Skip to content

Commit d4751db

Browse files
nusantara-selfnusantara-self
committed
Update build.yml - Set up QEMU/Buildx only when necessary
1 parent 0cd3999 commit d4751db

File tree

1 file changed

+32
-22
lines changed

1 file changed

+32
-22
lines changed

.github/workflows/build.yml

Lines changed: 32 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -93,12 +93,6 @@ jobs:
9393
with:
9494
fetch-depth: 0
9595

96-
- name: Set up QEMU
97-
uses: docker/setup-qemu-action@v3
98-
99-
- name: Set up Docker Buildx
100-
uses: docker/setup-buildx-action@v3
101-
10296
- name: GHCR Login
10397
uses: docker/login-action@v3
10498
with:
@@ -258,19 +252,29 @@ jobs:
258252
id: set_platforms
259253
run: |
260254
NO_ARM64_DIRS="FileInfo"
261-
255+
262256
CURRENT_DIR="${{ matrix.directory }}"
263257
# Default to multi-arch
264258
PLATFORMS="linux/amd64,linux/arm64"
265-
259+
266260
# Check if CURRENT_DIR is in the NO_ARM64_DIRS list
267261
if echo "$NO_ARM64_DIRS" | grep -qw "$CURRENT_DIR"; then
268262
echo "Directory '$CURRENT_DIR' is in NO_ARM64_DIRS; limiting to linux/amd64 only."
269263
PLATFORMS="linux/amd64"
270264
fi
271-
265+
272266
echo "PLATFORMS=$PLATFORMS" >> $GITHUB_ENV
273267
268+
# Only install QEMU when we actually build AND arm64 is targeted
269+
- name: Set up QEMU
270+
if: steps.check-rebuild.outputs.rebuild == 'true' && contains(env.PLATFORMS, 'linux/arm64')
271+
uses: docker/setup-qemu-action@v3
272+
273+
# Buildx is only needed when we build (and for imagetools)
274+
- name: Set up Docker Buildx
275+
if: steps.check-rebuild.outputs.rebuild == 'true'
276+
uses: docker/setup-buildx-action@v3
277+
274278
- name: Build and push multi-arch image to GHCR
275279
if: steps.check-rebuild.outputs.rebuild == 'true'
276280
uses: docker/build-push-action@v6
@@ -300,17 +304,18 @@ jobs:
300304
org.opencontainers.image.version=${{ env.VERSION }}
301305
302306
- name: Get image digest for Trivy scan
307+
if: steps.check-rebuild.outputs.rebuild == 'true'
303308
id: get-digest
304309
run: |
305310
# Get the digest of the pushed image using buildx imagetools
306311
IMAGE_DIGEST=$(docker buildx imagetools inspect ghcr.io/${{ env.LOWER_REPO_OWNER }}/${{ env.LOWERCASE_NAME }}:${{ env.IMAGE_TAG }} 2>/dev/null | grep "^Digest:" | awk '{print $2}' || echo "")
307-
312+
308313
if [ -n "$IMAGE_DIGEST" ]; then
309314
IMAGE_DIGEST="ghcr.io/${{ env.LOWER_REPO_OWNER }}/${{ env.LOWERCASE_NAME }}@$IMAGE_DIGEST"
310315
else
311316
# Fallback: try docker inspect for RepoDigests
312317
IMAGE_DIGEST=$(docker inspect ghcr.io/${{ env.LOWER_REPO_OWNER }}/${{ env.LOWERCASE_NAME }}:${{ env.IMAGE_TAG }} --format='{{index .RepoDigests 0}}' 2>/dev/null || echo "")
313-
318+
314319
if [ -z "$IMAGE_DIGEST" ]; then
315320
# Fallback: try to get digest from local images
316321
IMAGE_DIGEST=$(docker images --digests ghcr.io/${{ env.LOWER_REPO_OWNER }}/${{ env.LOWERCASE_NAME }} --format "table {{.Repository}}:{{.Tag}}\t{{.Digest}}" | grep ":${{ env.IMAGE_TAG }}" | awk '{print $2}' | head -1)
@@ -569,12 +574,6 @@ jobs:
569574
with:
570575
fetch-depth: 0
571576

572-
- name: Set up QEMU
573-
uses: docker/setup-qemu-action@v3
574-
575-
- name: Set up Docker Buildx
576-
uses: docker/setup-buildx-action@v3
577-
578577
- name: GHCR Login
579578
uses: docker/login-action@v3
580579
with:
@@ -734,19 +733,29 @@ jobs:
734733
id: set_platforms
735734
run: |
736735
NO_ARM64_DIRS="MSDefenderOffice365"
737-
736+
738737
CURRENT_DIR="${{ matrix.directory }}"
739738
# Default to multi-arch
740739
PLATFORMS="linux/amd64,linux/arm64"
741-
740+
742741
# Check if CURRENT_DIR is in the NO_ARM64_DIRS list
743742
if echo "$NO_ARM64_DIRS" | grep -qw "$CURRENT_DIR"; then
744743
echo "Directory '$CURRENT_DIR' is in NO_ARM64_DIRS; limiting to linux/amd64 only."
745744
PLATFORMS="linux/amd64"
746745
fi
747-
746+
748747
echo "PLATFORMS=$PLATFORMS" >> $GITHUB_ENV
749748
749+
# Only install QEMU when we actually build AND arm64 is targeted
750+
- name: Set up QEMU
751+
if: steps.check-rebuild.outputs.rebuild == 'true' && contains(env.PLATFORMS, 'linux/arm64')
752+
uses: docker/setup-qemu-action@v3
753+
754+
# Buildx is only needed when we build (and for imagetools)
755+
- name: Set up Docker Buildx
756+
if: steps.check-rebuild.outputs.rebuild == 'true'
757+
uses: docker/setup-buildx-action@v3
758+
750759
- name: Build and push multi-arch image to GHCR
751760
if: steps.check-rebuild.outputs.rebuild == 'true'
752761
uses: docker/build-push-action@v6
@@ -776,17 +785,18 @@ jobs:
776785
org.opencontainers.image.version=${{ env.VERSION }}
777786
778787
- name: Get image digest for Trivy scan
788+
if: steps.check-rebuild.outputs.rebuild == 'true'
779789
id: get-digest-responder
780790
run: |
781791
# Get the digest of the pushed image using buildx imagetools
782792
IMAGE_DIGEST=$(docker buildx imagetools inspect ghcr.io/${{ env.LOWER_REPO_OWNER }}/${{ env.LOWERCASE_NAME }}:${{ env.IMAGE_TAG }} 2>/dev/null | grep "^Digest:" | awk '{print $2}' || echo "")
783-
793+
784794
if [ -n "$IMAGE_DIGEST" ]; then
785795
IMAGE_DIGEST="ghcr.io/${{ env.LOWER_REPO_OWNER }}/${{ env.LOWERCASE_NAME }}@$IMAGE_DIGEST"
786796
else
787797
# Fallback: try docker inspect for RepoDigests
788798
IMAGE_DIGEST=$(docker inspect ghcr.io/${{ env.LOWER_REPO_OWNER }}/${{ env.LOWERCASE_NAME }}:${{ env.IMAGE_TAG }} --format='{{index .RepoDigests 0}}' 2>/dev/null || echo "")
789-
799+
790800
if [ -z "$IMAGE_DIGEST" ]; then
791801
# Fallback: try to get digest from local images
792802
IMAGE_DIGEST=$(docker images --digests ghcr.io/${{ env.LOWER_REPO_OWNER }}/${{ env.LOWERCASE_NAME }} --format "table {{.Repository}}:{{.Tag}}\t{{.Digest}}" | grep ":${{ env.IMAGE_TAG }}" | awk '{print $2}' | head -1)

0 commit comments

Comments
 (0)