Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[FEATURE] tags field should be a YAML list not a space separated list #146

Open
Nicolas-Peiffer opened this issue Jan 9, 2025 · 0 comments
Labels
enhancement New feature or request

Comments

@Nicolas-Peiffer
Copy link

Nicolas-Peiffer commented Jan 9, 2025

Is your feature request related to a problem? Please describe.

In the Github Action YAML configuration file, the tags field should be a YAML list, not a space separated list.
Indeed, YAML natively supports lists, so there is no reason to use a space separated list, other than not changing the source code which parses this YAML configuration.

Related issues:

Describe the solution you'd like

Use the list native support of YAML:

      - name: Build the container image
        id: buildah-build
        uses: redhat-actions/buildah-build@v1
        with:
          image-name: ${{ steps.set-oci-image-url.outputs.oci_image_url }}
          containerfile: ${{ env.BASE_CONTAINERFILE_NAME }}
          tags:
            - ${{ github.sha }}
            - tag1
            - tag2
            - tag3
          oci: true

instead of a space separated list:

      - name: Build the container image
        id: buildah-build
        uses: redhat-actions/buildah-build@v1
        with:
          image-name: ${{ steps.set-oci-image-url.outputs.oci_image_url }}
          containerfile: ${{ env.BASE_CONTAINERFILE_NAME }}
          tags: ${{ github.sha }} tag1 tag2 tag3
          oci: true

Describe alternatives you've considered

I have a situation where I need to tag an OCI image with a list of multiple tags which are actualy Github Action variable from other steps of my job.

Below is an example of what 13 tags in a Github Action recipe could looks like:

tags:
  - ${{ github.sha }}
  - golang-${{ steps.extract.outputs.golang_version }}
  - goreleaser-${{ steps.extract.outputs.goreleaser_version }}
  - cosign-${{ steps.extract.outputs.cosign_version }}
  - ko-${{ steps.extract.outputs.ko_version }}
  - trivy-${{ steps.extract.outputs.trivy_version }}
  - syft-${{ steps.extract.outputs.syft_version }}
  - golang-${{ steps.extract.outputs.golang_version }}-${{ steps.extract.outputs.debian_version}}
  - goreleaser-${{ steps.extract.outputs.goreleaser_version }}-${{ steps.extract.outputs.debian_version}}
  - cosign-${{ steps.extract.outputs.cosign_version }}-${{ steps.extract.outputs.debian_version}}
  - ko-${{ steps.extract.outputs.ko_version }}-${{ steps.extract.outputs.debian_version}}
  - trivy-${{ steps.extract.outputs.trivy_version }}-${{ steps.extract.outputs.debian_version}}
  - syft-${{ steps.extract.outputs.syft_version }}-${{ steps.extract.outputs.debian_version}}

With 13 tags like this, it is not convenient to maintain a space separated list.
If I take the same 13 tags above and convert this list into a single oneliner like below, this becomes unreadable and unmaintable.

golang-${{ steps.extract.outputs.golang_version }} goreleaser-${{ steps.extract.outputs.goreleaser_version }} cosign-${{ steps.extract.outputs.cosign_version }} ko-${{ steps.extract.outputs.ko_version }} trivy-${{ steps.extract.outputs.trivy_version }} syft-${{ steps.extract.outputs.syft_version }} golang-${{ steps.extract.outputs.golang_version }}-${{ steps.extract.outputs.debian_version}} goreleaser-${{ steps.extract.outputs.goreleaser_version }}-${{ steps.extract.outputs.debian_version}} cosign-${{ steps.extract.outputs.cosign_version }}-${{ steps.extract.outputs.debian_version}} ko-${{ steps.extract.outputs.ko_version }}-${{ steps.extract.outputs.debian_version}} trivy-${{ steps.extract.outputs.trivy_version }}-${{ steps.extract.outputs.debian_version}} syft-${{ steps.extract.outputs.syft_version }}-${{ steps.extract.outputs.debian_version}}

How does docker do for their own docker action?

Below is an example of how docker/metadata-action handle the tags.
They do not rely on a YAML list. However, it is easier to write tags on multilines. Check the full example here.

This below is more readable than a single oneliner.

      - name: Container metadata and tags
        id: metadata
        uses: docker/metadata-action@v5
        with:
          # image name may contain lowercase letters, digits and separators https://github.com/docker/metadata-action/tree/v5/?tab=readme-ov-file#image-name-and-tag-sanitization
          images: ${{ steps.set-oci-image-url.outputs.oci_image_url }}
          tags: |
            type=ref,event=branch
            # use tools version as tags
            type=raw,value=golang-${{ steps.extract.outputs.golang_version }}
            type=raw,value=goreleaser-${{ steps.extract.outputs.goreleaser_version }}
            type=raw,value=cosign-${{ steps.extract.outputs.cosign_version }}
            type=raw,value=ko-${{ steps.extract.outputs.ko_version }}
            type=raw,value=trivy-${{ steps.extract.outputs.trivy_version }}
            type=raw,value=syft-${{ steps.extract.outputs.syft_version }}

            type=raw,value=golang-${{ steps.extract.outputs.golang_version }}-${{ steps.extract.outputs.debian_version}}
            type=raw,value=goreleaser-${{ steps.extract.outputs.goreleaser_version }}-${{ steps.extract.outputs.debian_version}}
            type=raw,value=cosign-${{ steps.extract.outputs.cosign_version }}-${{ steps.extract.outputs.debian_version}}
            type=raw,value=ko-${{ steps.extract.outputs.ko_version }}-${{ steps.extract.outputs.debian_version}}
            type=raw,value=trivy-${{ steps.extract.outputs.trivy_version }}-${{ steps.extract.outputs.debian_version}}
            type=raw,value=syft-${{ steps.extract.outputs.syft_version }}-${{ steps.extract.outputs.debian_version}}

            # minimal (short sha)
            type=sha
            # full length sha
            type=sha,format=long

Additional context

In redhat-actions/buildah-build, there is a tags field which is a space separated list. Source:

tags: A space-separated list of the tags that were applied to the new image.

It is the same for redhat-actions/push-to-registry:

| tags | The tag or tags of the image or manifest to push. For multiple tags, separate by whitespace. Refer to [Image and Tag Inputs](https://github.com/redhat-actions/push-to-registry#image-tag-inputs). | `latest`

My motivation ?

Kaniko deprecation

The deprecation of Kaniko is a motivation to replace Kaniko with podman and buildah.

Use podman rather than docker

Why not use docker since it is available in Ubuntu actions/runner-images?

Because my workflow is using podman.

And because Podman, skopeo and Buildah are all available in Github Actio Ubuntu 24.04 image.

Why not use docker github actions like docker/metadata-action?

Because I do not want to mix Github Action that rely on the docker CLI client with Github Actions that rely on podman and buildah.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

1 participant