Skip to content

Build PostGIS images #783

Build PostGIS images

Build PostGIS images #783

Workflow file for this run

name: Build PostGIS images
# This is the x86_64/Amd64 build worklow
on:
push:
pull_request:
schedule:
- cron: '15 5 * * *'
defaults:
run:
shell: bash
jobs:
make-docker-images:
strategy:
# We limit this to prevent overloading external servers (e.g., OSGeo, PROJ).
# Note: Include parallel Circle CI jobs when calculating the total load, as they run simultaneously!
max-parallel: 6
matrix:
include:
#
# They are created using the ./apply-ci.sh script based on the version.json file,
#
# These "--skip--" images serve as inputs for the "*-bundle" images,
# hence they must be generated within the bundle JOB.
#
#matrix-include-start
- { version: "12-3.3", variant: "alpine3.21" }
- { version: "12-3.4", variant: "alpine3.20" }
- { version: "12-3.4", variant: "alpine3.21" }
- { version: "12-3.5", variant: "alpine3.20" }
- { version: "12-3.5", variant: "alpine3.21" }
- { version: "12-3.5", variant: "bookworm" }
- { version: "12-3.5", variant: "bullseye" }
- { version: "13-3.3", variant: "alpine3.21" }
- { version: "13-3.4", variant: "alpine3.20" }
- { version: "13-3.4", variant: "alpine3.21" }
- { version: "13-3.5", variant: "alpine3.20" }
- { version: "13-3.5", variant: "alpine3.21" }
- { version: "13-3.5", variant: "bookworm" }
- { version: "13-3.5", variant: "bullseye" }
- { version: "14-3.3", variant: "alpine3.21" }
- { version: "14-3.4", variant: "alpine3.20" }
- { version: "14-3.4", variant: "alpine3.21" }
- { version: "14-3.5", variant: "alpine3.20" }
- { version: "14-3.5", variant: "alpine3.21" }
- { version: "14-3.5", variant: "bookworm" }
- { version: "14-3.5", variant: "bullseye" }
- { version: "14-l3.1.9gcp", variant: "bookworm" }
- { version: "15-3.3", variant: "alpine3.21" }
- { version: "15-3.4", variant: "alpine3.20" }
- { version: "15-3.4", variant: "alpine3.21" }
- { version: "15-3.5", variant: "alpine3.20" }
- { version: "15-3.5", variant: "alpine3.21" }
- { version: "15-3.5", variant: "bookworm" }
- { version: "15-3.5", variant: "bullseye" }
- { version: "16-3.3", variant: "alpine3.21" }
- { version: "16-3.4", variant: "alpine3.20" }
- { version: "16-3.4", variant: "alpine3.21" }
- { version: "16-3.5", variant: "alpine3.20" }
- { version: "16-3.5", variant: "alpine3.21" }
# --skip-- - { version: "16-3.5", variant: "bookworm" } --> generated with the related bundle job!
- { version: "16-3.5", variant: "bullseye" }
- { version: "16-3.5-bundle0", variant: "bookworm" }
- { version: "16-master", variant: "bookworm" }
- { version: "16-recent", variant: "bookworm" }
- { version: "17-3.4", variant: "alpine3.21" }
- { version: "17-3.5", variant: "alpine3.20" }
- { version: "17-3.5", variant: "alpine3.21" }
- { version: "17-3.5", variant: "bookworm" }
- { version: "17-3.5", variant: "bullseye" }
- { version: "17-master", variant: "bookworm" }
- { version: "17-recent", variant: "bookworm" }
#matrix-include-end
name: "${{ matrix.version }}-${{ matrix.variant }} docker image"
runs-on: ubuntu-24.04
continue-on-error: ${{ endsWith(matrix.version, '-master') }}
env:
PLATFORM: linux/amd64
DOCKER_BUILDKIT: '1'
BUILDX_PLATFORMS: linux/amd64
steps:
- name: Checkout source
uses: actions/checkout@v4
- run: pip3 install --upgrade pip
- run: pip3 install --upgrade lastversion check-jsonschema
- run: tools/install_manifest-tool.sh
- run: tools/install_dive.sh
- run: tools/environment_init.sh
- run: make check_version
- name: Check if DOCKERHUB_USERNAME exists
run: |
if [[ -z "${{ secrets.DOCKERHUB_USERNAME }}" ]]; then
echo "DOCKERHUB_USERNAME is not set"
exit 1
else
echo "DOCKERHUB_USERNAME is set"
fi
- name: Check if DOCKERHUB_ACCESS_TOKEN exists
run: |
if [[ -z "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" ]]; then
echo "DOCKERHUB_ACCESS_TOKEN is not set"
exit 1
else
echo "DOCKERHUB_ACCESS_TOKEN is set"
fi
- name: Login to dockerhub
uses: docker/login-action@v3
if: ${{ (github.ref == 'refs/heads/master') && (github.event_name != 'pull_request') }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Docker Ratelimit Check
# https://docs.docker.com/docker-hub/download-rate-limit/
run: |
TOKEN=$(curl --user "${{ secrets.DOCKERHUB_USERNAME }}:${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ratelimitpreview/test:pull" | jq -r .token)
HEADERS=$(curl --head -H "Authorization: Bearer $TOKEN" https://registry-1.docker.io/v2/ratelimitpreview/test/manifests/latest)
echo "Rate Limit Info:"
echo "$HEADERS" | grep ratelimit
- name: Check if image exists
id: check-image
run: |
source tools/environment_init.sh && \
echo "IMAGE_VERSION_ID=${IMAGE_VERSION_ID}" >> $GITHUB_ENV && \
if check_image_exists "${{ matrix.version }}-${{ matrix.variant }}${IMAGE_VERSION_ID}"; then
echo "IMAGE_EXISTS=true" >> $GITHUB_ENV
else
echo "IMAGE_EXISTS=false" >> $GITHUB_ENV
fi
- name: Weekly image exists -> exit
if: env.IMAGE_EXISTS == 'true'
run: |
echo "weekly build exists; no need to re-build. STOP"
exit 0
- name: "verify: make -n test-${{ matrix.version }}-${{ matrix.variant }} "
if: env.IMAGE_EXISTS == 'false'
run: make -n test-${{ matrix.version }}-${{ matrix.variant }}
- name: "make test-${{ matrix.version }}-${{ matrix.variant }} "
if: env.IMAGE_EXISTS == 'false'
run: make test-${{ matrix.version }}-${{ matrix.variant }}
- name: "make scan-${{ matrix.version }}-${{ matrix.variant }}"
if: env.IMAGE_EXISTS == 'false'
run: make scan-${{ matrix.version }}-${{ matrix.variant }} || true
- name: "make dive-${{ matrix.version }}-${{ matrix.variant }}"
if: env.IMAGE_EXISTS == 'false'
run: make dive-${{ matrix.version }}-${{ matrix.variant }} || true
- run: docker images
- name: Push docker image to dockerhub
if: ${{ (env.IMAGE_EXISTS == 'false') && (github.ref == 'refs/heads/master') && (github.event_name != 'pull_request') }}
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_ACCESS_TOKEN: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
run: |
make push-${{ matrix.version }}-${{ matrix.variant }}
make manifest-${{ matrix.version }}-${{ matrix.variant }}
make-readme:
name: update readme
needs: make-docker-images
runs-on: ubuntu-24.04
env:
PLATFORM: linux/amd64
DOCKER_BUILDKIT: '1'
BUILDX_PLATFORMS: linux/amd64
steps:
- name: Checkout source
uses: actions/checkout@v4
- run: pip3 install --upgrade pip
- run: pip3 install --upgrade lastversion check-jsonschema
- run: tools/install_manifest-tool.sh
- run: tools/environment_init.sh
- run: make check_version
- name: Login to dockerhub
uses: docker/login-action@v3
if: ${{ (github.ref == 'refs/heads/master') && (github.event_name != 'pull_request') }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
- name: Docker Ratelimit Check
# https://docs.docker.com/docker-hub/download-rate-limit/
run: |
TOKEN=$(curl --user "${{ secrets.DOCKERHUB_USERNAME }}:${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ratelimitpreview/test:pull" | jq -r .token)
HEADERS=$(curl --head -H "Authorization: Bearer $TOKEN" https://registry-1.docker.io/v2/ratelimitpreview/test/manifests/latest)
echo "Rate Limit Info:"
echo "$HEADERS" | grep ratelimit
- name: push readme to docker hub api
if: ${{ (github.ref == 'refs/heads/master') && (github.event_name != 'pull_request') }}
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_ACCESS_TOKEN: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
run: make push-readme