Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Publish docker image #3

Merged
merged 3 commits into from
Feb 14, 2024
Merged

Publish docker image #3

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
230bd1f
Publish docker image
strokyl Feb 13, 2024
0cdb39b
try
strokyl Feb 14, 2024
8c94af1
Push only on main
strokyl Feb 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
153 changes: 153 additions & 0 deletions .github/workflows/build-docker.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,153 @@
name: CI Platform / Build Docker Images
strokyl marked this conversation as resolved.
Show resolved Hide resolved

on:
workflow_call:
inputs:
image_tags:
required: true
type: string
description: (string) Image tags to build in docker/metadata-action format
release:
required: false
type: boolean
description: (bool) Whether this is a release or not
default: false
amd64_artifact_name:
description: "(string) AMD64 Artifact name"
type: string
required: true
arm64_artifact_name:
description: "(string) ARM64 Artifact name"
type: string
required: true
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now useless as in platform-build the rust code was build separately on different runners and we needed to download artifacts produced for this job.
But here your Dockerfile is a 2 stage build that will take golang image in correct architecture amd/arm and build inside then copy binaries into a scratch image.

outputs:
all_conduktor_tags:
description: (json string) All conduktor ctl image tags built (in format repo/namespace/image:tag)
value: ${{ jobs.build-platform-docker.outputs.all_tags }}
ghcr_conduktor_tags:
description: (json string) All conduktor ctl GHCR image tags (in format ghcr.io/namespace/image:tag)
value: ${{ jobs.build-platform-docker.outputs.ghcr_tags }}
ghcr_conduktor_digest:
description: (string) Only the first conduktor ctl GHCR image digest (in format ghcr.io/namespace/image@sha256:digest)
value: ${{ jobs.build-platform-docker.outputs.ghcr_digest }}
harbor_conduktor_tags:
description: (json string) Only the first conduktor image tags (in format harbor.cdkt.dev/namespace/image:tag)
value: ${{ jobs.build-platform-docker.outputs.harbor_tags }}
harbor_conduktor_digest:
description: (string) Only the first conduktor image digest (in format harbor.cdkt.dev/namespace/image@sha256:digest)
value: ${{ jobs.build-platform-docker.outputs.harbor_digest }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we have no need for the produce docker image after this workflow (for tests run or something) outputs can be removed

env:
GHCR_REGISTRY: "ghcr.io"
HARBOR_REGISTRY: "harbor.cdkt.dev"
strokyl marked this conversation as resolved.
Show resolved Hide resolved
NAMESPACE: "conduktor"
LABEL_IMAGE_AUTHORS: "Conduktor <[email protected]>"
LABEL_IMAGE_DOCUMENTATION: "https://docs.conduktor.io/conduktor"
LABEL_IMAGE_VENDOR: "Conduktor.io"

jobs:

build-platform-docker:
strokyl marked this conversation as resolved.
Show resolved Hide resolved
name: Build Platform Docker
strokyl marked this conversation as resolved.
Show resolved Hide resolved
runs-on: [cdk-standard]
outputs:
all_tags: ${{ toJson(steps.docker_meta.outputs.tags) }}
ghcr_tags: ${{ toJson(steps.output_image_tag.outputs.ghcr_tags) }}
ghcr_digest: ${{ steps.output_image_tag.outputs.ghcr_digest }}
harbor_tags: ${{ toJson(steps.output_image_tag.outputs.harbor_tags) }}
harbor_digest: ${{ steps.output_image_tag.outputs.harbor_digest }}
strokyl marked this conversation as resolved.
Show resolved Hide resolved
permissions:
id-token: write
contents: read
env:
PLATFORM_IMAGE: "conduktorctl"
strokyl marked this conversation as resolved.
Show resolved Hide resolved
GHCR_IMAGE: "ghcr.io/conduktor/conduktorctl"
HARBOR_IMAGE: "harbor.cdkt.dev/conduktor/conduktorctl"
LABEL_IMAGE_TITLE: "Conduktor ctl"
LABEL_IMAGE_DESCRIPTION: "Conduktor command line tools"
LABEL_IMAGE_URL: "https://hub.docker.com/r/conduktor/conduktorctl"
steps:
- name: Set up Docker Buildx
id: setup-buildx
uses: docker/setup-buildx-action@v3
with:
version: v0.9.1
install: true
platforms: linux/amd64,linux/arm64

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64,linux/arm64
strokyl marked this conversation as resolved.
Show resolved Hide resolved

- name: Docker multi registries configuration
id: docker_meta
uses: conduktor/conduktor-actions/[email protected]
with:
image-name: |
${{ env.PLATFORM_IMAGE }}
conduktor-console
strokyl marked this conversation as resolved.
Show resolved Hide resolved
namespace: ${{ env.NAMESPACE }}
tags: ${{ inputs.image_tags }}
labels: |
org.opencontainers.image.title=${{ env.LABEL_IMAGE_TITLE }}
org.opencontainers.image.description=${{ env.LABEL_IMAGE_DESCRIPTION }}
org.opencontainers.image.authors=${{ env.LABEL_IMAGE_AUTHORS }}
org.opencontainers.image.documentation=${{ env.LABEL_IMAGE_DOCUMENTATION }}
org.opencontainers.image.vendor=${{ env.LABEL_IMAGE_VENDOR }}
org.opencontainers.image.url=${{ env.LABEL_IMAGE_URL }}
- name: Buildx builder
id: buildx
shell: bash
run: |
# Purge existing builder before creating a new one to avoid conflicts
docker buildx rm conduktorctl || true
docker buildx create --driver docker-container --name conduktorctl --platform "linux/amd64,linux/arm64" --use
echo "name=conduktorctl" >> "${GITHUB_OUTPUT}"
echo "platforms=linux/amd64,linux/arm64" >> "${GITHUB_OUTPUT}"
strokyl marked this conversation as resolved.
Show resolved Hide resolved

- name: Build ${{ env.PLATFORM_IMAGE }} for ${{ steps.buildx.outputs.platforms }}
id: build
uses: docker/build-push-action@v5
with:
context: .
platforms: ${{ steps.buildx.outputs.platforms }}
builder: ${{ steps.buildx.outputs.name }}
pull: true
strokyl marked this conversation as resolved.
Show resolved Hide resolved
push: true
file: docker/Dockerfile
tags: ${{ steps.docker_meta.outputs.tags }}
labels: ${{ steps.docker_meta.outputs.labels }}
cache-from: type=registry,ref=${{env.HARBOR_IMAGE}}:main
cache-to: type=inline,mode=min
github-token: ${{ secrets.GITHUB_TOKEN }}

- name: Output conduktorctl image
id: output_image_tag
shell: bash
run: |
# multi-line output tips https://github.com/orgs/community/discussions/26288#discussioncomment-3876281

ghcr_tags=$(echo "${{ steps.docker_meta.outputs.tags }}" | grep "ghcr.io" || true)
if [[ -z "${ghcr_tags}" ]]; then
echo -e "ghcr_tags=" >> "${GITHUB_OUTPUT}"
echo -e "ghcr_digest=" >> "${GITHUB_OUTPUT}"
else
delimiter1="$(openssl rand -hex 8)"
echo -e "ghcr_tags<<${delimiter1}\n${ghcr_tags}\n${delimiter1}" >> "${GITHUB_OUTPUT}"
echo "ghcr_digest=${{env.GHCR_IMAGE}}@${{ steps.build.outputs.digest }}" >> "${GITHUB_OUTPUT}"
fi

harbor_tags=$(echo "${{ steps.docker_meta.outputs.tags }}" | grep "harbor.cdkt.dev" || true)
if [[ -z "${harbor_tags}" ]]; then
echo -e "harbor_tags=" >> "${GITHUB_OUTPUT}"
echo -e "harbor_digest=" >> "${GITHUB_OUTPUT}"
else
delimiter2="$(openssl rand -hex 8)"
echo -e "harbor_tags<<${delimiter2}\n${harbor_tags}\n${delimiter2}" >> "${GITHUB_OUTPUT}"
echo "harbor_digest=${{env.HARBOR_IMAGE}}@${{ steps.build.outputs.digest }}" >> "${GITHUB_OUTPUT}"
fi

echo "Outputs ${GITHUB_OUTPUT}"
echo "-------"
cat "${GITHUB_OUTPUT}"
echo "-------"
4 changes: 2 additions & 2 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ on:
types: [opened, reopened, synchronize, labeled]
jobs:
unit-test:
runs-on: cdk-large
runs-on: cdk-standard
strokyl marked this conversation as resolved.
Show resolved Hide resolved
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
Expand All @@ -12,7 +12,7 @@ jobs:
- name: go test
run: go test ./...
integration-test:
runs-on: cdk-large
runs-on: cdk-standard
steps:
- uses: actions/checkout@v3
- name: run test
Expand Down
146 changes: 146 additions & 0 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,146 @@
name: Release
run-name: ${{ github.event.release.prerelease == true && 'Pre-' || '' }}Release ${{ github.event.release.tag_name }} by ${{ github.actor }}

on:
release:
types: [published]
jobs:
tags:
name: List tags to be created
runs-on: cdk-standard
outputs:
image_tags: ${{ steps.image_tag.outputs.tags }}
version: ${{ steps.image_tag.outputs.version }}
is_latest: ${{ steps.image_tag.outputs.is_latest }}
is_prerelease: ${{ steps.image_tag.outputs.is_prerelease }}
strokyl marked this conversation as resolved.
Show resolved Hide resolved
steps:
- name: Debug tags
shell: bash
run: |
echo "----------------------------"
echo "GITHUB_REF : ${GITHUB_REF}"
echo "GITHUB_REF_NAME: ${GITHUB_REF_NAME}"
echo "GITHUB_REF_TYPE : ${GITHUB_REF_TYPE}"
echo "----------------------------"
echo "Release event : "
echo " name :${{ github.event.release.name }}"
echo " tag_name :${{ github.event.release.tag_name }}"
echo " target_commitish:${{ github.event.release.target_commitish }}"
echo " prerelease:${{ github.event.release.prerelease }}"
echo " draft:${{ github.event.release.draft }}"
strokyl marked this conversation as resolved.
Show resolved Hide resolved

- name: Parse version from tag
id: version
uses: release-kit/semver@v2
with:
string: '${{ github.event.release.tag_name }}'

- name: Set release tag
if: ${{ github.event.release }}
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
latest_release_version=$(gh release view -R ${{ github.repository }} --json tagName -q .tagName)
echo "Latest release is ${latest_release}"
is_latest=$(test "${{ github.event.release.tag_name }}" == "${latest_release_version}" && echo true || echo false)

echo "RELEASE_TAG=${{ steps.version.outputs.full }}" >> $GITHUB_ENV
echo "IS_LATEST=${is_latest}" >> $GITHUB_ENV

- name: Pre-release check
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
echo "Check consistency between pre-release Github flag and git tag name"
if [[ ${{ github.event.release.prerelease }} == true && "${{ steps.version.outputs.prerelease }}" == "" ]]; then
echo "Empty pre-release tag need a git tag like major.minor.patch-<pre_release_name>"
exit 1
fi
if [[ ${{ github.event.release.prerelease }} == false && "${{ steps.version.outputs.prerelease }}" != "" ]]; then
echo "Invalid pre-release tag ${{ steps.version.outputs.full }} not flagged as pre-release on Github Release page"
exit 1
fi
strokyl marked this conversation as resolved.
Show resolved Hide resolved

- name: Image tag
id: image_tag
shell: bash
run: |
TAGS=""
TAGS="${TAGS}type=raw,value=${{ steps.version.outputs.full }}\n"
TAGS="${TAGS}type=semver,pattern={{version}}\n"
TAGS="${TAGS}type=raw,value=latest,enable=${{ env.IS_LATEST }}\n"

delimiter="$(openssl rand -hex 8)"
echo -e "tags<<${delimiter}\n${TAGS}\n${delimiter}" >> "${GITHUB_OUTPUT}"

echo -e "version=${{ steps.version.outputs.full }}" >> "${GITHUB_OUTPUT}"
echo -e "is_latest=${{ env.IS_LATEST }}" >> "${GITHUB_OUTPUT}"
echo -e "is_prerelease=${{ github.event.release.prerelease }}" >> "${GITHUB_OUTPUT}"

echo "Outputs ${GITHUB_OUTPUT}"
echo "-------"
cat "${GITHUB_OUTPUT}"
echo "-------"
unit-test:
runs-on: cdk-standard
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 1.22.0
- name: go test
run: go test ./...
integration-test:
runs-on: cdk-standard
steps:
- uses: actions/checkout@v3
- name: run test
run: ./test_final_exec.sh

build-docker:
name: Build and publish platform images
strokyl marked this conversation as resolved.
Show resolved Hide resolved
uses: ./.github/workflows/build-docker.yml
secrets: inherit
needs: [tags, build-cli, e2e]
strokyl marked this conversation as resolved.
Show resolved Hide resolved
with:
release: true
image_tags: ${{ needs.tags.outputs.image_tags }}
amd64_artifact_name: ${{ needs.build-cli.outputs.amd64_artifact_name }}
arm64_artifact_name: ${{ needs.build-cli.outputs.arm64_artifact_name }}
strokyl marked this conversation as resolved.
Show resolved Hide resolved

create_maintance_branches:
if: ${{ github.event.release.prerelease == false }}
needs: [ tags, build-docker ]
runs-on: cdk-standard
env:
GITHUB_TOKEN: ${{ secrets.CONDUKTORBOT_GHCR_RW }}
steps:
- name: Parse version from string
id: parsed_version
uses: release-kit/semver@v2
with:
string: "${{ needs.tags.outputs.version }}"

- name: Maintenance Branch Name
id: maintenance_branch_name
shell: bash
run: |
maintenance_branch_name="patch/${{ steps.parsed_version.outputs.major }}.${{ steps.parsed_version.outputs.minor }}"
echo "MAINTENANCE_BRANCH_NAME=${maintenance_branch_name}" >> $GITHUB_ENV
echo "MAINTENANCE_TAG_NAME=release-${{ needs.tags.outputs.version }}" >> $GITHUB_ENV

- uses: actions/checkout@v4

- name: Extract dependencies refs
id: dependencies_refs
uses: ./.github/actions/get-dependencies-refs

- name: Platform-build maintenance branch
uses: ./.github/actions/create-patch-branch
with:
repository: ${{ github.repository }}
remote_ref: ${{ github.ref }}
branch_name: ${{ env.MAINTENANCE_BRANCH_NAME }}
token: ${{ secrets.CONDUKTORBOT_GHCR_RW }}
strokyl marked this conversation as resolved.
Show resolved Hide resolved
Loading