mirror of
https://gitee.com/mirrors_PX4/PX4-Autopilot.git
synced 2026-04-14 10:07:39 +08:00
e4d46f20f4
The current workflow_dispatch path builds whatever HEAD of the dispatch ref
is, labels the resulting image with px4_version, and publishes. That's
fine for rebuilding current state but it cannot rebuild the exact commit
a release tag points to, because the dispatch loads the workflow file
from one ref and implicitly checks out the same ref for the build.
This matters for release recovery. When the v1.17.0-rc2 tag push failed
to publish containers back on 2026-03-13 (the v1 GHA cache protocol
removal in RunsOn v2.12.0), the tag was not re-pushed, so the only way
to publish rc2 containers now is via workflow_dispatch. Without this
change, a dispatch against release/1.17 builds release/1.17 HEAD and
labels it v1.17.0-rc2, which produces a container whose contents do not
match the rc2 tag's actual code. That is not a faithful recovery.
Add a build_ref input that controls only the checkout ref, defaulting
to empty which falls back to github.ref (preserving current behavior
for both push events and dispatches that omit the input). With this,
a release recovery looks like:
gh workflow run dev_container.yml --repo PX4/PX4-Autopilot \
--ref release/1.17 \
-f px4_version=v1.17.0-rc2 \
-f build_ref=v1.17.0-rc2 \
-f deploy_to_registry=true
The workflow loads from release/1.17 HEAD (which has the cache fix
from 39b0568 and the hardening from d74db56a), but the build uses
Tools/setup/Dockerfile from the rc2 tag. The published image has
rc2 contents under the rc2 label, as if the original tag push had
worked.
All three actions/checkout steps (setup, build, deploy) take the same
ref expression so every job sees a consistent workspace. Non-dispatch
events (push, PR) evaluate github.event.inputs.build_ref to empty and
fall back to github.ref exactly as before.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
204 lines
7.7 KiB
YAML
204 lines
7.7 KiB
YAML
name: Container build
|
||
|
||
on:
|
||
push:
|
||
branches:
|
||
- 'main'
|
||
- 'stable'
|
||
- 'beta'
|
||
- 'release/**'
|
||
tags:
|
||
- 'v*'
|
||
pull_request:
|
||
branches:
|
||
- '**'
|
||
paths:
|
||
- '.github/workflows/dev_container.yml'
|
||
- 'Tools/setup/ubuntu.sh'
|
||
- 'Tools/setup/requirements.txt'
|
||
- 'Tools/setup/Dockerfile'
|
||
- 'Tools/setup/docker-entrypoint.sh'
|
||
workflow_dispatch:
|
||
inputs:
|
||
px4_version:
|
||
description: 'Container tag (e.g. v1.16.0)'
|
||
required: true
|
||
type: string
|
||
build_ref:
|
||
description: 'Git ref to build from (branch, tag, or SHA). Leave empty to build from the dispatch ref.'
|
||
required: false
|
||
type: string
|
||
default: ''
|
||
deploy_to_registry:
|
||
description: 'Whether to push built images to the registry'
|
||
required: false
|
||
type: boolean
|
||
default: false
|
||
|
||
concurrency:
|
||
group: ${{ github.workflow }}-${{ github.ref }}
|
||
cancel-in-progress: true
|
||
|
||
jobs:
|
||
setup:
|
||
name: Set Tags and Variables
|
||
permissions:
|
||
contents: read
|
||
runs-on: [runs-on,"runner=1cpu-linux-x64","image=ubuntu24-full-x64","run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
|
||
outputs:
|
||
px4_version: ${{ steps.px4_version.outputs.px4_version }}
|
||
meta_tags: ${{ steps.meta.outputs.tags }}
|
||
meta_labels: ${{ steps.meta.outputs.labels }}
|
||
steps:
|
||
- uses: runs-on/action@v2
|
||
- uses: actions/checkout@v5
|
||
with:
|
||
ref: ${{ github.event.inputs.build_ref || github.ref }}
|
||
fetch-tags: true
|
||
submodules: false
|
||
fetch-depth: 0
|
||
|
||
# If manual dispatch, take the user‐provided input
|
||
- name: Set PX4 Tag Version
|
||
id: px4_version
|
||
run: |
|
||
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
|
||
echo "px4_version=${{ github.event.inputs.px4_version }}" >> $GITHUB_OUTPUT
|
||
else
|
||
echo "px4_version=$(git describe --tags --match 'v[0-9]*')" >> $GITHUB_OUTPUT
|
||
fi
|
||
|
||
- name: Extract metadata (tags, labels) for Docker
|
||
id: meta
|
||
uses: docker/metadata-action@v6
|
||
with:
|
||
images: |
|
||
ghcr.io/PX4/px4-dev
|
||
px4io/px4-dev
|
||
tags: |
|
||
type=raw,enable=true,value=${{ steps.px4_version.outputs.px4_version }},priority=1000
|
||
|
||
build:
|
||
name: Build Container (${{ matrix.arch }})
|
||
permissions:
|
||
contents: read
|
||
packages: write
|
||
needs: setup
|
||
strategy:
|
||
matrix:
|
||
include:
|
||
- platform: linux/arm64
|
||
arch: arm64
|
||
runner: arm64
|
||
- platform: linux/amd64
|
||
arch: amd64
|
||
runner: x64
|
||
runs-on: [runs-on,"runner=4cpu-linux-${{ matrix.runner }}","image=ubuntu24-full-${{ matrix.runner }}","run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
|
||
steps:
|
||
- uses: runs-on/action@v2
|
||
- uses: actions/checkout@v5
|
||
with:
|
||
ref: ${{ github.event.inputs.build_ref || github.ref }}
|
||
fetch-tags: true
|
||
submodules: false
|
||
fetch-depth: 0
|
||
|
||
- name: Login to Docker Hub
|
||
uses: docker/login-action@v4
|
||
if: ${{ startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry) }}
|
||
with:
|
||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||
|
||
- name: Login to GitHub Container Registry
|
||
uses: docker/login-action@v4
|
||
if: ${{ startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry) }}
|
||
with:
|
||
registry: ghcr.io
|
||
username: ${{ github.actor }}
|
||
password: ${{ secrets.GITHUB_TOKEN }}
|
||
|
||
- name: Set up Docker Buildx
|
||
uses: docker/setup-buildx-action@v4
|
||
with:
|
||
driver: docker-container
|
||
platforms: ${{ matrix.platform }}
|
||
|
||
- name: Build and Load Container Image
|
||
uses: docker/build-push-action@v7
|
||
id: docker
|
||
with:
|
||
context: Tools/setup
|
||
tags: |
|
||
ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-${{ matrix.arch }}
|
||
px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-${{ matrix.arch }}
|
||
labels: ${{ needs.setup.outputs.meta_labels }}
|
||
platforms: ${{ matrix.platform }}
|
||
load: false
|
||
push: ${{ startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry) }}
|
||
provenance: false
|
||
cache-from: type=gha,scope=${{ matrix.arch }}
|
||
cache-to: type=gha,mode=max,scope=${{ matrix.arch }},ignore-error=true
|
||
|
||
deploy:
|
||
name: Deploy To Registry
|
||
permissions:
|
||
contents: read
|
||
packages: write
|
||
runs-on: [runs-on,"runner=4cpu-linux-x64","image=ubuntu24-full-x64","run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
|
||
needs: [build, setup]
|
||
if: |
|
||
!cancelled() &&
|
||
needs.setup.result == 'success' &&
|
||
(startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry == 'true'))
|
||
steps:
|
||
- uses: runs-on/action@v2
|
||
- uses: actions/checkout@v5
|
||
with:
|
||
ref: ${{ github.event.inputs.build_ref || github.ref }}
|
||
fetch-tags: true
|
||
submodules: false
|
||
fetch-depth: 0
|
||
|
||
- name: Login to Docker Hub
|
||
uses: docker/login-action@v4
|
||
with:
|
||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||
|
||
- name: Login to GitHub Container Registry
|
||
uses: docker/login-action@v4
|
||
with:
|
||
registry: ghcr.io
|
||
username: ${{ github.actor }}
|
||
password: ${{ secrets.GITHUB_TOKEN }}
|
||
|
||
- name: Verify Images Exist Before Creating Manifest
|
||
run: |
|
||
docker manifest inspect px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64
|
||
docker manifest inspect px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64
|
||
docker manifest inspect ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64
|
||
docker manifest inspect ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64
|
||
|
||
- name: Create and Push Multi-Arch Manifest for Docker Hub
|
||
run: |
|
||
docker manifest create px4io/px4-dev:${{ needs.setup.outputs.px4_version }} \
|
||
--amend px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64 \
|
||
--amend px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64
|
||
|
||
docker manifest annotate px4io/px4-dev:${{ needs.setup.outputs.px4_version }} px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64 --arch arm64
|
||
docker manifest annotate px4io/px4-dev:${{ needs.setup.outputs.px4_version }} px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64 --arch amd64
|
||
|
||
docker manifest push px4io/px4-dev:${{ needs.setup.outputs.px4_version }}
|
||
|
||
- name: Create and Push Multi-Arch Manifest for GHCR
|
||
run: |
|
||
docker manifest create ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }} \
|
||
--amend ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64 \
|
||
--amend ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64
|
||
|
||
docker manifest annotate ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }} ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64 --arch arm64
|
||
docker manifest annotate ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }} ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64 --arch amd64
|
||
|
||
docker manifest push ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}
|