Skip to content

Commit 7ffa7d0

Browse files
crazy-maxcrazy-max
committed
opt to merge output for multi-platforms build into a single artifact
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
1 parent cf2bccf commit 7ffa7d0

File tree

6 files changed

+105
-17
lines changed

6 files changed

+105
-17
lines changed

.github/workflows/.test-bake.yml

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -543,3 +543,33 @@ jobs:
543543
- registry: registry-1-stage.docker.io
544544
username: ${{ vars.DOCKERHUB_STAGE_USERNAME }}
545545
password: ${{ secrets.DOCKERHUB_STAGE_TOKEN }}
546+
547+
bake-local-nomerge:
548+
uses: ./.github/workflows/bake.yml
549+
permissions:
550+
contents: read
551+
id-token: write
552+
with:
553+
artifact-name: bake-nomerge-output
554+
artifact-upload: true
555+
artifact-merge: false
556+
context: test
557+
output: local
558+
sbom: true
559+
sign: ${{ github.event_name != 'pull_request' }}
560+
target: hello-cross
561+
562+
bake-local-single-nomerge:
563+
uses: ./.github/workflows/bake.yml
564+
permissions:
565+
contents: read
566+
id-token: write
567+
with:
568+
artifact-name: bake-single-nomerge-output
569+
artifact-upload: true
570+
artifact-merge: false
571+
context: test
572+
output: local
573+
sbom: true
574+
sign: ${{ github.event_name != 'pull_request' }}
575+
target: hello

.github/workflows/.test-build.yml

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -574,3 +574,32 @@ jobs:
574574
- registry: registry-1-stage.docker.io
575575
username: ${{ vars.DOCKERHUB_STAGE_USERNAME }}
576576
password: ${{ secrets.DOCKERHUB_STAGE_TOKEN }}
577+
578+
build-local-nomerge:
579+
uses: ./.github/workflows/build.yml
580+
permissions:
581+
contents: read
582+
id-token: write
583+
with:
584+
artifact-name: build-nomerge-output
585+
artifact-upload: true
586+
artifact-merge: false
587+
file: test/hello.Dockerfile
588+
output: local
589+
platforms: linux/amd64,linux/arm64
590+
sbom: true
591+
sign: ${{ github.event_name != 'pull_request' }}
592+
593+
build-local-single-nomerge:
594+
uses: ./.github/workflows/build.yml
595+
permissions:
596+
contents: read
597+
id-token: write
598+
with:
599+
artifact-name: build-single-nomerge-output
600+
artifact-upload: true
601+
artifact-merge: false
602+
file: test/hello.Dockerfile
603+
output: local
604+
sbom: true
605+
sign: ${{ github.event_name != 'pull_request' }}

.github/workflows/bake.yml

Lines changed: 19 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,11 @@ on:
2828
description: "Upload build output GitHub artifact (for local output)"
2929
required: false
3030
default: false
31+
artifact-merge:
32+
type: boolean
33+
description: "Merge output for multi-platforms build into a single artifact (for local output)"
34+
required: false
35+
default: true
3136
cache:
3237
type: boolean
3338
description: "Enable cache to GitHub Actions cache backend"
@@ -138,6 +143,9 @@ on:
138143
artifact-name:
139144
description: "Name of the uploaded artifact (for local output)"
140145
value: ${{ jobs.finalize.outputs.artifact-name }}
146+
artifact-merge:
147+
description: "Whether multiple artifacts were merged (for local output)"
148+
value: ${{ jobs.finalize.outputs.artifact-merge }}
141149
output-type:
142150
description: "Build output type"
143151
value: ${{ jobs.finalize.outputs.output-type }}
@@ -560,6 +568,7 @@ jobs:
560568
INPUT_PLATFORM: ${{ matrix.platform }}
561569
INPUT_SBOM-IMAGE: ${{ env.SBOM_IMAGE }}
562570
INPUT_LOCAL-EXPORT-DIR: ${{ env.LOCAL_EXPORT_DIR }}
571+
INPUT_ARTIFACT-MERGE: ${{ inputs.artifact-merge }}
563572
INPUT_CACHE: ${{ inputs.cache }}
564573
INPUT_CACHE-SCOPE: ${{ inputs.cache-scope }}
565574
INPUT_CACHE-MODE: ${{ inputs.cache-mode }}
@@ -587,10 +596,10 @@ jobs:
587596
588597
const inpPlatform = core.getInput('platform');
589598
const platformPairSuffix = inpPlatform ? `-${inpPlatform.replace(/\//g, '-')}` : '';
590-
core.setOutput('platform-pair-suffix', platformPairSuffix);
591599
592600
const inpSbomImage = core.getInput('sbom-image');
593601
const inpLocalExportDir = core.getInput('local-export-dir');
602+
const inpArtifactMerge = core.getBooleanInput('artifact-merge');
594603
595604
const inpCache = core.getBooleanInput('cache');
596605
const inpCacheScope = core.getInput('cache-scope');
@@ -617,6 +626,12 @@ jobs:
617626
core.setOutput('source', bakeSource);
618627
});
619628
629+
if (platformPairSuffix) {
630+
core.setOutput('artifact-suffix', platformPairSuffix);
631+
} else if (inpArtifactMerge) {
632+
core.setOutput('artifact-suffix', '0');
633+
}
634+
620635
const sbom = inpSbom ? `generator=${inpSbomImage}` : 'false';
621636
await core.group(`Set sbom`, async () => {
622637
core.info(sbom);
@@ -852,7 +867,7 @@ jobs:
852867
if: ${{ inputs.output == 'local' && inputs.artifact-upload }}
853868
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
854869
with:
855-
name: ${{ inputs.artifact-name }}${{ steps.prepare.outputs.platform-pair-suffix || '0' }}
870+
name: ${{ inputs.artifact-name }}${{ steps.prepare.outputs.artifact-suffix }}
856871
path: ${{ env.LOCAL_EXPORT_DIR }}
857872
if-no-files-found: error
858873
-
@@ -863,22 +878,17 @@ jobs:
863878
INPUT_INDEX: ${{ matrix.index }}
864879
INPUT_VERIFY-COMMANDS: ${{ steps.signing-attestation-manifests.outputs.verify-commands || steps.signing-local-artifacts.outputs.verify-commands }}
865880
INPUT_IMAGE-DIGEST: ${{ steps.get-image-digest.outputs.digest }}
866-
INPUT_ARTIFACT-NAME: ${{ inputs.artifact-name }}${{ steps.prepare.outputs.platform-pair-suffix }}
867-
INPUT_ARTIFACT-UPLOAD: ${{ inputs.artifact-upload }}
868881
INPUT_SIGNED: ${{ needs.prepare.outputs.sign }}
869882
with:
870883
script: |
871884
const inpIndex = core.getInput('index');
872885
const inpVerifyCommands = core.getInput('verify-commands');
873886
const inpImageDigest = core.getInput('image-digest');
874-
const inpArtifactName = core.getInput('artifact-name');
875-
const inpArtifactUpload = core.getBooleanInput('artifact-upload');
876887
const inpSigned = core.getBooleanInput('signed');
877888
878889
const result = {
879890
verifyCommands: inpVerifyCommands,
880891
imageDigest: inpImageDigest,
881-
artifactName: inpArtifactUpload ? inpArtifactName : '',
882892
signed: inpSigned
883893
}
884894
core.info(JSON.stringify(result, null, 2));
@@ -892,6 +902,7 @@ jobs:
892902
cosign-version: ${{ env.COSIGN_VERSION }}
893903
cosign-verify-commands: ${{ steps.set.outputs.cosign-verify-commands }}
894904
artifact-name: ${{ inputs.artifact-upload && inputs.artifact-name || '' }}
905+
artifact-merge: ${{ inputs.artifact-merge }}
895906
output-type: ${{ inputs.output }}
896907
signed: ${{ needs.prepare.outputs.sign }}
897908
needs:
@@ -973,7 +984,7 @@ jobs:
973984
}
974985
-
975986
name: Merge artifacts
976-
if: ${{ inputs.output == 'local' && inputs.artifact-upload }}
987+
if: ${{ inputs.output == 'local' && inputs.artifact-upload && inputs.artifact-merge }}
977988
uses: actions/upload-artifact/merge@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
978989
with:
979990
name: ${{ inputs.artifact-name }}

.github/workflows/build.yml

Lines changed: 19 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,11 @@ on:
2828
description: "Upload build output GitHub artifact (for local output)"
2929
required: false
3030
default: false
31+
artifact-merge:
32+
type: boolean
33+
description: "Merge output for multi-platforms build into a single artifact (for local output)"
34+
required: false
35+
default: true
3136
annotations:
3237
type: string
3338
description: "List of annotations to set to the image (for image output)"
@@ -141,6 +146,9 @@ on:
141146
artifact-name:
142147
description: "Name of the uploaded artifact (for local output)"
143148
value: ${{ jobs.finalize.outputs.artifact-name }}
149+
artifact-merge:
150+
description: "Whether multiple artifacts were merged (for local output)"
151+
value: ${{ jobs.finalize.outputs.artifact-merge }}
144152
output-type:
145153
description: "Build output type"
146154
value: ${{ jobs.finalize.outputs.output-type }}
@@ -497,6 +505,7 @@ jobs:
497505
INPUT_SBOM-IMAGE: ${{ env.SBOM_IMAGE }}
498506
INPUT_LOCAL-EXPORT-DIR: ${{ env.LOCAL_EXPORT_DIR }}
499507
INPUT_DISTRIBUTE: ${{ inputs.distribute }}
508+
INPUT_ARTIFACT-MERGE: ${{ inputs.artifact-merge }}
500509
INPUT_ANNOTATIONS: ${{ inputs.annotations }}
501510
INPUT_CACHE: ${{ inputs.cache }}
502511
INPUT_CACHE-SCOPE: ${{ inputs.cache-scope }}
@@ -519,11 +528,11 @@ jobs:
519528
520529
const inpPlatform = core.getInput('platform');
521530
const platformPairSuffix = inpPlatform ? `-${inpPlatform.replace(/\//g, '-')}` : '';
522-
core.setOutput('platform-pair-suffix', platformPairSuffix);
523531
524532
const inpSbomImage = core.getInput('sbom-image');
525533
const inpLocalExportDir = core.getInput('local-export-dir');
526534
const inpDistribute = core.getBooleanInput('distribute');
535+
const inpArtifactMerge = core.getBooleanInput('artifact-merge');
527536
528537
const inpAnnotations = core.getMultilineInput('annotations');
529538
const inpCache = core.getBooleanInput('cache');
@@ -546,6 +555,12 @@ jobs:
546555
const buildContext = `${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}.git#${process.env.GITHUB_REF}:${inpContext}`;
547556
core.setOutput('context', buildContext);
548557
558+
if (platformPairSuffix) {
559+
core.setOutput('artifact-suffix', platformPairSuffix);
560+
} else if (inpArtifactMerge) {
561+
core.setOutput('artifact-suffix', '0');
562+
}
563+
549564
switch (inpOutput) {
550565
case 'image':
551566
if (inpMetaImages.length == 0) {
@@ -717,7 +732,7 @@ jobs:
717732
if: ${{ inputs.output == 'local' && inputs.artifact-upload }}
718733
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
719734
with:
720-
name: ${{ inputs.artifact-name }}${{ steps.prepare.outputs.platform-pair-suffix || '0' }}
735+
name: ${{ inputs.artifact-name }}${{ steps.prepare.outputs.artifact-suffix }}
721736
path: ${{ env.LOCAL_EXPORT_DIR }}
722737
if-no-files-found: error
723738
-
@@ -728,22 +743,17 @@ jobs:
728743
INPUT_INDEX: ${{ matrix.index }}
729744
INPUT_VERIFY-COMMANDS: ${{ steps.signing-attestation-manifests.outputs.verify-commands || steps.signing-local-artifacts.outputs.verify-commands }}
730745
INPUT_IMAGE-DIGEST: ${{ steps.build.outputs.digest }}
731-
INPUT_ARTIFACT-NAME: ${{ inputs.artifact-name }}${{ steps.prepare.outputs.platform-pair-suffix }}
732-
INPUT_ARTIFACT-UPLOAD: ${{ inputs.artifact-upload }}
733746
INPUT_SIGNED: ${{ needs.prepare.outputs.sign }}
734747
with:
735748
script: |
736749
const inpIndex = core.getInput('index');
737750
const inpVerifyCommands = core.getInput('verify-commands');
738751
const inpImageDigest = core.getInput('image-digest');
739-
const inpArtifactName = core.getInput('artifact-name');
740-
const inpArtifactUpload = core.getBooleanInput('artifact-upload');
741752
const inpSigned = core.getBooleanInput('signed');
742753
743754
const result = {
744755
verifyCommands: inpVerifyCommands,
745756
imageDigest: inpImageDigest,
746-
artifactName: inpArtifactUpload ? inpArtifactName : '',
747757
signed: inpSigned
748758
}
749759
core.info(JSON.stringify(result, null, 2));
@@ -757,6 +767,7 @@ jobs:
757767
cosign-version: ${{ env.COSIGN_VERSION }}
758768
cosign-verify-commands: ${{ steps.set.outputs.cosign-verify-commands }}
759769
artifact-name: ${{ inputs.artifact-upload && inputs.artifact-name || '' }}
770+
artifact-merge: ${{ inputs.artifact-merge }}
760771
output-type: ${{ inputs.output }}
761772
signed: ${{ needs.prepare.outputs.sign }}
762773
needs:
@@ -837,7 +848,7 @@ jobs:
837848
}
838849
-
839850
name: Merge artifacts
840-
if: ${{ inputs.output == 'local' && inputs.artifact-upload }}
851+
if: ${{ inputs.output == 'local' && inputs.artifact-upload && inputs.artifact-merge }}
841852
uses: actions/upload-artifact/merge@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
842853
with:
843854
name: ${{ inputs.artifact-name }}

.github/workflows/verify.yml

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@ jobs:
3333
const cosignVersion = builderOutputs['cosign-version'];
3434
const cosignVerifyCommands = builderOutputs['cosign-verify-commands'];
3535
const artifactName = builderOutputs['artifact-name'];
36+
const artifactMerge = builderOutputs['artifact-merge'] === 'true';
3637
const outputType = builderOutputs['output-type'];
3738
const signed = builderOutputs['signed'] === 'true';
3839
if (!signed) {
@@ -44,7 +45,9 @@ jobs:
4445
4546
core.setOutput('cosign-version', cosignVersion);
4647
core.setOutput('cosign-verify-commands', cosignVerifyCommands);
47-
core.setOutput('artifact-name', artifactName);
48+
core.setOutput('artifact-name', artifactMerge ? '' : artifactName);
49+
core.setOutput('artifact-pattern', artifactMerge ? `${artifactName}-*` : '');
50+
core.setOutput('artifact-merge-multiple', artifactMerge ? 'true' : 'false');
4851
core.setOutput('output-type', outputType);
4952
core.setOutput('signed', signed);
5053
-
@@ -92,6 +95,8 @@ jobs:
9295
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
9396
with:
9497
name: ${{ steps.vars.outputs.artifact-name }}
98+
pattern: ${{ steps.vars.outputs.artifact-pattern }}
99+
merge-multiple: ${{ steps.vars.outputs.artifact-merge-multiple }}
95100
-
96101
name: Verify signatures
97102
if: ${{ steps.vars.outputs.signed == 'true' }}

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -223,6 +223,7 @@ on:
223223
| `setup-qemu` | Bool | `false` | Runs the `setup-qemu-action` step to install QEMU static binaries |
224224
| `artifact-name` | String | `docker-github-builder-assets` | Name of the uploaded GitHub artifact (for `local` output) |
225225
| `artifact-upload` | Bool | `false` | Upload build output GitHub artifact (for `local` output) |
226+
| `artifact-merge` | Bool | `true` | Merge output for multi-platforms build into a single artifact (for `local` output) |
226227
| `annotations` | List | | List of annotations to set to the image (for `image` output) |
227228
| `build-args` | List | `auto` | List of [build-time variables](https://docs.docker.com/engine/reference/commandline/buildx_build/#build-arg). If you want to set a build-arg through an environment variable, use the `envs` input |
228229
| `cache` | Bool | `false` | Enable [GitHub Actions cache](https://docs.docker.com/build/cache/backends/gha/) exporter |
@@ -331,6 +332,7 @@ on:
331332
| `setup-qemu` | Bool | `false` | Runs the `setup-qemu-action` step to install QEMU static binaries |
332333
| `artifact-name` | String | `docker-github-builder-assets` | Name of the uploaded GitHub artifact (for `local` output) |
333334
| `artifact-upload` | Bool | `false` | Upload build output GitHub artifact (for `local` output) |
335+
| `artifact-merge` | Bool | `true` | Merge output for multi-platforms build into a single artifact (for `local` output) |
334336
| `cache` | Bool | `false` | Enable [GitHub Actions cache](https://docs.docker.com/build/cache/backends/gha/) exporter |
335337
| `cache-scope` | String | target name or `buildkit` | Which [scope cache object belongs to](https://docs.docker.com/build/cache/backends/gha/#scope) if `cache` is enabled. This is the cache blob prefix name used when pushing cache to GitHub Actions cache backend |
336338
| `cache-mode` | String | `min` | [Cache layers to export](https://docs.docker.com/build/cache/backends/#cache-mode) if cache enabled (`min` or `max`). In `min` cache mode, only layers that are exported into the resulting image are cached, while in `max` cache mode, all layers are cached, even those of intermediate steps |

0 commit comments

Comments
 (0)