name: Publish Kata Containers payload for Confidential Containers on: push: tags: - 'CC\-[0-9]+.[0-9]+.[0-9]+' jobs: build-asset: runs-on: ubuntu-latest strategy: matrix: asset: - cc-cloud-hypervisor - cc-kernel - cc-qemu - cc-rootfs-image - cc-shim-v2 - cc-virtiofsd - cc-sev-kernel - cc-sev-ovmf - cc-sev-rootfs-initrd - cc-tdx-kernel - cc-tdx-rootfs-image - cc-tdx-qemu - cc-tdx-td-shim - cc-tdx-tdvf steps: - uses: actions/checkout@v3 - name: Build ${{ matrix.asset }} run: | make "${KATA_ASSET}-tarball" build_dir=$(readlink -f build) # store-artifact does not work with symlink sudo cp -r "${build_dir}" "kata-build" env: KATA_ASSET: ${{ matrix.asset }} TAR_OUTPUT: ${{ matrix.asset }}.tar.gz - name: store-artifact ${{ matrix.asset }} uses: actions/upload-artifact@v3 with: name: kata-artifacts path: kata-build/kata-static-${{ matrix.asset }}.tar.xz retention-days: 1 if-no-files-found: error create-kata-tarball: runs-on: ubuntu-latest needs: build-asset steps: - uses: actions/checkout@v3 - name: get-artifacts uses: actions/download-artifact@v3 with: name: kata-artifacts path: kata-artifacts - name: merge-artifacts run: | ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts - name: store-artifacts uses: actions/upload-artifact@v3 with: name: kata-static-tarball path: kata-static.tar.xz retention-days: 1 if-no-files-found: error kata-payload: needs: create-kata-tarball runs-on: ubuntu-latest steps: - name: Login to quay.io uses: docker/login-action@v2 with: registry: quay.io username: ${{ secrets.COCO_QUAY_DEPLOYER_USERNAME }} password: ${{ secrets.COCO_QUAY_DEPLOYER_PASSWORD }} - uses: actions/checkout@v3 - name: get-kata-tarball uses: actions/download-artifact@v3 with: name: kata-static-tarball - name: build-and-push-kata-payload id: build-and-push-kata-payload run: | ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh $(pwd)/kata-static.tar.xz