|
||||
name: Inspect image
|
||||
if: github.event_name != 'pull_request'
|
||||
run: |
|
||||
docker pull ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
|
||||
docker image inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
|
||||
docker pull ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }}
|
||||
docker image inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }}
|
||||
-
|
||||
name: Check manifest
|
||||
if: github.event_name != 'pull_request'
|
||||
run: |
|
||||
docker buildx imagetools inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }} --format '{{json .}}'
|
||||
docker buildx imagetools inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }} --format '{{json .}}'
|
||||
|
|
Loading…
Reference in a new issue