From 4dda9bc864b3fcc807e85b6fab952d1fce9540ae Mon Sep 17 00:00:00 2001 From: "Dylan M. Taylor" Date: Tue, 20 Feb 2024 14:03:20 -0500 Subject: [PATCH] feat: leverage retry-action to increase reliability of builds. (#503) --- .github/workflows/build.yml | 45 +++++++++++++++++++++---------------- 1 file changed, 26 insertions(+), 19 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f1dd1282..43a53b2f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -147,15 +147,18 @@ jobs: - name: Get current version id: labels - shell: bash - run: | - set -eo pipefail - ver=$(skopeo inspect docker://quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.major_version }} | jq -r '.Labels["org.opencontainers.image.version"]') - if [ -z "$ver" ] || [ "null" = "$ver" ]; then - echo "inspected image version must not be empty or null" - exit 1 - fi - echo "VERSION=$ver" >> $GITHUB_OUTPUT + uses: Wandalen/wretry.action@v1.4.4 + with: + attempt_limit: 3 + attempt_delay: 15000 + command: | + set -eo pipefail + ver=$(skopeo inspect docker://quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.major_version }} | jq -r '.Labels["org.opencontainers.image.version"]') + if [ -z "$ver" ] || [ "null" = "$ver" ]; then + echo "inspected image version must not be empty or null" + exit 1 + fi + echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV # Generate image metadata - name: Image Metadata @@ -166,7 +169,7 @@ jobs: ${{ env.IMAGE_NAME }} labels: | org.opencontainers.image.title=${{ env.IMAGE_NAME }} - org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }} + org.opencontainers.image.version=${{ env.SOURCE_IMAGE_VERSION }} org.opencontainers.image.description=A base Universal Blue ${{ matrix.image_name }} image with batteries included io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4 @@ -201,20 +204,24 @@ jobs: string: ${{ env.IMAGE_REGISTRY }} - name: Push To GHCR - uses: redhat-actions/push-to-registry@v2 + uses: Wandalen/wretry.action@v1.4.4 id: push if: github.event_name != 'pull_request' env: REGISTRY_USER: ${{ github.actor }} REGISTRY_PASSWORD: ${{ github.token }} with: - image: ${{ steps.build_image.outputs.image }} - tags: ${{ steps.build_image.outputs.tags }} - registry: ${{ steps.registry_case.outputs.lowercase }} - username: ${{ env.REGISTRY_USER }} - password: ${{ env.REGISTRY_PASSWORD }} - extra-args: | - --disable-content-trust + action: redhat-actions/push-to-registry@v2 + attempt_limit: 3 + attempt_delay: 15000 + with: | + image: ${{ steps.build_image.outputs.image }} + tags: ${{ steps.build_image.outputs.tags }} + registry: ${{ steps.registry_case.outputs.lowercase }} + username: ${{ env.REGISTRY_USER }} + password: ${{ env.REGISTRY_PASSWORD }} + extra-args: | + --disable-content-trust - name: Login to GitHub Container Registry uses: docker/login-action@v3 @@ -233,7 +240,7 @@ jobs: run: | cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS} env: - TAGS: ${{ steps.push.outputs.digest }} + TAGS: ${{ steps.push.outputs.outputs && fromJSON(steps.push.outputs.outputs).digest }} COSIGN_EXPERIMENTAL: false COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}