name: "Mirror Test Image" on: workflow_dispatch: inputs: upstream: description: "Upstream image to mirror" required: true default: "docker.io/library/busybox:1.32" image: description: "Target image name (override)" permissions: # added using https://github.com/step-security/secure-workflows contents: read jobs: mirror: name: "Mirror Image" runs-on: ubuntu-latest timeout-minutes: 30 permissions: packages: write defaults: run: working-directory: src/github.com/containerd/containerd steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: path: src/github.com/containerd/containerd - uses: ./src/github.com/containerd/containerd/.github/actions/install-go - name: Set env shell: bash run: | echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV echo "${{ github.workspace }}/bin" >> $GITHUB_PATH - name: Install containerd dependencies env: GOFLAGS: -modcacherw run: | sudo apt-get install -y gperf sudo -E PATH=$PATH script/setup/install-seccomp - name: Install containerd env: CGO_ENABLED: 1 run: | make binaries GO_BUILD_FLAGS="-mod=vendor" GO_BUILDTAGS="no_btrfs" sudo -E PATH=$PATH make install - name: Pull and push image shell: bash run: | sudo containerd -l debug & > /tmp/containerd.out containerd_pid=$! sleep 5 upstream=${{ github.event.inputs.upstream }} target=${{ github.event.inputs.image }} if [[ "$target" == "" ]]; then mirror="ghcr.io/containerd/${upstream##*/}" else mirror="ghcr.io/containerd/${target}" fi echo "Mirroring $upstream to $mirror" sudo ctr content fetch --all-platforms ${upstream} sudo ctr images ls sudo ctr --debug images push -u ${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} ${mirror} ${upstream} sudo kill $containerd_pid