mirror of
https://github.com/docker/build-push-action.git
synced 2024-11-25 09:40:56 -05:00
Merge pull request #800 from crazy-max/e2e-local
e2e: local harbor and nexus
This commit is contained in:
commit
70cc701b9c
6 changed files with 264 additions and 12 deletions
8
.github/e2e/harbor/env
vendored
Normal file
8
.github/e2e/harbor/env
vendored
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
REGISTRY_FQDN=localhost:8081
|
||||||
|
REGISTRY_USER=admin
|
||||||
|
REGISTRY_PASSWORD=Harbor12345
|
||||||
|
REGISTRY_SLUG=localhost:8081/test-docker-action/test-docker-action
|
||||||
|
|
||||||
|
HARBOR_HOST=localhost
|
||||||
|
HARBOR_PORT=8081
|
||||||
|
HARBOR_PROJECT=test-docker-action
|
79
.github/e2e/harbor/install.sh
vendored
Executable file
79
.github/e2e/harbor/install.sh
vendored
Executable file
|
@ -0,0 +1,79 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
: "${HARBOR_VERSION:=v2.7.0}"
|
||||||
|
: "${HARBOR_HOST:=localhost}"
|
||||||
|
: "${HARBOR_PORT:=49154}"
|
||||||
|
: "${REGISTRY_USER:=admin}"
|
||||||
|
: "${REGISTRY_PASSWORD:=Harbor12345}"
|
||||||
|
|
||||||
|
: "${HARBOR_PROJECT:=test-docker-action}"
|
||||||
|
|
||||||
|
project_post_data() {
|
||||||
|
cat <<EOF
|
||||||
|
{
|
||||||
|
"project_name": "$HARBOR_PROJECT",
|
||||||
|
"public": true
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
export TERM=xterm
|
||||||
|
|
||||||
|
# download
|
||||||
|
echo "::group::Downloading Harbor $HARBOR_VERSION"
|
||||||
|
(
|
||||||
|
cd /tmp
|
||||||
|
set -x
|
||||||
|
wget -q "https://github.com/goharbor/harbor/releases/download/${HARBOR_VERSION}/harbor-offline-installer-${HARBOR_VERSION}.tgz" -O harbor-online-installer.tgz
|
||||||
|
tar xvf harbor-online-installer.tgz
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
# config
|
||||||
|
echo "::group::Configuring Harbor"
|
||||||
|
(
|
||||||
|
cd /tmp/harbor
|
||||||
|
set -x
|
||||||
|
cp harbor.yml.tmpl harbor.yml
|
||||||
|
harborConfig="$(harborHost="$HARBOR_HOST" harborPort="$HARBOR_PORT" harborPwd="$REGISTRY_PASSWORD" yq --no-colors '.hostname = env(harborHost) | .http.port = env(harborPort) | .harbor_admin_password = env(harborPwd) | del(.https)' harbor.yml)"
|
||||||
|
tee harbor.yml <<<"$harborConfig" >/dev/null
|
||||||
|
yq --no-colors harbor.yml
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
# install and start
|
||||||
|
echo "::group::Installing Harbor"
|
||||||
|
(
|
||||||
|
cd /tmp/harbor
|
||||||
|
set -x
|
||||||
|
./install.sh
|
||||||
|
sleep 10
|
||||||
|
netstat -aptn
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
# compose config
|
||||||
|
echo "::group::Compose config"
|
||||||
|
(
|
||||||
|
cd /tmp/harbor
|
||||||
|
set -x
|
||||||
|
docker compose config
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
# create project
|
||||||
|
echo "::group::Creating project"
|
||||||
|
(
|
||||||
|
set -x
|
||||||
|
curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -X POST -H "Content-Type: application/json" -d "$(project_post_data)" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects"
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
# list projects
|
||||||
|
echo "::group::List projects"
|
||||||
|
(
|
||||||
|
set -x
|
||||||
|
curl --fail -s -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -H "Content-Type: application/json" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects" | jq
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
8
.github/e2e/nexus/docker-compose.yml
vendored
Normal file
8
.github/e2e/nexus/docker-compose.yml
vendored
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
services:
|
||||||
|
nexus:
|
||||||
|
image: sonatype/nexus3:${NEXUS_VERSION:-latest}
|
||||||
|
volumes:
|
||||||
|
- "./data:/nexus-data"
|
||||||
|
ports:
|
||||||
|
- "8081:8081"
|
||||||
|
- "8082:8082"
|
9
.github/e2e/nexus/env
vendored
Normal file
9
.github/e2e/nexus/env
vendored
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
REGISTRY_FQDN=localhost:8082
|
||||||
|
REGISTRY_USER=admin
|
||||||
|
REGISTRY_PASSWORD=Nexus12345
|
||||||
|
REGISTRY_SLUG=localhost:8082/test-docker-action
|
||||||
|
|
||||||
|
NEXUS_HOST=localhost
|
||||||
|
NEXUS_PORT=8081
|
||||||
|
NEXUS_REGISTRY_PORT=8082
|
||||||
|
NEXUS_REPO=test-docker-action
|
93
.github/e2e/nexus/install.sh
vendored
Executable file
93
.github/e2e/nexus/install.sh
vendored
Executable file
|
@ -0,0 +1,93 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
SCRIPT_DIR=$(cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd)
|
||||||
|
|
||||||
|
: "${NEXUS_VERSION:=3.47.1}"
|
||||||
|
: "${NEXUS_HOST:=localhost}"
|
||||||
|
: "${NEXUS_PORT:=8081}"
|
||||||
|
: "${NEXUS_REGISTRY_PORT:=8082}"
|
||||||
|
: "${REGISTRY_USER:=admin}"
|
||||||
|
: "${REGISTRY_PASSWORD:=Nexus12345}"
|
||||||
|
|
||||||
|
: "${NEXUS_REPO:=test-docker-action}"
|
||||||
|
|
||||||
|
createrepo_post_data() {
|
||||||
|
cat <<EOF
|
||||||
|
{
|
||||||
|
"name": "${NEXUS_REPO}",
|
||||||
|
"online": true,
|
||||||
|
"storage": {
|
||||||
|
"blobStoreName": "default",
|
||||||
|
"strictContentTypeValidation": true,
|
||||||
|
"writePolicy": "ALLOW"
|
||||||
|
},
|
||||||
|
"docker": {
|
||||||
|
"v1Enabled": false,
|
||||||
|
"forceBasicAuth": true,
|
||||||
|
"httpPort": ${NEXUS_REGISTRY_PORT},
|
||||||
|
"httpsPort": null,
|
||||||
|
"subdomain": null
|
||||||
|
}
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
export NEXUS_VERSION
|
||||||
|
|
||||||
|
mkdir -p /tmp/nexus/data
|
||||||
|
chown 200:200 /tmp/nexus/data
|
||||||
|
cp "${SCRIPT_DIR}/docker-compose.yml" /tmp/nexus/docker-compose.yml
|
||||||
|
|
||||||
|
echo "::group::Pulling Nexus $NEXUS_VERSION"
|
||||||
|
(
|
||||||
|
cd /tmp/nexus
|
||||||
|
set -x
|
||||||
|
docker compose pull
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
echo "::group::Compose config"
|
||||||
|
(
|
||||||
|
cd /tmp/nexus
|
||||||
|
set -x
|
||||||
|
docker compose config
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
echo "::group::Running Nexus"
|
||||||
|
(
|
||||||
|
cd /tmp/nexus
|
||||||
|
set -x
|
||||||
|
docker compose up -d
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
echo "::group::Running Nexus"
|
||||||
|
(
|
||||||
|
cd /tmp/nexus
|
||||||
|
set -x
|
||||||
|
docker compose up -d
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
echo "::group::Waiting for Nexus to be ready"
|
||||||
|
until $(curl --output /dev/null --silent --head --fail "http://$NEXUS_HOST:$NEXUS_PORT"); do
|
||||||
|
printf '.'
|
||||||
|
sleep 5
|
||||||
|
done
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
echo "::group::Change user's password"
|
||||||
|
(
|
||||||
|
set -x
|
||||||
|
curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$(cat /tmp/nexus/data/admin.password)" -X PUT -H 'Content-Type: text/plain' -d "$REGISTRY_PASSWORD" "http://$NEXUS_HOST:$NEXUS_PORT/service/rest/v1/security/users/$REGISTRY_USER/change-password"
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
echo "::group::Create Docker repository"
|
||||||
|
(
|
||||||
|
set -x
|
||||||
|
curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -X POST -H 'Content-Type: application/json' -d "$(createrepo_post_data)" "http://$NEXUS_HOST:$NEXUS_PORT/service/rest/v1/repositories/docker/hosted"
|
||||||
|
)
|
||||||
|
echo "::endgroup::"
|
79
.github/workflows/e2e.yml
vendored
79
.github/workflows/e2e.yml
vendored
|
@ -25,69 +25,124 @@ on:
|
||||||
env:
|
env:
|
||||||
BUILDX_VERSION: latest
|
BUILDX_VERSION: latest
|
||||||
BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1
|
BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1
|
||||||
|
HARBOR_VERSION: v2.7.0
|
||||||
|
NEXUS_VERSION: 3.47.1
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
docker:
|
build:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
fail-fast: false
|
||||||
matrix:
|
matrix:
|
||||||
include:
|
include:
|
||||||
-
|
-
|
||||||
|
name: Docker Hub
|
||||||
registry: ''
|
registry: ''
|
||||||
slug: ghactionstest/ghactionstest
|
slug: ghactionstest/ghactionstest
|
||||||
username_secret: DOCKERHUB_USERNAME
|
username_secret: DOCKERHUB_USERNAME
|
||||||
password_secret: DOCKERHUB_TOKEN
|
password_secret: DOCKERHUB_TOKEN
|
||||||
|
type: remote
|
||||||
-
|
-
|
||||||
|
name: GitHub
|
||||||
registry: ghcr.io
|
registry: ghcr.io
|
||||||
slug: ghcr.io/docker-ghactiontest/test
|
slug: ghcr.io/docker-ghactiontest/test
|
||||||
username_secret: GHCR_USERNAME
|
username_secret: GHCR_USERNAME
|
||||||
password_secret: GHCR_PAT
|
password_secret: GHCR_PAT
|
||||||
|
type: remote
|
||||||
-
|
-
|
||||||
|
name: GitLab
|
||||||
registry: registry.gitlab.com
|
registry: registry.gitlab.com
|
||||||
slug: registry.gitlab.com/test1716/test
|
slug: registry.gitlab.com/test1716/test
|
||||||
username_secret: GITLAB_USERNAME
|
username_secret: GITLAB_USERNAME
|
||||||
password_secret: GITLAB_TOKEN
|
password_secret: GITLAB_TOKEN
|
||||||
|
type: remote
|
||||||
-
|
-
|
||||||
|
name: AWS ECR
|
||||||
registry: 175142243308.dkr.ecr.us-east-2.amazonaws.com
|
registry: 175142243308.dkr.ecr.us-east-2.amazonaws.com
|
||||||
slug: 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action
|
slug: 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action
|
||||||
username_secret: AWS_ACCESS_KEY_ID
|
username_secret: AWS_ACCESS_KEY_ID
|
||||||
password_secret: AWS_SECRET_ACCESS_KEY
|
password_secret: AWS_SECRET_ACCESS_KEY
|
||||||
|
type: remote
|
||||||
-
|
-
|
||||||
|
name: AWS ECR Public
|
||||||
registry: public.ecr.aws
|
registry: public.ecr.aws
|
||||||
slug: public.ecr.aws/q3b5f1u4/test-docker-action
|
slug: public.ecr.aws/q3b5f1u4/test-docker-action
|
||||||
username_secret: AWS_ACCESS_KEY_ID
|
username_secret: AWS_ACCESS_KEY_ID
|
||||||
password_secret: AWS_SECRET_ACCESS_KEY
|
password_secret: AWS_SECRET_ACCESS_KEY
|
||||||
|
type: remote
|
||||||
-
|
-
|
||||||
|
name: Google Artifact Registry
|
||||||
registry: us-east4-docker.pkg.dev
|
registry: us-east4-docker.pkg.dev
|
||||||
slug: us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action
|
slug: us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action
|
||||||
username_secret: GAR_USERNAME
|
username_secret: GAR_USERNAME
|
||||||
password_secret: GAR_JSON_KEY
|
password_secret: GAR_JSON_KEY
|
||||||
|
type: remote
|
||||||
-
|
-
|
||||||
|
name: Google Container Registry
|
||||||
registry: gcr.io
|
registry: gcr.io
|
||||||
slug: gcr.io/sandbox-298914/test-docker-action
|
slug: gcr.io/sandbox-298914/test-docker-action
|
||||||
username_secret: GCR_USERNAME
|
username_secret: GCR_USERNAME
|
||||||
password_secret: GCR_JSON_KEY
|
password_secret: GCR_JSON_KEY
|
||||||
|
type: remote
|
||||||
-
|
-
|
||||||
|
name: Azure Container Registry
|
||||||
registry: officialgithubactions.azurecr.io
|
registry: officialgithubactions.azurecr.io
|
||||||
slug: officialgithubactions.azurecr.io/test-docker-action
|
slug: officialgithubactions.azurecr.io/test-docker-action
|
||||||
username_secret: AZURE_CLIENT_ID
|
username_secret: AZURE_CLIENT_ID
|
||||||
password_secret: AZURE_CLIENT_SECRET
|
password_secret: AZURE_CLIENT_SECRET
|
||||||
|
type: remote
|
||||||
-
|
-
|
||||||
|
name: Quay
|
||||||
registry: quay.io
|
registry: quay.io
|
||||||
slug: quay.io/crazymax/build-push-action
|
slug: quay.io/crazymax/build-push-action
|
||||||
username_secret: QUAY_USERNAME
|
username_secret: QUAY_USERNAME
|
||||||
password_secret: QUAY_TOKEN
|
password_secret: QUAY_TOKEN
|
||||||
|
type: remote
|
||||||
|
-
|
||||||
|
name: Harbor
|
||||||
|
id: harbor
|
||||||
|
type: local
|
||||||
|
-
|
||||||
|
name: Nexus
|
||||||
|
id: nexus
|
||||||
|
type: local
|
||||||
steps:
|
steps:
|
||||||
-
|
-
|
||||||
name: Checkout
|
name: Checkout
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
-
|
||||||
|
name: Set up env
|
||||||
|
if: matrix.type == 'local'
|
||||||
|
run: |
|
||||||
|
cat ./.github/e2e/${{ matrix.id }}/env >> $GITHUB_ENV
|
||||||
|
-
|
||||||
|
name: Set up BuildKit config
|
||||||
|
run: |
|
||||||
|
touch /tmp/buildkitd.toml
|
||||||
|
if [ "${{ matrix.type }}" = "local" ]; then
|
||||||
|
echo -e "[registry.\"${{ env.REGISTRY_FQDN }}\"]\nhttp = true\ninsecure = true" > /tmp/buildkitd.toml
|
||||||
|
fi
|
||||||
|
-
|
||||||
|
name: Set up Docker daemon
|
||||||
|
if: matrix.type == 'local'
|
||||||
|
run: |
|
||||||
|
if [ ! -e /etc/docker/daemon.json ]; then
|
||||||
|
echo '{}' | tee /etc/docker/daemon.json >/dev/null
|
||||||
|
fi
|
||||||
|
DOCKERD_CONFIG=$(jq '.+{"insecure-registries":["http://${{ env.REGISTRY_FQDN }}"]}' /etc/docker/daemon.json)
|
||||||
|
sudo tee /etc/docker/daemon.json <<<"$DOCKERD_CONFIG" >/dev/null
|
||||||
|
sudo service docker restart
|
||||||
|
-
|
||||||
|
name: Install ${{ matrix.name }}
|
||||||
|
if: matrix.type == 'local'
|
||||||
|
run: |
|
||||||
|
sudo -E bash ./.github/e2e/${{ matrix.id }}/install.sh
|
||||||
-
|
-
|
||||||
name: Docker meta
|
name: Docker meta
|
||||||
id: meta
|
id: meta
|
||||||
uses: docker/metadata-action@v4
|
uses: docker/metadata-action@v4
|
||||||
with:
|
with:
|
||||||
images: ${{ matrix.slug }}
|
images: ${{ env.REGISTRY_SLUG || matrix.slug }}
|
||||||
tags: |
|
tags: |
|
||||||
type=ref,event=branch
|
type=ref,event=branch
|
||||||
type=ref,event=tag
|
type=ref,event=tag
|
||||||
|
@ -100,17 +155,19 @@ jobs:
|
||||||
uses: docker/setup-buildx-action@v2
|
uses: docker/setup-buildx-action@v2
|
||||||
with:
|
with:
|
||||||
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
|
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
|
||||||
buildkitd-flags: --debug
|
config: /tmp/buildkitd.toml
|
||||||
|
buildkitd-flags: --debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
|
||||||
driver-opts: |
|
driver-opts: |
|
||||||
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
|
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
|
||||||
|
network=host
|
||||||
-
|
-
|
||||||
name: Login to Registry
|
name: Login to Registry
|
||||||
if: github.event_name != 'pull_request'
|
if: github.event_name != 'pull_request'
|
||||||
uses: docker/login-action@v2
|
uses: docker/login-action@v2
|
||||||
with:
|
with:
|
||||||
registry: ${{ matrix.registry }}
|
registry: ${{ env.REGISTRY_FQDN || matrix.registry }}
|
||||||
username: ${{ secrets[matrix.username_secret] }}
|
username: ${{ env.REGISTRY_USER || secrets[matrix.username_secret] }}
|
||||||
password: ${{ secrets[matrix.password_secret] }}
|
password: ${{ env.REGISTRY_PASSWORD || secrets[matrix.password_secret] }}
|
||||||
-
|
-
|
||||||
name: Build and push
|
name: Build and push
|
||||||
uses: ./
|
uses: ./
|
||||||
|
@ -121,16 +178,14 @@ jobs:
|
||||||
push: ${{ github.event_name != 'pull_request' }}
|
push: ${{ github.event_name != 'pull_request' }}
|
||||||
tags: ${{ steps.meta.outputs.tags }}
|
tags: ${{ steps.meta.outputs.tags }}
|
||||||
labels: ${{ steps.meta.outputs.labels }}
|
labels: ${{ steps.meta.outputs.labels }}
|
||||||
cache-from: type=registry,ref=${{ matrix.slug }}:master
|
cache-from: type=registry,ref=${{ env.REGISTRY_SLUG || matrix.slug }}:master
|
||||||
cache-to: type=inline
|
cache-to: type=inline
|
||||||
-
|
-
|
||||||
name: Inspect image
|
name: Inspect image
|
||||||
if: github.event_name != 'pull_request'
|
|
||||||
run: |
|
run: |
|
||||||
docker pull ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
|
docker pull ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }}
|
||||||
docker image inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
|
docker image inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }}
|
||||||
-
|
-
|
||||||
name: Check manifest
|
name: Check manifest
|
||||||
if: github.event_name != 'pull_request'
|
|
||||||
run: |
|
run: |
|
||||||
docker buildx imagetools inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }} --format '{{json .}}'
|
docker buildx imagetools inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }} --format '{{json .}}'
|
||||||
|
|
Loading…
Reference in a new issue