Build & Push Flyte Single Binary Images v2

[V2]Fix secret injection error in sandbox #74

Workflow file for this run

.github/workflows/flyte-binary-v2.yml at 943031e

	name: Build & Push Flyte Single Binary Images v2

	concurrency:
	group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
	cancel-in-progress: true

	on:
	push:
	branches:
	- v2
	pull_request:
	branches:
	- v2
	workflow_dispatch:

	jobs:
	test-bootstrap:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-go@v5
	with:
	go-version-file: go.mod
	- name: golangci-lint
	uses: golangci/golangci-lint-action@v3
	with:
	working-directory: docker/sandbox-bundled/bootstrap
	- name: Check formatting
	working-directory: docker/sandbox-bundled/bootstrap
	run: \|
	make check-fmt
	- name: Test
	working-directory: docker/sandbox-bundled/bootstrap
	run: \|
	make test

	build-and-push-single-binary-image:
	runs-on: ubuntu-latest
	needs: [test-bootstrap]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup Golang caches
	uses: actions/cache@v4
	with:
	path: \|
	/root/.cache/go-build
	/root/go/pkg/mod
	key: ${{ runner.os }}-golang-${{ hashFiles('go.sum') }}
	restore-keys: \|
	${{ runner.os }}-golang-
	- name: Set versions
	id: set_version
	run: \|
	# TODO: The console version should be set in config and send into Dockerfile in the future
	# echo "FLYTECONSOLE_VERSION=latest" >> $GITHUB_ENV
	echo "FLYTE_VERSION=${{ github.sha }}" >> $GITHUB_ENV
	- name: Prepare Image Names
	id: image-names
	uses: docker/metadata-action@v3
	with:
	images: \|
	ghcr.io/${{ github.repository_owner }}/flyte-binary-v2
	tags: \|
	type=raw,value=nightly,enable=${{ github.event_name == 'pull_request' && github.ref == 'refs/heads/master' }}
	type=sha,format=long
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v2
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2
	- name: Setup destination directories for image tarballs
	run: \|
	mkdir -p docker/sandbox-bundled/images/tar/{arm64,amd64}
	- name: Export ARM64 Image
	uses: docker/build-push-action@v6
	with:
	context: .
	platforms: linux/arm64
	tags: flyte-binary-v2:sandbox
	build-args: \|
	FLYTECONSOLE_VERSION=${{ env.FLYTECONSOLE_VERSION }}
	FLYTE_VERSION=${{ env.FLYTE_VERSION }}
	file: Dockerfile
	outputs: type=docker,dest=docker/sandbox-bundled/images/tar/arm64/flyte-binary.tar
	- name: Export AMD64 Image
	uses: docker/build-push-action@v6
	with:
	context: .
	platforms: linux/amd64
	tags: flyte-binary-v2:sandbox
	build-args: \|
	FLYTECONSOLE_VERSION=${{ env.FLYTECONSOLE_VERSION }}
	FLYTE_VERSION=${{ env.FLYTE_VERSION }}
	file: Dockerfile
	outputs: type=docker,dest=docker/sandbox-bundled/images/tar/amd64/flyte-binary.tar
	- name: Upload single binary image
	uses: actions/upload-artifact@v4
	with:
	name: single-binary-image
	path: docker/sandbox-bundled/images/tar
	- name: Login to GitHub Container Registry
	if: ${{ github.event_name == 'push' \|\| github.event_name == 'workflow_dispatch' }}
	uses: docker/login-action@v2
	with:
	registry: ghcr.io
	username: "${{ secrets.FLYTE_BOT_USERNAME }}"
	password: "${{ secrets.FLYTE_BOT_PAT }}"
	- name: Build and push Image
	if: ${{ github.event_name == 'push' \|\| github.event_name == 'workflow_dispatch' }}
	uses: docker/build-push-action@v6
	with:
	context: .
	platforms: linux/arm64, linux/amd64
	tags: ${{ steps.image-names.outputs.tags }}
	build-args: \|
	FLYTECONSOLE_VERSION=${{ env.FLYTECONSOLE_VERSION }}
	FLYTE_VERSION=${{ env.FLYTE_VERSION }}
	file: Dockerfile
	push: true

	build-and-push-sandbox-bundled-image:
	runs-on: ubuntu-latest
	needs: [build-and-push-single-binary-image]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- uses: actions/download-artifact@v4
	with:
	name: single-binary-image
	path: docker/sandbox-bundled/images/tar
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v2
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2
	with:
	driver-opts: image=moby/buildkit:master
	buildkitd-flags: "--allow-insecure-entitlement security.insecure"
	- name: Set version
	id: set_version
	run: \|
	echo "FLYTE_SANDBOX_VERSION=${{ github.sha }}" >> $GITHUB_ENV
	- name: Prepare Image Names
	id: image-names
	uses: docker/metadata-action@v3
	with:
	images: \|
	ghcr.io/${{ github.repository_owner }}/flyte-sandbox-v2
	tags: \|
	type=raw,value=nightly,enable=${{ github.event_name == 'push' && github.ref == 'refs/heads/v2' }}
	type=sha,format=long,
	- name: Login to GitHub Container Registry
	uses: docker/login-action@v2
	with:
	registry: ghcr.io
	username: "${{ secrets.FLYTE_BOT_USERNAME }}"
	password: "${{ secrets.FLYTE_BOT_PAT }}"
	- name: Save console image tarballs
	run: \|
	mkdir -p docker/sandbox-bundled/images/tar/amd64 docker/sandbox-bundled/images/tar/arm64
	docker pull --platform linux/amd64 ghcr.io/flyteorg/flyte-client-v2:latest
	docker save ghcr.io/flyteorg/flyte-client-v2:latest -o docker/sandbox-bundled/images/tar/amd64/flyte-client-v2.tar
	docker pull --platform linux/arm64 ghcr.io/flyteorg/flyte-client-v2:latest
	docker save ghcr.io/flyteorg/flyte-client-v2:latest -o docker/sandbox-bundled/images/tar/arm64/flyte-client-v2.tar
	- name: Build and push multi-arch image
	if: ${{ github.event_name == 'push' \|\| github.event_name == 'workflow_dispatch' }}
	uses: docker/build-push-action@v6
	with:
	context: docker/sandbox-bundled
	allow: "security.insecure"
	platforms: linux/arm64, linux/amd64
	tags: ${{ steps.image-names.outputs.tags }}
	build-args: "FLYTE_SANDBOX_VERSION=${{ env.FLYTE_SANDBOX_VERSION }}"
	push: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[V2]Fix secret injection error in sandbox #74

Workflow file

[V2]Fix secret injection error in sandbox #74

Uh oh!

Workflow file for this run