From 2fc8f54b89fc296e8c2b2d7a9c205868f6540057 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Sun, 17 Mar 2024 17:39:31 -0500 Subject: [PATCH] chore(ci): add retry functionality to a few steps (#204) This matches retry logic which was added to main repo and a few other places. --- .github/workflows/build.yml | 54 ++++++++++++++++++++++++------------- 1 file changed, 36 insertions(+), 18 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a04f54b..e6a3f1c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -133,14 +133,18 @@ jobs: - name: Get current version id: labels - shell: bash - run: | - ver=$(skopeo inspect docker://ghcr.io/ublue-os/${{ matrix.image_name }}-main:${{ matrix.major_version }} | jq -r '.Labels["org.opencontainers.image.version"]') - if [ -z "$ver" ] || [ "null" = "$ver" ]; then - echo "inspected image version must not be empty or null" - exit 1 - fi - echo "VERSION=$ver" >> $GITHUB_OUTPUT + uses: Wandalen/wretry.action@v1.4.8 + with: + attempt_limit: 3 + attempt_delay: 15000 + command: | + set -eo pipefail + ver=$(skopeo inspect docker://ghcr.io/ublue-os/${{ matrix.image_name }}-main:${{ matrix.major_version }} | jq -r '.Labels["org.opencontainers.image.version"]') + if [ -z "$ver" ] || [ "null" = "$ver" ]; then + echo "inspected image version must not be empty or null" + exit 1 + fi + echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV # Build metadata - name: Image Metadata @@ -152,10 +156,20 @@ jobs: labels: | org.opencontainers.image.title=${{ env.IMAGE_NAME }} org.opencontainers.image.description=ublue-os ${{ matrix.image_name }} with Nvidia drivers added - org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }} + org.opencontainers.image.version=${{ env.SOURCE_IMAGE_VERSION }} io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/1728152?s=200&v=4 + - name: Pull base image + uses: Wandalen/wretry.action@v1.4.8 + with: + attempt_limit: 3 + attempt_delay: 15000 + command: | + # pull the base image used for FROM in containerfile so + # we can retry on that unfortunately common failure case + podman pull ghcr.io/ublue-os/${{ matrix.image_name }}-main:${{ matrix.major_version }} + # Build image using Buildah action - name: Build Image id: build_image @@ -184,20 +198,24 @@ jobs: # Push the image to GHCR (Image Registry) - name: Push To GHCR - uses: redhat-actions/push-to-registry@v2 + uses: Wandalen/wretry.action@v1.4.8 id: push if: github.event_name != 'pull_request' env: REGISTRY_USER: ${{ github.actor }} REGISTRY_PASSWORD: ${{ github.token }} with: - image: ${{ steps.build_image.outputs.image }} - tags: ${{ steps.build_image.outputs.tags }} - registry: ${{ steps.registry_case.outputs.lowercase }} - username: ${{ env.REGISTRY_USER }} - password: ${{ env.REGISTRY_PASSWORD }} - extra-args: | - --disable-content-trust + action: redhat-actions/push-to-registry@v2 + attempt_limit: 3 + attempt_delay: 15000 + with: | + image: ${{ steps.build_image.outputs.image }} + tags: ${{ steps.build_image.outputs.tags }} + registry: ${{ steps.registry_case.outputs.lowercase }} + username: ${{ env.REGISTRY_USER }} + password: ${{ env.REGISTRY_PASSWORD }} + extra-args: | + --disable-content-trust - name: Login to GitHub Container Registry uses: docker/login-action@v3 @@ -216,7 +234,7 @@ jobs: run: | cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS} env: - TAGS: ${{ steps.push.outputs.digest }} + TAGS: ${{ steps.push.outputs.outputs && fromJSON(steps.push.outputs.outputs).digest }} COSIGN_EXPERIMENTAL: false COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}