From 646e010cb7515fd578cd55fc90559b53e995dc0e Mon Sep 17 00:00:00 2001 From: Brennan Kinney <5098581+polarathene@users.noreply.github.com> Date: Thu, 9 Feb 2023 22:33:50 +1300 Subject: [PATCH] ci(fix): Temporarily avoid specifying `provenance` (#3072) * ci(fix): Temporarily avoid specifying `provenance` As the test workflow does not use the `docker-container` buildx driver, it uses the Docker Engine bundled BuildKit version which until v23 release does not support attestations. Likewise the current buildx version in CI is `0.10.0` which does not respect `--provenance false`, the presence of the option appears to trigger a BuildKit version compatibility check and fail early before it considers the value of the option. * chore: Use buildx `docker-container` driver instead An alternative solution to omitting `provenance: false` (_not supported by buildx 0.10.0 with default `docker` driver when Docker Engine bundles BuildKit less than 0.10.0, which is the case prior to the Docker Engine v23 release_). This approach provides more consistency with the build and publish workflows by using the same buildx `docker-container` driver (_and thus newer BuildKit, enabling support for `provenance: false`_). * chore: Revise test workflow inline docs Buildx `docker-container` driver is not needed here, but it does seem like it improves cache-hit ratio when building from the retrieved build cache (from the earlier build workflow). Possibly due to building with the same BuildKit version. --- .github/workflows/generic_test.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/generic_test.yml b/.github/workflows/generic_test.yml index fcedb9fc..a96b169a 100644 --- a/.github/workflows/generic_test.yml +++ b/.github/workflows/generic_test.yml @@ -34,9 +34,14 @@ jobs: path: /tmp/.buildx-cache key: cache-buildx-${{ inputs.cache-key }} + # Configures buildx to use `docker-container` driver, + # Ensures consistent BuildKit version (not coupled to Docker Engine), + # and increased compatibility of the build cache vs mixing buildx drivers. + - name: 'Set up Docker Buildx' + uses: docker/setup-buildx-action@v2.4.0 + # Importing from the cache should create the image within approx 30 seconds: - # Earlier `buildx` + `qemu` steps are not needed as no cache is exported, - # and only a single platform (AMD64) is loaded: + # NOTE: `qemu` step is not needed as we only test for AMD64. - name: 'Build AMD64 image from cache' uses: docker/build-push-action@v4.0.0 with: