Reduce need for privileged mode a bit more #101
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| pull_request: | |
| branches: [main] | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| build: | |
| name: ${{ matrix.base }} | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| base: | |
| - debian | |
| - alpine | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 | |
| with: | |
| platforms: linux/arm64,linux/arm/v7 | |
| - name: Compute image name | |
| id: image | |
| run: | | |
| if [[ "${{ github.event_name }}" == "pull_request" ]]; then | |
| owner="${{ github.event.pull_request.head.repo.owner.login }}" | |
| repo="${{ github.event.pull_request.head.repo.name }}" | |
| else | |
| owner="${{ github.repository_owner }}" | |
| repo="${{ github.repository }}" | |
| repo="${repo##*/}" | |
| fi | |
| echo "image=ghcr.io/${owner}/${repo}" >> "$GITHUB_OUTPUT" | |
| - name: Log in to the GitHub container registry | |
| uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get tag | |
| id: get_tag | |
| run: |- | |
| if [[ "${{ github.event_name }}" = "release" ]]; then | |
| version="${{ github.event.release.tag_name}}" | |
| elif [[ "${{ github.event_name }}" = "pull_request" ]]; then | |
| version="pr-${{ github.event.pull_request.number }}" | |
| else | |
| version=${GITHUB_REF#refs/heads/} | |
| version=${version//\//-} | |
| fi | |
| echo version="$version" >> $GITHUB_OUTPUT | |
| - name: Build base image | |
| id: build-base | |
| uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 | |
| # Push is best-effort on PRs; fork tokens may lack package write access | |
| continue-on-error: ${{ github.event_name == 'pull_request' }} | |
| env: | |
| DOCKER_BUILD_SUMMARY: false | |
| DOCKER_BUILD_RECORD_UPLOAD: false | |
| with: | |
| context: ${{ matrix.base }} | |
| file: ./${{ matrix.base }}/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| target: base | |
| cache-from: type=registry,ref=${{ steps.image.outputs.image }}:cache-${{ matrix.base }} | |
| cache-to: ${{ github.event_name == 'release' && format('type=registry,ref={0}:cache-{1},mode=max', steps.image.outputs.image, matrix.base) || '' }} | |
| push: true | |
| tags: | | |
| ${{ steps.image.outputs.image }}:${{ matrix.base }}-${{ steps.get_tag.outputs.version }} | |
| - name: Build ha-addon image | |
| id: build-ha-addon | |
| uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 | |
| # Push is best-effort on PRs; fork tokens may lack package write access | |
| continue-on-error: ${{ github.event_name == 'pull_request' }} | |
| env: | |
| DOCKER_BUILD_SUMMARY: false | |
| DOCKER_BUILD_RECORD_UPLOAD: false | |
| with: | |
| context: ${{ matrix.base }} | |
| file: ./${{ matrix.base }}/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| target: ha-addon | |
| cache-from: type=registry,ref=${{ steps.image.outputs.image }}:cache-${{ matrix.base }} | |
| cache-to: ${{ github.event_name == 'release' && format('type=registry,ref={0}:cache-{1},mode=max', steps.image.outputs.image, matrix.base) || '' }} | |
| push: true | |
| tags: | | |
| ${{ steps.image.outputs.image }}:${{ matrix.base }}-ha-addon-${{ steps.get_tag.outputs.version }} | |
| # Integration test: build ESPHome on top of the base image (PR + debian only) | |
| - name: Build base image (local) | |
| if: github.event_name == 'pull_request' && matrix.base == 'debian' | |
| run: | | |
| docker build \ | |
| --target base \ | |
| -t "ghcr.io/esphome/docker-base:${{ matrix.base }}-pr-${{ github.event.pull_request.number }}" \ | |
| -f ./${{ matrix.base }}/Dockerfile \ | |
| ./${{ matrix.base }} | |
| - name: Build ha-addon image (local) | |
| if: github.event_name == 'pull_request' && matrix.base == 'debian' | |
| run: | | |
| docker build \ | |
| --target ha-addon \ | |
| -t "ghcr.io/esphome/docker-base:${{ matrix.base }}-ha-addon-pr-${{ github.event.pull_request.number }}" \ | |
| -f ./${{ matrix.base }}/Dockerfile \ | |
| ./${{ matrix.base }} | |
| - name: Clone ESPHome repository | |
| if: github.event_name == 'pull_request' && matrix.base == 'debian' | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| repository: esphome/esphome | |
| ref: dev | |
| path: esphome | |
| - name: Build ESPHome image | |
| if: github.event_name == 'pull_request' && matrix.base == 'debian' | |
| run: | | |
| docker build \ | |
| --target final \ | |
| --build-arg BUILD_TYPE=docker \ | |
| --build-arg BUILD_VERSION=ci \ | |
| --build-arg "BUILD_OS=${{ matrix.base }}" \ | |
| --build-arg "BUILD_BASE_VERSION=pr-${{ github.event.pull_request.number }}" \ | |
| -t esphome-test:latest \ | |
| -f ./esphome/docker/Dockerfile \ | |
| ./esphome | |
| - name: Compile test ESP32 config | |
| if: github.event_name == 'pull_request' && matrix.base == 'debian' | |
| run: | | |
| docker run --rm \ | |
| -v ${{ github.workspace }}/tests:/tests \ | |
| esphome-test:latest \ | |
| compile /tests/test-esp32.yaml |