From 13e9e4e4dd7a0ed54d53ba0996100809b0ce5c90 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Wed, 19 Nov 2025 18:20:39 +0100 Subject: [PATCH] ci: test bake reusable workflow Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- .github/workflows/build.yml | 118 +++++++++++++++--------------------- docker-bake.hcl | 8 ++- 2 files changed, 57 insertions(+), 69 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 682ee9216c46..a1f86ec4fed6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,65 +11,48 @@ on: - main pull_request: -env: - # Use edge release of buildx (latest RC, fallback to latest stable) - SETUP_BUILDX_VERSION: edge - SETUP_BUILDKIT_IMAGE: "moby/buildkit:latest" - -permissions: - contents: read # to fetch code (actions/checkout) - jobs: releaser: - runs-on: ubuntu-24.04 - steps: - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - version: ${{ env.SETUP_BUILDX_VERSION }} - driver-opts: image=${{ env.SETUP_BUILDKIT_IMAGE }} - - - name: Build - uses: docker/bake-action@v6 - with: - files: | - docker-bake.hcl - targets: releaser-build + uses: docker/github-builder-experimental/.github/workflows/bake.yml@main + permissions: + contents: read + packages: write + id-token: write + with: + output: local + target: releaser-build build: - runs-on: ubuntu-24.04 - needs: - - releaser - steps: - - - name: Checkout - uses: actions/checkout@v5 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Build - uses: docker/bake-action@v6 - with: - source: . - files: | - docker-bake.hcl - targets: release - - - name: Check Cloudfront config - uses: docker/bake-action@v6 - with: - source: . - targets: aws-cloudfront-update - env: - DRY_RUN: true - AWS_REGION: us-east-1 - AWS_CLOUDFRONT_ID: 0123456789ABCD - AWS_LAMBDA_FUNCTION: DockerDocsRedirectFunction-dummy + uses: docker/github-builder-experimental/.github/workflows/bake.yml@main + permissions: + contents: read + packages: write + id-token: write + with: + output: local + target: release + + check-cloudfront: + uses: docker/github-builder-experimental/.github/workflows/bake.yml@main + permissions: + contents: read + packages: write + id-token: write + with: + output: local + target: aws-cloudfront-update + envs: | + DRY_RUN: true + AWS_REGION: us-east-1 + AWS_CLOUDFRONT_ID: 0123456789ABCD + AWS_LAMBDA_FUNCTION: DockerDocsRedirectFunction-dummy validate: - runs-on: ubuntu-24.04 + uses: docker/github-builder-experimental/.github/workflows/bake.yml@main + permissions: + contents: read + packages: write + id-token: write strategy: fail-fast: false matrix: @@ -82,29 +65,28 @@ jobs: - dockerfile-lint - path-warnings - validate-vendor + with: + output: local + target: ${{ matrix.target }} + artifact-name: ${{ matrix.target }} + + reviewdog: + runs-on: ubuntu-24.04 + needs: validate + if: ${{ github.event_name == 'pull_request' }} steps: - - name: Checkout - uses: actions/checkout@v5 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Validate - uses: docker/bake-action@v6 + name: Download vale output + uses: actions/download-artifact@v4 with: - source: . - files: | - docker-bake.hcl - targets: ${{ matrix.target }} + name: vale + path: ./vale-output - name: Install reviewdog - if: ${{ matrix.target == 'vale' && github.event_name == 'pull_request' }} uses: reviewdog/action-setup@d8a7baabd7f3e8544ee4dbde3ee41d0011c3a93f # v1.5.0 - name: Run reviewdog for vale - if: ${{ matrix.target == 'vale' && github.event_name == 'pull_request' }} run: | - cat ./tmp/vale.out | reviewdog -f=rdjsonl -name=vale -reporter=github-pr-annotations -fail-on-error=false -filter-mode=added -level=info -fail-level=warning + cat ./vale-output/vale.out | reviewdog -f=rdjsonl -name=vale -reporter=github-pr-annotations -fail-on-error=false -filter-mode=added -level=info -fail-level=warning env: REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/docker-bake.hcl b/docker-bake.hcl index a997372c76d7..366208ed5eb1 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -33,6 +33,7 @@ target "release" { args = { HUGO_ENV = HUGO_ENV DOCS_URL = DOCS_URL + BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1 } target = "release" output = [DOCS_SITE_DIR] @@ -44,6 +45,7 @@ group "validate" { } target "test" { + args = { BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1 } target = "test" output = ["type=cacheonly"] provenance = false @@ -71,16 +73,19 @@ target "unused-media" { } target "test-go-redirects" { + args = { BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1 } target = "test-go-redirects" output = ["type=cacheonly"] provenance = false } target "dockerfile-lint" { + args = { BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1 } call = "check" } target "path-warnings" { + args = { BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1 } target = "path-warnings" output = ["type=cacheonly"] } @@ -143,7 +148,7 @@ target "aws-cloudfront-update" { context = "hack/releaser" target = "aws-cloudfront-update" contexts = { - sitedir = DOCS_SITE_DIR + sitedir = "target:release" } no-cache-filter = ["aws-cloudfront-update"] output = ["type=cacheonly"] @@ -163,6 +168,7 @@ target "vendor" { } target "validate-vendor" { + args = { BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1 } target = "validate-vendor" output = ["type=cacheonly"] }