Go to file
2024-05-17 18:25:46 +02:00
.github Bump actions/checkout from 4.1.5 to 4.1.6 in the all group 2024-05-17 16:24:06 +00:00
action.yml add dependabot config, ci job and general cleanup 2023-07-11 11:41:31 +02:00
go.mod upgrade to go1.22 2024-03-27 17:50:09 +01:00
LICENSE Initial commit 2021-04-28 21:13:37 -04:00
main.go Initial commit 2021-04-28 21:13:37 -04:00
README.md add dependabot config, ci job and general cleanup 2023-07-11 11:41:31 +02:00

GitHub Action to install and setup ko

Build

⚠️ Note: ko recently moved to its own GitHub org, which broke setup-ko@v0.5 if the ko version wasn't specified.

To fix this, either upgrade to setup-ko@v0.6 or specify version

Example usage

name: Publish

on:
  push:
    branches: ['main']

jobs:
  publish:
    name: Publish
    runs-on: ubuntu-latest
    steps:
      - uses: actions/setup-go@v4
        with:
          go-version: '1.20.x'
      - uses: actions/checkout@v3

      - uses: ko-build/setup-ko@v0.6
      - run: ko build

That's it! This workflow will build and publish your code to GitHub Container Regsitry.

By default, the action sets KO_DOCKER_REPO=ghcr.io/[owner]/[repo] for all subsequent steps, and uses the ${{ github.token }} to authorize pushes to GHCR.

See documentation for ko to learn more about configuring ko.

The action works on Linux and macOS runners. If you'd like support for Windows runners, let us know!

Select ko version to install

By default, ko-build/setup-ko installs the latest released version of ko.

You can select a version with the version parameter:

- uses: ko-build/setup-ko@v0.6
  with:
    version: v0.14.1

To build and install ko from source using go install, specify version: tip.

Pushing to other registries

By default, ko-build/setup-ko configures ko to push images to GitHub Container Registry, but you can configure it to push to other registries as well.

If KO_DOCKER_REPO is already set when setup-ko runs, it will skip logging in to ghcr.io and will propagate KO_DOCKER_REPO for subsequent steps.

To do this, you should provide credentials to authorize the push. You can use encrypted secrets to store the authorization token, and pass it to ko login before pushing:

steps:
...
- uses: ko-build/setup-ko@v0.6
  env:
    KO_DOCKER_REPO: my.registry/my-repo
- env:
    auth_token: ${{ secrets.auth_token }}
  run: |
    echo "${auth_token}" | ko login https://my.registry --username my-username --password-stdin
    ko build    

Release Integration

In addition to publishing images, ko can produce YAML files containing references to built images, using ko resolve

With this action, you can use ko resolve to produce output YAML that you then attach to a GitHub Release using the GitHub CLI. For example:

name: Publish Release YAML

on:
  release:
    types:
      - 'created'

jobs:
  publish-release-yaml:
    name: Publish Release YAML
    runs-on: ubuntu-latest
    steps:
      - uses: actions/setup-go@v4
        with:
          go-version: '1.20'
      - uses: actions/checkout@v3
      - uses: ko-build/setup-ko@v0.6

      - name: Generate and upload release.yaml
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          tag=$(echo ${{ github.ref }} | cut -c11-)  # get tag name without tags/refs/ prefix.
          ko resolve -t ${tag} -f config/ > release.yaml
          gh release upload ${tag} release.yaml          

A note on versioning

The @v0.X in the uses statement refers to the version of the action definition in this repo.

Regardless of what version of the action definition you use, ko-build/setup-ko will install the latest released version of ko unless otherwise specified with version:.