Skip to content

Containers

Containers #1740

Workflow file for this run

name: Containers
env:
zephyr-version: 3.5.0
zephyr-sdk-version: 0.16.3
sha-abbrev-length: 12
no-cache: ${{ secrets.NO_CACHE != null || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' }}
ignore-actions-cache: ${{ secrets.IGNORE_ACTIONS_CACHE != null }}
run-unit-tests: ${{ secrets.RUN_UNIT_TESTS != null }}
docker-hub-credentials: ${{ secrets.DOCKER_HUB_USERNAME != null && secrets.DOCKER_HUB_TOKEN != null }}
ghcr-credentials: ${{ secrets.GHCR_USERNAME != null && secrets.GHCR_TOKEN != null }}
docker-hub-namespace: ${{ secrets.DOCKER_HUB_NAMESPACE || github.repository_owner }}
docker-hub-namespace-upstream: ${{ secrets.DOCKER_HUB_NAMESPACE_UPSTREAM || 'zmkfirmware' }}
ghcr-namespace: ${{ github.repository_owner }}
zmk-repository: ${{ secrets.ZMK_REPOSITORY || 'zmkfirmware/zmk' }}
zmk-ref: ${{ secrets.ZMK_REF || 'main' }}
on:
push:
pull_request:
workflow_dispatch:
schedule:
- cron: '0 2 * * *' # every day at 02:00 UTC
concurrency: ${{ github.ref }}/${{ github.workflow }}
jobs:
timestamp:
runs-on: ubuntu-latest
outputs:
timestamp: ${{ steps.timestamp.outputs.timestamp }}
steps:
- name: Timestamp
id: timestamp
run: echo "timestamp=$(date +%Y%m%d%H%M%S)" >> $GITHUB_OUTPUT
architectures:
runs-on: ubuntu-latest
outputs:
json: ${{ steps.import.outputs.json }}
steps:
- name: Install yaml2json
run: python3 -m pip install remarshal
- name: Checkout
uses: actions/checkout@v4
- name: Import from architectures.yml
id: import
run: echo "json=$(yaml2json architectures.yml | jq -c .)" >> $GITHUB_OUTPUT
tags:
needs:
- timestamp
runs-on: ubuntu-latest
outputs:
branch: ${{ steps.definitions.outputs.branch }}
base: ${{ steps.definitions.outputs.base }}
candidate: ${{ steps.definitions.outputs.candidate }}
versions: ${{ steps.definitions.outputs.versions }} # e.g. 2.4.0-0.11.4
major-minor: ${{ steps.definitions.outputs.major-minor }} # e.g. 2.4
major-minor-branch: ${{ steps.definitions.outputs.major-minor-branch }} # e.g. 2.4-branch
steps:
- name: Definitions
id: definitions
env:
TIMESTAMP: ${{ needs.timestamp.outputs.timestamp }}
SHA: ${{ github.sha }}
SHA_ABBREV_LENGTH: ${{ env.sha-abbrev-length }}
RUN_ID: ${{ github.run_id }}
ZEPHYR_VERSION: ${{ env.zephyr-version }}
ZEPHYR_SDK_VERSION: ${{ env.zephyr-sdk-version }}
run: |
BRANCH=${GITHUB_REF#refs/heads/}
BRANCH=${BRANCH//[^A-Za-z0-9_.-]/_} # Substitutes invalid Docker tag characters
BASE=${GITHUB_BASE_REF//[^A-Za-z0-9_.-]/_} # Substitutes invalid Docker tag characters
SHA=${SHA:0:${SHA_ABBREV_LENGTH}}
CANDIDATE=${BRANCH}-${TIMESTAMP}-${ZEPHYR_VERSION}-${ZEPHYR_SDK_VERSION}-${SHA}-${RUN_ID}
VERSIONS=${ZEPHYR_VERSION}-${ZEPHYR_SDK_VERSION}
MAJOR=$(echo ${ZEPHYR_VERSION} | cut -d'.' -f 1)
MINOR=$(echo ${ZEPHYR_VERSION} | cut -d'.' -f 2)
MAJOR_MINOR=${MAJOR}.${MINOR}
MAJOR_MINOR_BRANCH=${MAJOR_MINOR}-branch
echo "branch=${BRANCH}" >> $GITHUB_OUTPUT
echo "base=${BASE}" >> $GITHUB_OUTPUT
echo "candidate=${CANDIDATE}" >> $GITHUB_OUTPUT
echo "versions=${VERSIONS}" >> $GITHUB_OUTPUT
echo "major-minor=${MAJOR_MINOR}" >> $GITHUB_OUTPUT
echo "major-minor-branch=${MAJOR_MINOR_BRANCH}" >> $GITHUB_OUTPUT
dev-generic:
needs:
- timestamp
- tags
if: ${{ !startsWith(github.ref, 'refs/tags') }}
runs-on: ubuntu-latest
steps:
- name: Login to Docker Hub
id: docker-hub-login
if: ${{ env.docker-hub-credentials == 'true' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Login to GitHub Container Registry
id: ghcr-login
if: ${{ env.ghcr-credentials == 'true' }}
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Define paths
id: paths
env:
NS: ${{ env.docker-hub-namespace }}
NSU: ${{ env.docker-hub-namespace-upstream }}
REPOSITORY: zmk-dev-generic
BRANCH: ${{ needs.tags.outputs.branch }}
BASE: ${{ needs.tags.outputs.base }}
MAJOR_MINOR_BRANCH: ${{ needs.tags.outputs.major-minor-branch }}
run: |
echo "local=/tmp/.buildx/dev-generic" >> $GITHUB_OUTPUT
echo "local-new=/tmp/.buildx/dev-generic-new" >> $GITHUB_OUTPUT
echo "branch=docker.io/${NS}/${REPOSITORY}:${BRANCH}" >> $GITHUB_OUTPUT
if [ ! -z "$BASE" ]; then
echo "base=docker.io/${NS}/${REPOSITORY}:${BASE}" >> $GITHUB_OUTPUT
fi
echo "major-minor-branch=docker.io/${NS}/${REPOSITORY}:${MAJOR_MINOR_BRANCH}" >> $GITHUB_OUTPUT
echo "branch-upstream=docker.io/${NSU}/${REPOSITORY}:${BRANCH}" >> $GITHUB_OUTPUT
echo "major-minor-branch-upstream=docker.io/${NSU}/${REPOSITORY}:${MAJOR_MINOR_BRANCH}" >> $GITHUB_OUTPUT
- name: Set up cache
id: cache
uses: actions/cache@v4
env:
cache-name: dev-generic
with:
path: ${{ steps.paths.outputs.local }}
key: ${{ runner.os }}/${{ env.cache-name }}/${{ github.run_id }}/${{ needs.timestamp.outputs.timestamp }}
restore-keys: |
${{ runner.os }}/${{ env.cache-name }}/${{ github.run_id }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build to local cache
uses: docker/build-push-action@v5
with:
target: dev-generic
platforms: linux/amd64,linux/arm64
build-args: |
ZEPHYR_VERSION=${{ env.zephyr-version }}
no-cache: ${{ env.no-cache == 'true' }}
cache-from: |
${{ (env.ignore-actions-cache == 'false') && format('type=local,src={0}', steps.paths.outputs.local) || '' }}
type=registry,ref=${{ steps.paths.outputs.branch }}
${{ (steps.paths.outputs.base != '') && format('type=registry,ref={0}', steps.paths.outputs.base) || '' }}
type=registry,ref=${{ steps.paths.outputs.major-minor-branch }}
type=registry,ref=${{ steps.paths.outputs.branch-upstream }}
type=registry,ref=${{ steps.paths.outputs.major-minor-branch-upstream }}
cache-to: type=local,dest=${{ steps.paths.outputs.local-new }},mode=max
- name: Push to registry cache
if: ${{ env.docker-hub-credentials == 'true' }}
uses: docker/build-push-action@v5
with:
target: dev-generic
platforms: linux/amd64,linux/arm64
build-args: |
ZEPHYR_VERSION=${{ env.zephyr-version }}
tags: |
${{ steps.paths.outputs.branch }}
cache-from: type=local,src=${{ steps.paths.outputs.local-new }}
cache-to: type=inline
push: true
# Workaround to stop the dev-generic cache ballooning ...
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Switch local cache
run: |
rm -rf ${{ steps.paths.outputs.local }}
mv ${{ steps.paths.outputs.local-new }} ${{ steps.paths.outputs.local }}
candidates:
needs:
- timestamp
- architectures
- tags
- dev-generic
if: ${{ !startsWith(github.ref, 'refs/tags') }}
runs-on: ubuntu-latest
env:
docker-args: --rm --workdir /github/workspace -v /var/run/docker.sock:/var/run/docker.sock -v /home/runner/work/_temp:/home/runner/work/_temp -v /home/runner/work/_temp/_github_home:/github/home -v /home/runner/work/_temp/_github_workflow:/github/workflow -v /home/runner/work/_temp/_runner_file_commands:/github/file_commands -v ${{ github.workspace }}:/github/workspace
container-id: ${{ github.run_id }}_${{ github.run_number}}
defaults:
run:
shell: /usr/bin/docker exec ${{ env.container-id }} /bin/bash {0}
strategy:
fail-fast: false
matrix:
architecture: ${{ fromJSON(needs.architectures.outputs.json) }}
include:
- architecture: arm
board: nice_nano
shield: qaz
steps:
- name: Login to Docker Hub
id: docker-hub-login
if: ${{ env.docker-hub-credentials == 'true' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Login to GitHub Container Registry
id: ghcr-login
if: ${{ env.ghcr-credentials == 'true' }}
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Define repositories
id: repositories
shell: bash
run: |
echo "build=zmk-build-${{ matrix.architecture }}" >> $GITHUB_OUTPUT
echo "dev=zmk-dev-${{ matrix.architecture }}" >> $GITHUB_OUTPUT
- name: Define paths
id: paths
shell: bash
env:
NS: ${{ env.docker-hub-namespace }}
NSU: ${{ env.docker-hub-namespace-upstream }}
BUILD: ${{ steps.repositories.outputs.build }}
DEV: ${{ steps.repositories.outputs.dev }}
CANDIDATE: ${{ needs.tags.outputs.candidate }}
BRANCH: ${{ needs.tags.outputs.branch }}
BASE: ${{ needs.tags.outputs.base }}
MAJOR_MINOR_BRANCH: ${{ needs.tags.outputs.major-minor-branch }}
run: |
echo "dev-generic=/tmp/.buildx/dev-generic" >> $GITHUB_OUTPUT
echo "build-candidate=docker.io/${NS}/${BUILD}:${CANDIDATE}" >> $GITHUB_OUTPUT
echo "build-branch=docker.io/${NS}/${BUILD}:${BRANCH}" >> $GITHUB_OUTPUT
if [ ! -z "$BASE" ]; then
echo "build-base=docker.io/${NS}/${BUILD}:${BASE}" >> $GITHUB_OUTPUT
fi
echo "build-major-minor-branch=docker.io/${NS}/${BUILD}:${MAJOR_MINOR_BRANCH}" >> $GITHUB_OUTPUT
echo "build-branch-upstream=docker.io/${NSU}/${BUILD}:${BRANCH}" >> $GITHUB_OUTPUT
echo "build-major-minor-branch-upstream=docker.io/${NSU}/${BUILD}:${MAJOR_MINOR_BRANCH}" >> $GITHUB_OUTPUT
echo "dev-candidate=docker.io/${NS}/${DEV}:${CANDIDATE}" >> $GITHUB_OUTPUT
echo "dev-branch=docker.io/${NS}/${DEV}:${BRANCH}" >> $GITHUB_OUTPUT
if [ ! -z "$BASE" ]; then
echo "dev-base=docker.io/${NS}/${DEV}:${BASE}" >> $GITHUB_OUTPUT
fi
echo "dev-major-minor-branch=docker.io/${NS}/${DEV}:${MAJOR_MINOR_BRANCH}" >> $GITHUB_OUTPUT
echo "dev-branch-upstream=docker.io/${NSU}/${DEV}:${BRANCH}" >> $GITHUB_OUTPUT
echo "dev-major-minor-branch-upstream=docker.io/${NSU}/${DEV}:${MAJOR_MINOR_BRANCH}" >> $GITHUB_OUTPUT
- name: Define build-args
id: build-args
shell: bash
run: |
LIST="
ZEPHYR_VERSION=${{ env.zephyr-version }}
ARCHITECTURE=${{ matrix.architecture }}
ZEPHYR_SDK_VERSION=${{ env.zephyr-sdk-version }}
"
delimiter="$(openssl rand -hex 8)"
echo "list<<${delimiter}" >> $GITHUB_OUTPUT
echo "${LIST}" >> $GITHUB_OUTPUT
echo "${delimiter}" >> $GITHUB_OUTPUT
- name: Define labels
id: labels
shell: bash
run: |
LIST="
org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
org.opencontainers.image.revision=${{ github.sha }}
"
delimiter="$(openssl rand -hex 8)"
echo "list<<${delimiter}" >> $GITHUB_OUTPUT
echo "${LIST}" >> $GITHUB_OUTPUT
echo "${delimiter}" >> $GITHUB_OUTPUT
- name: Set up dev-generic cache
id: dev-generic-cache
uses: actions/cache@v4
env:
cache-name: dev-generic
with:
path: ${{ steps.paths.outputs.dev-generic }}
key: ${{ runner.os }}/${{ env.cache-name }}/${{ github.run_id }}/${{ needs.timestamp.outputs.timestamp }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and load 'build' candidate image
uses: docker/build-push-action@v5
with:
target: build
build-args: |
${{ steps.build-args.outputs.list }}
labels: |
${{ steps.labels.outputs.list }}
tags: |
${{ steps.paths.outputs.build-candidate }}
${{ steps.paths.outputs.build-branch }}
cache-from: |
type=local,src=${{ steps.paths.outputs.dev-generic }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-candidate) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-branch) }}
${{ (env.no-cache == 'false') && (steps.paths.outputs.build-base != '') && format('type=registry,ref={0}', steps.paths.outputs.build-base) || '' }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-major-minor-branch) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-branch-upstream) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-major-minor-branch-upstream) }}
cache-to: type=inline
load: true
- name: Build and load 'dev' candidate image
uses: docker/build-push-action@v5
with:
target: dev
build-args: |
${{ steps.build-args.outputs.list }}
labels: |
${{ steps.labels.outputs.list }}
tags: |
${{ steps.paths.outputs.dev-candidate }}
${{ steps.paths.outputs.dev-branch }}
cache-from: |
type=registry,ref=${{ steps.paths.outputs.build-candidate }}
type=local,src=${{ steps.paths.outputs.dev-generic }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-candidate) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-branch) }}
${{ (env.no-cache == 'false') && (steps.paths.outputs.dev-base != '') && format('type=registry,ref={0}', steps.paths.outputs.dev-base) || '' }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-major-minor-branch) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-branch-upstream) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-major-minor-branch-upstream) }}
cache-to: type=inline
load: true
- name: Checkout ZMK
uses: actions/checkout@v4
with:
repository: ${{ env.zmk-repository }}
ref: ${{ env.zmk-ref }}
- name: Cache Zephyr modules
uses: actions/cache@v4
env:
cache-name: zephyr-modules
with:
path: |
modules/
tools/
zephyr/
bootloader/
key: ${{ runner.os }}/${{ env.cache-name }}/${{ hashFiles('app/west.yml') }}
restore-keys: |
${{ runner.os }}/${{ env.cache-name }}/
- name: Create and run container from 'build' candidate image
shell: bash
run: docker run -d -it --name ${{ env.container-id }} ${{ env.docker-args }} ${{ steps.paths.outputs.build-candidate }}
- name: Fixes for git safety checks
run: git config --global --add safe.directory '*'
- name: Test cmake
run: cmake --version
- name: Test python
run: python3 --version
- name: Test diff
run: diff --version
- name: Test west init
run: west init -l app
- name: Test west update
run: west update
- name: Test west zephyr-export
run: west zephyr-export
- name: Test board/shield (west build)
id: board-shield
if: ${{ matrix.board != null }}
run: west build -s app -b ${{ matrix.board }} -- ${{ matrix.shield != null && format('-DSHIELD={0}', matrix.shield) || null }}
- name: Test RAM report (west build)
if: ${{ steps.board-shield.outcome == 'success' }}
run: west build -t ram_report
- name: Test ROM report (west build)
if: ${{ steps.board-shield.outcome == 'success' }}
run: west build -t rom_report
- name: Test west test (single)
run: west test tests/none/normal
- name: Test west test (full)
if: ${{ env.run-unit-tests == 'true' }}
run: west test
- name: Test clean (west build)
if: ${{ steps.board-shield.outcome == 'success' }}
run: west build -t clean
- name: Stop container
shell: bash
run: docker stop ${{ env.container-id }}; sleep 5
- name: Create and run container from 'dev' candidate image
shell: bash
run: docker run -d -it --name ${{ env.container-id }} ${{ env.docker-args }} ${{ steps.paths.outputs.dev-candidate }}
- name: Test clang-format
run: clang-format --version
- name: Test node
run: node --version
- name: Test docs ci
run: cd docs && npm ci
- name: Test docs lint
run: cd docs && npm run lint
- name: Test docs prettier check
run: cd docs && npm run prettier:check
- name: Test docs start (webpack-dev-server)
run: cd docs && timeout -s SIGINT 60 npm run start &
- name: Test docs wget (webpack-dev-server)
id: wget-webpack-dev-server
run: wget --retry-connrefused --waitretry=60 http://localhost:3000
- run: sleep 60
- name: Test docs build (webpack)
run: cd docs && npm run build
- name: Test docs serve (webpack)
run: cd docs && timeout -s SIGINT 30 npm run serve &
- name: Test docs wget (webpack)
run: wget --retry-connrefused --waitretry=30 http://localhost:3000
- name: Test less
run: less --version
- name: Test PAGER
run: pager --version && [[ $PAGER = "less" ]] && true || false
- name: Test ssh
run: ssh -V
- name: Test protoc
run: protoc --version
- name: Test gdb
run: gdb --version
- name: Test arm-zephyr-eabi-gdb
if: ${{ matrix.architecture == 'arm' }}
run: /opt/zephyr-sdk-${ZEPHYR_SDK_VERSION}/arm-zephyr-eabi/bin/arm-zephyr-eabi-gdb --version
- name: Test tio
run: tio --version
- name: Test socat
run: socat -V
- name: Stop container
shell: bash
run: docker stop ${{ env.container-id }}
if: ${{ always() }}
- name: Build and push 'build' candidate image (x86_64 and arm64)
if: ${{ steps.docker-hub-login.outcome == 'success' }}
uses: docker/build-push-action@v5
with:
target: build
platforms: linux/amd64,linux/arm64
build-args: |
${{ steps.build-args.outputs.list }}
labels: |
${{ steps.labels.outputs.list }}
tags: |
${{ steps.paths.outputs.build-candidate }}
${{ steps.paths.outputs.build-branch }}
cache-from: |
type=local,src=${{ steps.paths.outputs.dev-generic }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-candidate) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-branch) }}
${{ (env.no-cache == 'false') && (steps.paths.outputs.build-base != '') && format('type=registry,ref={0}', steps.paths.outputs.build-base) || '' }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-major-minor-branch) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-branch-upstream) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.build-major-minor-branch-upstream) }}
cache-to: type=inline
push: true
- name: Build and push 'dev' candidate image (x86_64 + arm64)
if: ${{ steps.docker-hub-login.outcome == 'success' }}
uses: docker/build-push-action@v5
with:
target: dev
platforms: linux/amd64,linux/arm64
build-args: |
${{ steps.build-args.outputs.list }}
labels: |
${{ steps.labels.outputs.list }}
tags: |
${{ steps.paths.outputs.dev-candidate }}
${{ steps.paths.outputs.dev-branch }}
cache-from: |
type=registry,ref=${{ steps.paths.outputs.build-candidate }}
type=local,src=${{ steps.paths.outputs.dev-generic }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-candidate) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-branch) }}
${{ (env.no-cache == 'false') && (steps.paths.outputs.dev-base != '') && format('type=registry,ref={0}', steps.paths.outputs.dev-base) || '' }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-major-minor-branch) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-branch-upstream) }}
${{ (env.no-cache == 'false') && format('type=registry,ref={0}', steps.paths.outputs.dev-major-minor-branch-upstream) }}
cache-to: type=inline
push: true
release-trigger:
if: ${{ startsWith(github.ref, 'refs/tags') }}
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.match.outputs.tag }}
branch: ${{ steps.match.outputs.branch }}
datetime: ${{ steps.match.outputs.datetime }}
date: ${{ steps.match.outputs.date }}
year: ${{ steps.match.outputs.year }}
month: ${{ steps.match.outputs.month }}
day: ${{ steps.match.outputs.day }}
time: ${{ steps.match.outputs.time }}
hour: ${{ steps.match.outputs.hour }}
minute: ${{ steps.match.outputs.minute }}
second: ${{ steps.match.outputs.second }}
zephyr-version: ${{ steps.match.outputs.zephyr-version }}
zephyr-version-major: ${{ steps.match.outputs.zephyr-version-major }}
zephyr-version-minor: ${{ steps.match.outputs.zephyr-version-minor }}
zephyr-version-patch: ${{ steps.match.outputs.zephyr-version-patch }}
zephyr-sdk-version: ${{ steps.match.outputs.zephyr-sdk-version }}
zephyr-sdk-version-major: ${{ steps.match.outputs.zephyr-sdk-version-major }}
zephyr-sdk-version-minor: ${{ steps.match.outputs.zephyr-sdk-version-minor }}
zephyr-sdk-version-patch: ${{ steps.match.outputs.zephyr-sdk-version-patch }}
sha: ${{ steps.match.outputs.sha }}
run-id: ${{ steps.match.outputs.run-id }}
steps:
- name: Is tag a release trigger?
id: match
run: |
TAG=${GITHUB_REF#refs/tags/}
PATTERN="^(.+?)-((([0-9]{4})(0[1-9]|1[012])(0[1-9]|[12][0-9]|3[01]))(([01]?[0-9]|2[0-3])([0-5][0-9])([0-5][0-9])))-(([0-9]+)\.([0-9]+)\.([0-9]+))-(([0-9]+)\.([0-9]+)\.([0-9]+))-([0-9a-fA-F]+)-([0-9]+)$"
if [[ "${TAG}" =~ $PATTERN ]]; then
echo "tag=${TAG}" >> $GITHUB_OUTPUT
echo "branch=${BASH_REMATCH[1]}" >> $GITHUB_OUTPUT
echo "datetime=${BASH_REMATCH[2]}" >> $GITHUB_OUTPUT
echo "date=${BASH_REMATCH[3]}" >> $GITHUB_OUTPUT
echo "year=${BASH_REMATCH[4]}" >> $GITHUB_OUTPUT
echo "month=${BASH_REMATCH[5]}" >> $GITHUB_OUTPUT
echo "day=${BASH_REMATCH[6]}" >> $GITHUB_OUTPUT
echo "time=${BASH_REMATCH[7]}" >> $GITHUB_OUTPUT
echo "hour=${BASH_REMATCH[8]}" >> $GITHUB_OUTPUT
echo "minute=${BASH_REMATCH[9]}" >> $GITHUB_OUTPUT
echo "second=${BASH_REMATCH[10]}" >> $GITHUB_OUTPUT
echo "zephyr-version=${BASH_REMATCH[11]}" >> $GITHUB_OUTPUT
echo "zephyr-version-major=${BASH_REMATCH[12]}" >> $GITHUB_OUTPUT
echo "zephyr-version-minor=${BASH_REMATCH[13]}" >> $GITHUB_OUTPUT
echo "zephyr-version-patch=${BASH_REMATCH[14]}" >> $GITHUB_OUTPUT
echo "zephyr-sdk-version=${BASH_REMATCH[15]}" >> $GITHUB_OUTPUT
echo "zephyr-sdk-version-major=${BASH_REMATCH[16]}" >> $GITHUB_OUTPUT
echo "zephyr-sdk-version-minor=${BASH_REMATCH[17]}" >> $GITHUB_OUTPUT
echo "zephyr-sdk-version-patch=${BASH_REMATCH[18]}" >> $GITHUB_OUTPUT
SHA=${BASH_REMATCH[19]}
echo "sha=${SHA}" >> $GITHUB_OUTPUT
echo "run-id=${BASH_REMATCH[20]}" >> $GITHUB_OUTPUT
if [[ "${{ github.sha }}" != ${SHA}* ]]; then
echo "Hashes do not match!"
echo "${{ github.sha }}"
echo "${SHA}"
exit 1
fi
else
echo "Tag not recognised, ignoring ..."
fi
releases:
permissions:
contents: read
packages: write
needs:
- architectures
- tags
- release-trigger
if: ${{ needs.release-trigger.outputs.sha != null }}
runs-on: ubuntu-latest
strategy:
matrix:
architecture: ${{ fromJSON(needs.architectures.outputs.json) }}
target:
- build
- dev
steps:
- name: Install skopeo
run: sudo apt-get install -y skopeo
- name: Login to GitHub Container Registry
id: ghcr-login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Login to Docker Hub
id: docker-hub-login
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Release (pull candidate, tag, push)
env:
DHNS: ${{ env.docker-hub-namespace }}
GHCRNS: ${{ env.ghcr-namespace }}
TARGET: ${{ matrix.target }}
ARCHITECTURE: ${{ matrix.architecture }}
CANDIDATE: ${{ needs.release-trigger.outputs.tag }}
VERSIONS: ${{ needs.tags.outputs.versions }}
MAJOR_MINOR: ${{ needs.tags.outputs.major-minor }}
run: |
REPOSITORY=zmk-${TARGET}-${ARCHITECTURE}
skopeo copy --all docker://docker.io/${DHNS}/${REPOSITORY}:${CANDIDATE} docker://docker.io/${DHNS}/${REPOSITORY}:${VERSIONS}
skopeo copy --all docker://docker.io/${DHNS}/${REPOSITORY}:${CANDIDATE} docker://docker.io/${DHNS}/${REPOSITORY}:${MAJOR_MINOR}
# Disabled due to permissions cluster
# skopeo copy --all docker://docker.io/${DHNS}/${REPOSITORY}:${CANDIDATE} docker://ghcr.io/${GHCRNS}/${REPOSITORY}:${CANDIDATE}
# skopeo copy --all docker://docker.io/${DHNS}/${REPOSITORY}:${CANDIDATE} docker://ghcr.io/${GHCRNS}/${REPOSITORY}:${VERSIONS}
# skopeo copy --all docker://docker.io/${DHNS}/${REPOSITORY}:${CANDIDATE} docker://ghcr.io/${GHCRNS}/${REPOSITORY}:${MAJOR_MINOR}
git-tag:
needs:
- tags
- releases
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Tag
env:
TAG: ${{ needs.tags.outputs.major-minor }}
run: |
git tag ${TAG}
git push -f origin ${TAG}
stable-release-trigger:
if: ${{ startsWith(github.ref, 'refs/tags') }}
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.match.outputs.tag }}
stable-tag: ${{ steps.match.outputs.stable-tag }}
steps:
- name: Is tag a release trigger?
id: match
run: |
TAG=${GITHUB_REF#refs/tags/}
PATTERN="^(.+?)-stable$"
if [[ "${TAG}" =~ $PATTERN ]]; then
echo "tag=${TAG}" >> $GITHUB_OUTPUT
echo "stable-tag=${BASH_REMATCH[1]}" >> $GITHUB_OUTPUT
else
echo "Tag not recognised, ignoring ..."
fi
stable-releases:
needs:
- architectures
- tags
- stable-release-trigger
if: ${{ needs.stable-release-trigger.outputs.stable-tag != null }}
runs-on: ubuntu-latest
strategy:
matrix:
architecture: ${{ fromJSON(needs.architectures.outputs.json) }}
target:
- build
- dev
steps:
- name: Install skopeo
run: sudo apt-get install -y skopeo
- name: Login to GitHub Container Registry
id: ghcr-login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Login to Docker Hub
id: docker-hub-login
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Release (pull candidate, tag, push)
env:
DHNS: ${{ env.docker-hub-namespace }}
GHCRNS: ${{ env.ghcr-namespace }}
TARGET: ${{ matrix.target }}
ARCHITECTURE: ${{ matrix.architecture }}
CANDIDATE: ${{ needs.stable-release-trigger.outputs.stable-tag }}
run: |
REPOSITORY=zmk-${TARGET}-${ARCHITECTURE}
skopeo copy --all docker://docker.io/${DHNS}/${REPOSITORY}:${CANDIDATE} docker://docker.io/${DHNS}/${REPOSITORY}:stable
stable-git-tag:
needs:
- tags
- stable-releases
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ needs.stable-release-trigger.outputs.stable-tag }}
- name: Tag
env:
TAG: ${{ needs.tags.outputs.major-minor }}
run: |
git tag stable
git push -f origin stable