Refactor container infrastructure (#5)

* Refactor container infrastructure * Add retention action
bounverif · Nov 29, 2024 · 4f2e228 · 4f2e228
1 parent fe1dac3
commit 4f2e228
Show file tree

Hide file tree

Showing 10 changed files with 277 additions and 249 deletions.
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -1,11 +1,7 @@
 // For format details, see https://aka.ms/devcontainer.json.
 {
   "name": "rvstd",
-  // Sets the run context to one level up instead of the .devcontainer folder.
-  "context": "..",
-  // Update the 'dockerFile' property if you aren't using the standard 'Dockerfile' filename.
-  "dockerFile": "./Dockerfile",
-  // Set *default* container specific settings.json values on container create.
+  "image": "ghcr.io/bounverif/rvstd:latest-devel",
   "customizations": {
     "vscode": {
       "extensions": [
@@ -24,10 +20,10 @@
           "--header-insertion-decorators",
           "--clang-tidy",
           "--all-scopes-completion",
-          "--compile-commands-dir=/tmp/${localWorkspaceFolderBasename}/build/default"
+          "--compile-commands-dir=/tmp/rvstd/build/default"
         ],
         "gcovViewer.buildDirectories": [
-          "/tmp/${localWorkspaceFolderBasename}/build/coverage"
+          "/tmp/rvstd/build"
         ],
         "gcovViewer.highlightMissedLines": true,
         "editor.formatOnSave": true,

diff --git a/.github/workflows/boostdevel.yml b/.github/workflows/boostdevel.yml
diff --git a/.github/workflows/buildah-build-devel.yml b/.github/workflows/buildah-build-devel.yml
@@ -0,0 +1,103 @@
+name: buildah-build-devel
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "19 19 * * 0" # 19:41 UTC everyday
+  push:
+    paths:
+      - .github/workflows/buildah-build-devel.yml # Self-trigger
+      - containers/rvstd-devel/Dockerfile
+
+env:
+  REGISTRY: ghcr.io/bounverif
+  IMAGE_NAME: rvstd
+  RVSTD_VERSION: latest
+  CONTAINERS_ROOT: /home/runner/.local/share/containers
+  TMPDIR: /home/runner/.local/share/containers/tmp
+
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  buildah-build-devel:
+    runs-on: ubuntu-24.04
+    concurrency:
+      group: ${{ github.workflow }}-${{ github.ref }}
+      cancel-in-progress: true 
+    steps:
+      - name: Maximize build space
+        uses: easimon/maximize-build-space@v10
+        with:
+          root-reserve-mb: 2048 # Reserve disk space for repository
+          remove-dotnet: "true"
+          remove-android: "true"
+          remove-haskell: "true"
+          remove-codeql: "true"
+          remove-docker-images: "true"
+          build-mount-path: ${{ env.CONTAINERS_ROOT }} # The remaining space only for container build
+
+      - run: mkdir -p $TMPDIR
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set current date as the version
+        run: echo "RVSTD_VERSION=$(date +'%Y%m%d')" >> $GITHUB_ENV
+
+      - name: Log in to the GitHub Container registry
+        uses: redhat-actions/podman-login@v1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build builder container image
+        id: build-builder
+        uses: redhat-actions/buildah-build@v2
+        with:
+          platforms: linux/amd64
+          image: ${{ env.IMAGE_NAME }}
+          tags: ${{ env.RVSTD_VERSION }}-builder latest-builder
+          layers: true
+          oci: true
+          build-args: |
+            RVSTD_VERSION=${{ env.RVSTD_VERSION }}
+          extra-args: |
+            --target rvstd-builder
+          containerfiles: |
+            containers/rvstd-devel/Dockerfile
+
+      - name: Build devel container image
+        id: build-devel
+        uses: redhat-actions/buildah-build@v2
+        with:
+          platforms: linux/amd64
+          image: ${{ env.IMAGE_NAME }}
+          tags: ${{ env.RVSTD_VERSION }}-devel latest-devel
+          layers: true
+          oci: true
+          build-args: |
+            RVSTD_VERSION=${{ env.RVSTD_VERSION }}
+          extra-args: |
+            --target rvstd-devel
+          containerfiles: |
+            containers/rvstd-devel/Dockerfile
+
+      - name: Push to GitHub Container Repository
+        if: github.ref == 'refs/heads/main'
+        id: push-builder-ghcr
+        uses: redhat-actions/push-to-registry@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          image: ${{ steps.build-builder.outputs.image }}
+          tags: ${{ steps.build-builder.outputs.tags }}
+
+      - name: Push to GitHub Container Repository
+        if: github.ref == 'refs/heads/main'
+        id: push-devel-ghcr
+        uses: redhat-actions/push-to-registry@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          image: ${{ steps.build-devel.outputs.image }}
+          tags: ${{ steps.build-devel.outputs.tags }}
diff --git a/.github/workflows/cppdevel.yml b/.github/workflows/cppdevel.yml
diff --git a/.github/workflows/ghcr-retention.yml b/.github/workflows/ghcr-retention.yml
@@ -0,0 +1,34 @@
+name: ghcr-retention
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 12 * * 0"
+
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  clean:
+    runs-on: ubuntu-latest
+    name: Github Container Registry Retention Policy
+    steps:
+      - name: Clean up old images
+        uses: snok/[email protected]
+        with:
+          account: bounverif
+          token: ${{ secrets.GITHUB_TOKEN }}
+          image-names: "rvstd"
+          image-tags: "!latest*"
+          cut-off: 24w
+          dry-run: false
+
+      - name: Clean up untagged images
+        uses: snok/[email protected]
+        with:
+          account: bounverif
+          token: ${{ secrets.GITHUB_TOKEN }}
+          image-names: "rvstd"
+          tag-selection: untagged
+          cut-off: 1h
+          dry-run: false
diff --git a/containers/Makefile b/containers/Makefile
@@ -0,0 +1,28 @@
+RVSTD_IMAGE_NAME ?= localhost/rvstd
+RVSTD_VERSION ?= latest
+CONTEXT ?= .
+CONTAINER_CACHE_TTL=24h
+
+builder: 
+	buildah build \
+		-f rvstd-devel/Dockerfile \
+		--build-arg RVSTD_IMAGE_NAME=${RVSTD_IMAGE_NAME} \
+		--build-arg RVSTD_VERSION=${RVSTD_VERSION} \
+		--format oci \
+		--layers=true \
+		--cache-ttl=${CONTAINER_CACHE_TTL} \
+		--target rvstd-builder \
+		--tag rvstd:${RVSTD_VERSION}-builder \
+	${CONTEXT}
+
+devel: builder
+	buildah build \
+		-f rvstd-devel/Dockerfile \
+		--build-arg RVSTD_IMAGE_NAME=${RVSTD_IMAGE_NAME} \
+		--build-arg RVSTD_VERSION=${RVSTD_VERSION} \
+		--format oci \
+		--layers=true \
+		--cache-ttl=${CONTAINER_CACHE_TTL} \
+		--target rvstd-devel \
+		--tag rvstd:${RVSTD_VERSION}-devel \
+	${CONTEXT}
diff --git a/containers/boostdevel/Dockerfile b/containers/boostdevel/Dockerfile