Unverified Commit d745a45a authored by github-actions[bot]'s avatar github-actions[bot] Committed by GitHub
Browse files

Added slim version of image for ghcr.io (#65) 



* Added slim version of image for ghcr.io

* Fix actions

* Update actions

---------

Co-authored-by: default avatarFedor Batonogov <f.batonogov@yandex.ru>
parent fae74861

.github/workflows/CI_LINUX.yml

deleted100644 → 0
+0 −39
Original line number Diff line number Diff line 
name: ci linux



on:

  push:

    tags: [ 'v*.*.*' ]



jobs:

  docker:

    runs-on: ubuntu-latest

    steps:

      -

        name: Set up QEMU

        uses: docker/setup-qemu-action@v3

      -

        name: Set up Docker Buildx

        uses: docker/setup-buildx-action@v3

      -

        name: Login to Docker Hub

        uses: docker/login-action@v3

        with:

          username: ${{ secrets.DOCKERHUB_USERNAME }}

          password: ${{ secrets.DOCKERHUB_TOKEN }}

      -

        name: Build and push

        uses: docker/build-push-action@v5

        with:

          file: ./Dockerfile-py3-linux

          platforms: |

            linux/i386

            linux/amd64

            linux/arm/v5

            linux/arm/v7

            linux/arm64/v8

            linux/ppc64le

            linux/s390x

          push: true

          tags: |

            ${{ secrets.DOCKERHUB_USERNAME }}/pyinstaller-linux:${{ github.ref_name }}

            ${{ secrets.DOCKERHUB_USERNAME }}/pyinstaller-linux:latest

.github/workflows/CI_LINUX_SLIM.yml

deleted100644 → 0
+0 −38
Original line number Diff line number Diff line 
name: ci linux slim



on:

  push:

    tags: [ 'v*.*.*' ]



jobs:

  docker:

    runs-on: ubuntu-latest

    steps:

      -

        name: Set up QEMU

        uses: docker/setup-qemu-action@v3

      -

        name: Set up Docker Buildx

        uses: docker/setup-buildx-action@v3

      -

        name: Login to Docker Hub

        uses: docker/login-action@v3

        with:

          username: ${{ secrets.DOCKERHUB_USERNAME }}

          password: ${{ secrets.DOCKERHUB_TOKEN }}

      -

        name: Build and push

        uses: docker/build-push-action@v5

        with:

          file: ./Dockerfile-py3-linux-slim

          platforms: |

            linux/i386

            linux/amd64

            linux/arm/v5

            linux/arm/v7

            linux/arm64/v8

            linux/ppc64le

            linux/s390x

          push: true

          tags: |

            ${{ secrets.DOCKERHUB_USERNAME }}/pyinstaller-linux:${{ github.ref_name }}-slim

.github/workflows/CI_WINDOWS.yml

deleted100644 → 0
+0 −33
Original line number Diff line number Diff line 
name: ci windows



on:

  push:

    tags: [ 'v*.*.*' ]



jobs:

  docker:

    runs-on: ubuntu-latest

    steps:

      -

        name: Set up QEMU

        uses: docker/setup-qemu-action@v3

      -

        name: Set up Docker Buildx

        uses: docker/setup-buildx-action@v3

      -

        name: Login to Docker Hub

        uses: docker/login-action@v3

        with:

          username: ${{ secrets.DOCKERHUB_USERNAME }}

          password: ${{ secrets.DOCKERHUB_TOKEN }}

      -

        name: Build and push

        uses: docker/build-push-action@v5

        with:

          file: ./Dockerfile-py3-windows

          platforms: |

            linux/amd64

          push: true

          tags: |

            ${{ secrets.DOCKERHUB_USERNAME }}/pyinstaller-windows:${{ github.ref_name }}

            ${{ secrets.DOCKERHUB_USERNAME }}/pyinstaller-windows:latest

.github/workflows/docker-image-linux-ghcr.yml

0 → 100644
+120 −0
Original line number Diff line number Diff line 
name: Docker Image CI Linux ghcr.io



# This workflow uses actions that are not certified by GitHub.

# They are provided by a third-party and are governed by

# separate terms of service, privacy policy, and support

# documentation.



on:

  push:

    tags: [ 'v*.*.*' ]



env:

  # Use docker.io for Docker Hub if empty

  REGISTRY: ghcr.io

  # github.repository as <account>/<repo>

  IMAGE_NAME: ${{ github.actor }}/pyinstaller-linux



jobs:

  build:



    runs-on: ubuntu-latest

    permissions:

      contents: read

      packages: write

      # This is used to complete the identity challenge

      # with sigstore/fulcio when running outside of PRs.

      id-token: write



    steps:

      - name: Checkout repository

        uses: actions/checkout@v3



      # Install the cosign tool except on PR

      # https://github.com/sigstore/cosign-installer

      - name: Install cosign

        if: github.event_name != 'pull_request'

        uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1

        with:

          cosign-release: 'v2.1.1'



      # Set up BuildKit Docker container builder to be able to build

      # multi-platform images and export cache

      # https://github.com/docker/setup-buildx-action

      - name: Set up Docker Buildx

        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0



      # Login against a Docker registry except on PR

      # https://github.com/docker/login-action

      - name: Log into registry ${{ env.REGISTRY }}

        if: github.event_name != 'pull_request'

        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0

        with:

          registry: ${{ env.REGISTRY }}

          username: ${{ github.actor }}

          password: ${{ secrets.GITHUB_TOKEN }}



      # Extract metadata (tags, labels) for Docker

      # https://github.com/docker/metadata-action

      - name: Extract Docker metadata

        id: meta

        uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0

        with:

          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}



      # Build and push Docker image with Buildx (don't push on PR)

      # https://github.com/docker/build-push-action

      - name: Build and push Docker image

        id: build-and-push

        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0

        with:

          context: .

          file: Dockerfile-py3-linux

          platforms: |

            linux/amd64

            linux/arm64

            linux/arm/v5

            linux/arm/v7

            linux/arm64/v8

            linux/ppc64le

            linux/s390x

          push: ${{ github.event_name != 'pull_request' }}

          tags: ${{ steps.meta.outputs.tags }}

          labels: ${{ steps.meta.outputs.labels }}

          cache-from: type=gha

          cache-to: type=gha,mode=max



      - name: Build and push slim Docker image

        id: build-slim-and-push

        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0

        with:

          context: .

          file: Dockerfile-py3-linux-slim

          platforms: |

            linux/amd64

            linux/arm64

            linux/arm/v5

            linux/arm/v7

            linux/arm64/v8

            linux/ppc64le

            linux/s390x

          push: ${{ github.event_name != 'pull_request' }}

          tags: ${{ steps.meta.outputs.tags }}-slim

          labels: ${{ steps.meta.outputs.labels }}

          cache-from: type=gha

          cache-to: type=gha,mode=max



      # Sign the resulting Docker image digest except on PRs.

      # This will only write to the public Rekor transparency log when the Docker

      # repository is public to avoid leaking data.  If you would like to publish

      # transparency data even for private images, pass --force to cosign below.

      # https://github.com/sigstore/cosign

      - name: Sign the published Docker image

        if: ${{ github.event_name != 'pull_request' }}

        env:

          # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable

          TAGS: ${{ steps.meta.outputs.tags }}

          DIGEST: ${{ steps.build-and-push.outputs.digest }}

        # This step uses the identity token to provision an ephemeral certificate

        # against the sigstore community Fulcio instance.

        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

.github/workflows/docker-image-linux.yml

+37 −82
Original line number Diff line number Diff line 
name: Docker Image CI Linux



# This workflow uses actions that are not certified by GitHub.

# They are provided by a third-party and are governed by

# separate terms of service, privacy policy, and support

# documentation.

name: Docker Image CI Linux docker.io



on:

  push:

    tags: [ 'v*.*.*' ]



env:

  # Use docker.io for Docker Hub if empty

  REGISTRY: ghcr.io

  # github.repository as <account>/<repo>

  IMAGE_NAME: ${{ github.actor }}/pyinstaller-linux



jobs:

  build:



  docker:

    runs-on: ubuntu-latest

    permissions:

      contents: read

      packages: write

      # This is used to complete the identity challenge

      # with sigstore/fulcio when running outside of PRs.

      id-token: write



    steps:

      - name: Checkout repository

        uses: actions/checkout@v3



      # Install the cosign tool except on PR

      # https://github.com/sigstore/cosign-installer

      - name: Install cosign

        if: github.event_name != 'pull_request'

        uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1

      -

        name: Set up QEMU

        uses: docker/setup-qemu-action@v3

      -

        name: Set up Docker Buildx

        uses: docker/setup-buildx-action@v3

      -

        name: Login to Docker Hub

        uses: docker/login-action@v3

        with:

          cosign-release: 'v2.1.1'



      # Set up BuildKit Docker container builder to be able to build

      # multi-platform images and export cache

      # https://github.com/docker/setup-buildx-action

      - name: Set up Docker Buildx

        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0



      # Login against a Docker registry except on PR

      # https://github.com/docker/login-action

      - name: Log into registry ${{ env.REGISTRY }}

        if: github.event_name != 'pull_request'

        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0

        with:

          registry: ${{ env.REGISTRY }}

          username: ${{ github.actor }}

          password: ${{ secrets.GITHUB_TOKEN }}



      # Extract metadata (tags, labels) for Docker

      # https://github.com/docker/metadata-action

      - name: Extract Docker metadata

        id: meta

        uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0

          username: ${{ secrets.DOCKERHUB_USERNAME }}

          password: ${{ secrets.DOCKERHUB_TOKEN }}

      -

        name: Build and push

        uses: docker/build-push-action@v5

        with:

          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}



      # Build and push Docker image with Buildx (don't push on PR)

      # https://github.com/docker/build-push-action

      - name: Build and push Docker image

        id: build-and-push

        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0

          file: ./Dockerfile-py3-linux

          platforms: |

            linux/i386

            linux/amd64

            linux/arm/v5

            linux/arm/v7

            linux/arm64/v8

            linux/ppc64le

            linux/s390x

          push: true

          tags: |

            ${{ secrets.DOCKERHUB_USERNAME }}/pyinstaller-linux:${{ github.ref_name }}

            ${{ secrets.DOCKERHUB_USERNAME }}/pyinstaller-linux:latest

      -

        name: Build and push

        uses: docker/build-push-action@v5

        with:

          context: .

          file: Dockerfile-py3-linux

          file: ./Dockerfile-py3-linux-slim

          platforms: |

            linux/i386

            linux/amd64

            linux/arm64

            linux/arm/v5

            linux/arm/v7

            linux/arm64/v8

            linux/ppc64le

            linux/s390x

          push: ${{ github.event_name != 'pull_request' }}

          tags: ${{ steps.meta.outputs.tags }}

          labels: ${{ steps.meta.outputs.labels }}

          cache-from: type=gha

          cache-to: type=gha,mode=max



      # Sign the resulting Docker image digest except on PRs.

      # This will only write to the public Rekor transparency log when the Docker

      # repository is public to avoid leaking data.  If you would like to publish

      # transparency data even for private images, pass --force to cosign below.

      # https://github.com/sigstore/cosign

      - name: Sign the published Docker image

        if: ${{ github.event_name != 'pull_request' }}

        env:

          # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable

          TAGS: ${{ steps.meta.outputs.tags }}

          DIGEST: ${{ steps.build-and-push.outputs.digest }}

        # This step uses the identity token to provision an ephemeral certificate

        # against the sigstore community Fulcio instance.

        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
 
          push: true

          tags: |

            ${{ secrets.DOCKERHUB_USERNAME }}/pyinstaller-linux:${{ github.ref_name }}-slim