ci(deps): bump docker/setup-buildx-action from 3 to 4 #150

Workflow file for this run

.github/workflows/build-docker-images.yml at 4958222

	name: Docker Images For Repo Handling
	on:
	push:
	branches:
	- main
	workflow_dispatch:
	schedule:
	- cron: '30 3 * * *' # Scheduled runs every day at 3:30am UTC

	permissions:
	contents: write
	actions: write
	packages: write

	env:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	REGISTRY: ghcr.io/${{ github.repository_owner }}

	jobs:
	setup-matrix:
	name: "Generate build matrix"
	runs-on: ubuntu-latest
	outputs:
	matrix: ${{ steps.generate-matrix.outputs.matrix }}
	images: ${{ steps.generate-matrix.outputs.images }}
	steps:
	- name: Checkout Armbian build framework
	uses: actions/checkout@v4
	with:
	repository: armbian/build
	ref: main
	path: armbian-build

	- name: Generate matrix from distributions
	id: generate-matrix
	run: \|
	MATRIX="{\"include\":["
	IMAGES=""

	# Process each distribution
	for dist_file in armbian-build/config/distributions/*/support; do
	[ -f "$dist_file" ] \|\| continue

	dist_dir=$(dirname "$dist_file")
	release=$(basename "$dist_dir")

	# Skip distribution if marked as EOS (End of Service)
	if grep -qi "eos" "$dist_file"; then
	echo "::debug::Skipping $release - marked as EOS"
	continue
	fi

	# Skip manually disabled releases
	if [[ "$release" == "sid" ]] \|\| [[ "$release" == "forky" ]]; then
	echo "::notice::Skipping $release - manually disabled"
	continue
	fi

	# Get distribution name and family
	dist_name_file="$dist_dir/name"
	if [ ! -f "$dist_name_file" ]; then
	echo "::warning::No name file for $release, skipping"
	continue
	fi

	dist_name=$(cat "$dist_name_file" \| head -n1 \| tr -d ' \n')

	# Determine base image based on distribution name
	# Format: "Ubuntu noble 24.04", "Debian 12 Bookworm", "Ubuntu resolute 26.04"
	case "$dist_name" in
	[Dd]ebian*)
	base_image="debian:$release"
	;;
	[Uu]buntu*)
	base_image="ubuntu:$release"
	;;
	*)
	echo "::warning::Unknown distribution family $dist_name for $release, skipping"
	continue
	;;
	esac

	# Get architectures file
	arch_file="$dist_dir/architectures"
	if [ ! -f "$arch_file" ]; then
	echo "::warning::No architectures file for $release, skipping"
	continue
	fi

	# Read architectures (comma-separated on one line or one per line)
	arch_list=$(cat "$arch_file" \| tr -d ' \n' \| tr ',' ' ')
	for arch in $arch_list; do
	# Skip comments and empty lines
	[[ "$arch" =~ ^#.*$ ]] && continue
	[ -z "$arch" ] && continue

	# Map Armbian architecture to Docker platform
	case "$arch" in
	amd64)
	docker_platform="linux/amd64"
	;;
	arm64)
	docker_platform="linux/arm64"
	;;
	riscv64)
	docker_platform="linux/riscv64"
	;;
	armhf)
	echo "::debug::Skipping $arch - fragile. Will use in the future or drop entirely"
	continue
	;;
	*)
	echo "::warning::Unknown architecture $arch, skipping"
	continue
	;;
	esac

	# Add to matrix
	if [ -n "$MATRIX_CONTENT" ]; then
	MATRIX_CONTENT+=","
	fi

	MATRIX_CONTENT+="{\"release\":\"$release\",\"arch\":\"$arch\",\"docker_platform\":\"$docker_platform\",\"base_image\":\"$base_image\"}"

	# Add to images list for summary
	if [ -n "$IMAGES" ]; then
	IMAGES+=", "
	fi
	IMAGES+="$release-$arch"
	done

	done

	if [ -z "$MATRIX_CONTENT" ]; then
	echo "::error::No supported distributions found with valid architectures"
	echo "matrix={\"include\":[]}" >> $GITHUB_OUTPUT
	exit 1
	fi

	MATRIX="${MATRIX}${MATRIX_CONTENT}]}"

	echo "matrix=$MATRIX" >> $GITHUB_OUTPUT
	echo "images=$IMAGES" >> $GITHUB_OUTPUT

	echo "::notice::Generated matrix for $IMAGES"
	echo "::debug::$MATRIX"

	build-images:
	name: "Build ${{ matrix.release }}-${{ matrix.arch }}"
	needs: setup-matrix
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }}

	steps:
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v4

	- name: Log in to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Create Dockerfile
	run: \|
	cat > Dockerfile <<'DOCKEREOF'
	FROM ${{ matrix.base_image }}

	ENV ARCH=${{ matrix.arch }} \
	DEBIAN_FRONTEND=noninteractive

	# Create docker group and armbian user early (before package installations)
	RUN groupadd docker && \
	useradd -m -s /bin/bash armbian

	# Install essential packages
	RUN apt-get update && apt-get install -y \
	wget \
	gnupg \
	dirmngr \
	ca-certificates \
	unzip \
	rsync \
	openssh-client \
	xz-utils \
	bzip2 \
	git \
	curl \
	jq \
	sudo \
	expect \
	lsb-release \
	iproute2 \
	figlet \
	pv \
	tree \
	systemd-sysv \
	containerd \
	iptables \
	apparmor \
	python3-yaml \
	procps \
	udev \
	&& rm -rf /var/lib/apt/lists/*

	# Install Aptly. aptly-dev publishes Linux binaries for amd64,
	# arm64 and armhf (named 'arm'); riscv64 has no upstream
	# release — fall back to the distro's aptly package there.
	RUN APTLY_VERSION="1.6.2" && \
	DEB_ARCH="$(dpkg --print-architecture)" && \
	case "$DEB_ARCH" in \
	amd64) APTLY_ARCH="amd64" ;; \
	arm64) APTLY_ARCH="arm64" ;; \
	armhf) APTLY_ARCH="arm" ;; \
	*) APTLY_ARCH="" ;; \
	esac && \
	if [ -n "$APTLY_ARCH" ]; then \
	wget -q https://github.com/aptly-dev/aptly/releases/download/v${APTLY_VERSION}/aptly_${APTLY_VERSION}_linux_${APTLY_ARCH}.zip && \
	unzip -q aptly_${APTLY_VERSION}_linux_${APTLY_ARCH}.zip && \
	mv aptly_${APTLY_VERSION}_linux_${APTLY_ARCH}/aptly /usr/local/bin/ && \
	rm -rf aptly_${APTLY_VERSION}_linux_${APTLY_ARCH} \
	aptly_${APTLY_VERSION}_linux_${APTLY_ARCH}.zip; \
	else \
	apt-get update && \
	apt-get install -y aptly && \
	rm -rf /var/lib/apt/lists/*; \
	fi && \
	aptly version

	# Install appropriate keyring based on container type
	RUN if grep -q "debian" /etc/os-release; then \
	apt-get update && \
	apt-get install -y debian-keyring && \
	rm -rf /var/lib/apt/lists/*; \
	elif grep -q "ubuntu" /etc/os-release; then \
	apt-get update && \
	apt-get install -y ubuntu-keyring && \
	rm -rf /var/lib/apt/lists/*; \
	fi

	# Install GitHub CLI
	RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg \| \
	dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg && \
	chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg && \
	echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" > /etc/apt/sources.list.d/github-cli.list && \
	apt-get update && \
	apt-get install -y gh && \
	rm -rf /var/lib/apt/lists/*

	# Add Armbian stable repository
	RUN curl -fsSL http://apt.armbian.com/armbian.key \| gpg --dearmor -o /usr/share/keyrings/armbian-archive-keyring.gpg && \
	chmod go+r /usr/share/keyrings/armbian-archive-keyring.gpg && \
	echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/armbian-archive-keyring.gpg] http://apt.armbian.com ${{ matrix.release }} main ${{ matrix.release }}-utils ${{ matrix.release }}-desktop" > /etc/apt/sources.list.d/armbian.list && \
	apt-get update && \
	rm -rf /var/lib/apt/lists/*

	# Add armbian to docker group and configure sudo
	RUN usermod -aG docker armbian && \
	echo "armbian ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/armbian && \
	chmod 0440 /etc/sudoers.d/armbian

	# NOTE: Don't set USER here. Running as root allows GitHub Actions to work properly.
	# The workflow can switch to 'armbian' user when needed using: su - armbian -c 'command'
	WORKDIR /workspace

	CMD ["/bin/bash"]
	DOCKEREOF

	- name: Build image
	uses: docker/build-push-action@v7
	with:
	context: .
	file: ./Dockerfile
	platforms: ${{ matrix.docker_platform }}
	tags: \|
	${{ env.REGISTRY }}/repository-update:${{ matrix.release }}-${{ matrix.arch }}
	cache-from: type=gha
	cache-to: type=gha,mode=max
	push: true
	load: false

	- name: Image built
	run: \|
	echo "::notice::Built armbian/repository-update:${{ matrix.release }}-${{ matrix.arch }}"
	echo "::notice::Pushed to registry"

	summary:
	name: "Build Summary"
	needs: [setup-matrix, build-images]
	runs-on: ubuntu-latest
	if: always()
	steps:
	- name: Generate summary from matrix
	run: \|
	echo '# Docker Images Built' >> $GITHUB_STEP_SUMMARY
	echo '' >> $GITHUB_STEP_SUMMARY
	echo '\| Release \| Arch \| Platform \| Image \|' >> $GITHUB_STEP_SUMMARY
	echo '\|---------\|------\|----------\|-------\|' >> $GITHUB_STEP_SUMMARY

	# Parse images from setup-matrix output
	images="${{ needs.setup-matrix.outputs.images }}"
	if [ -n "$images" ]; then
	IFS=', ' read -ra IMAGE_ARRAY <<< "$images"
	for img in "${IMAGE_ARRAY[@]}"; do
	# Parse "release-arch" format
	release="${img%-*}"
	arch="${img#*-}"

	# Determine platform
	case "$arch" in
	amd64) platform="linux/amd64" ;;
	arm64) platform="linux/arm64" ;;
	riscv64) platform="linux/riscv64" ;;
	*) platform="unknown" ;;
	esac

	echo "\| $release \| $arch \| $platform \| ${{ env.REGISTRY }}/repository-update:$img \|" >> $GITHUB_STEP_SUMMARY
	done
	else
	echo "\| No images built \| \| \|" >> $GITHUB_STEP_SUMMARY
	fi

	echo '' >> $GITHUB_STEP_SUMMARY
	echo '✅ Images pushed to GitHub Container Registry' >> $GITHUB_STEP_SUMMARY

	keepalive:
	if: ${{ github.repository_owner == 'armbian' }}
	name: Keep Alive
	needs: summary
	runs-on: ubuntu-latest
	permissions:
	actions: write
	steps:
	- uses: actions/checkout@v4
	- uses: liskin/gh-workflow-keepalive@v1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

ci(deps): bump docker/setup-buildx-action from 3 to 4 #150

Workflow file

ci(deps): bump docker/setup-buildx-action from 3 to 4 #150

Uh oh!

Workflow file for this run