Skip to content

Commit

Permalink
ci: add merge digest step and update some actions
Browse files Browse the repository at this point in the history
  • Loading branch information
@thalesmg
thalesmg committed Oct 19, 2023
1 parent fdee4e7 commit b0b69b4
Show file tree
Hide file tree
Showing 3 changed files with 146 additions and 25 deletions.
16 changes: 10 additions & 6 deletions .github/workflows/base.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,9 @@ jobs:
- [alpine3.15.1, linux/amd64, [self-hosted, linux, x64, ephemeral]]
- [alpine3.15.1, linux/arm64, [self-hosted, linux, arm64, ephemeral]]

env:
REGISTRY_IMAGE: ghcr.io/${{ github.repository }}/base-${{ matrix.base_image_vsn }}

steps:
- uses: actions/checkout@v3
- uses: aws-actions/configure-aws-credentials@v2
Expand All @@ -56,20 +59,20 @@ jobs:
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: Get cache
run: aws s3 sync s3://docker-buildx-cache/emqx-builder/${{ matrix.platform[0] }} /tmp/.docker-buildx-cache
- uses: docker/setup-buildx-action@v2
- uses: docker/setup-qemu-action@v2
- uses: docker/login-action@v2
- uses: docker/setup-buildx-action@v3
- uses: docker/setup-qemu-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- uses: docker/metadata-action@v4
- uses: docker/metadata-action@v5
id: base_meta
with:
images: ghcr.io/${{ github.repository }}/base-${{ matrix.base_image_vsn }}
images: ${{ env.REGISTRY_IMAGE }}
tags: type=raw,value=${{ matrix.platform[0] }}
- name: Build base image
uses: docker/build-push-action@v3
uses: docker/build-push-action@v5
with:
pull: true
cache-from: type=local,src=/tmp/.docker-buildx-cache,mode=max
Expand All @@ -78,6 +81,7 @@ jobs:
tags: ${{ steps.base_meta.outputs.tags }}
labels: ${{ steps.base_meta.outputs.labels }}
file: ${{ matrix.platform[0] }}/Dockerfile
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=false
context: .
- name: Update cache
run: aws s3 sync --delete /tmp/.docker-buildx-cache-new s3://docker-buildx-cache/emqx-builder/${{ matrix.platform[0] }}
147 changes: 132 additions & 15 deletions .github/workflows/main.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,9 @@ jobs:
- [alpine3.15.1, linux/amd64, [self-hosted, linux, x64, ephemeral]]
- [alpine3.15.1, linux/arm64, [self-hosted, linux, arm64, ephemeral]]

env:
REGISTRY_IMAGE: ghcr.io/${{ github.repository }}/base-${{ matrix.base_image_vsn }}

steps:
- uses: actions/checkout@v3
- uses: aws-actions/configure-aws-credentials@v2
Expand All @@ -75,38 +78,91 @@ jobs:
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: Get cache
run: aws s3 sync s3://docker-buildx-cache/emqx-builder/${{ matrix.platform[0] }} /tmp/.docker-buildx-cache
- uses: docker/setup-buildx-action@v2
- uses: docker/setup-qemu-action@v2
- uses: docker/login-action@v2
- uses: docker/setup-buildx-action@v3
- uses: docker/setup-qemu-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- uses: docker/metadata-action@v4
- uses: docker/metadata-action@v5
id: base_meta
with:
images: ghcr.io/${{ github.repository }}/base-${{ matrix.base_image_vsn }}
images: ${{ env.REGISTRY_IMAGE }}
tags: type=raw,value=${{ matrix.platform[0] }}
- name: Build base image
uses: docker/build-push-action@v3
id: build
uses: docker/build-push-action@v5
with:
push: true
pull: true
cache-from: type=local,src=/tmp/.docker-buildx-cache,mode=max
cache-to: type=local,dest=/tmp/.docker-buildx-cache-new,mode=max
platforms: ${{ matrix.platform[1] }}
tags: ${{ steps.base_meta.outputs.tags }}
labels: ${{ steps.base_meta.outputs.labels }}
file: ${{ matrix.platform[0] }}/Dockerfile
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
context: .
- name: Update cache
run: aws s3 sync --delete /tmp/.docker-buildx-cache-new s3://docker-buildx-cache/emqx-builder/${{ matrix.platform[0] }}
- name: Export digests
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v3
with:
name: digests
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1

merge-base:
runs-on: ubuntu-latest
needs:
- base
strategy:
fail-fast: false
matrix:
base_image_vsn:
- "5.0"
env:
REGISTRY_IMAGE: ghcr.io/${{ github.repository }}/base-${{ matrix.base_image_vsn }}
steps:
- name: Download digests
uses: actions/download-artifact@v3
with:
name: digests
path: /tmp/digests
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY_IMAGE }}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
- name: Inspect image
run: |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}
build:
runs-on: ${{ github.repository_owner == 'emqx' && matrix.platform[2] || '["ubuntu-latest"]' }}
needs:
- prepare
- base
- merge-base

strategy:
fail-fast: false
Expand Down Expand Up @@ -150,22 +206,26 @@ jobs:
- name: Get ref
id: ref
run: echo "ref=${GITHUB_REF##*/}" >> $GITHUB_OUTPUT
- uses: docker/setup-buildx-action@v2
- uses: docker/setup-qemu-action@v2
- uses: docker/login-action@v2
- name: Set registry image
id: registry
run: |
echo "image=ghcr.io/${{ github.repository }}/${{ steps.ref.outputs.ref }}" | tee -a $GITHUB_OUTPUT
- uses: docker/setup-buildx-action@v3
- uses: docker/setup-qemu-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- uses: docker/metadata-action@v4
- uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository }}/${{ steps.ref.outputs.ref }}
images: ${{ steps.registry.outputs.image }}
tags: |
type=raw,value=${{ matrix.elixir }}-${{ matrix.otp }}-${{ matrix.platform[0] }}
- uses: docker/build-push-action@v3
- uses: docker/build-push-action@v5
id: build
with:
push: true
pull: true
no-cache: true
platforms: ${{ matrix.platform[1] }}
Expand All @@ -177,10 +237,67 @@ jobs:
ELIXIR_VERSION=${{ matrix.elixir }}
file: ./Dockerfile
context: .
outputs: type=image,name=${{ steps.registry.outputs.image }},push-by-digest=true,name-canonical=true,push=true
- name: Export digests
run: |
mkdir -p /tmp/digests-build
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v3
with:
name: digests-build
path: /tmp/digests-build/*
if-no-files-found: error
retention-days: 1

merge-build:
runs-on: ubuntu-latest
needs:
- build
strategy:
fail-fast: false
matrix:
base_image_vsn:
- "5.0"
steps:
- name: Get ref
id: ref
run: echo "ref=${GITHUB_REF##*/}" >> $GITHUB_OUTPUT
- name: Set registry image
id: registry
run: |
echo "image=ghcr.io/${{ github.repository }}/${{ steps.ref.outputs.ref }}" | tee -a $GITHUB_OUTPUT
- name: Download digests
uses: actions/download-artifact@v3
with:
name: digests-build
path: /tmp/digests-build
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ steps.registry.outputs.image }}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Create manifest list and push
working-directory: /tmp/digests-build
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ steps.registry.outputs.image }}@sha256:%s ' *)
- name: Inspect image
run: |
docker buildx imagetools inspect ${{ steps.registry.outputs.image }}:${{ steps.meta.outputs.version }}
release:
runs-on: ubuntu-latest
needs: build
needs: merge-build

if: startsWith(github.ref, 'refs/tags/')

Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,19 +82,19 @@ jobs:
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: Get cache
run: aws s3 sync s3://docker-buildx-cache/emqx-builder/${{ matrix.platform[0] }} /tmp/.docker-buildx-cache
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host
- name: Build base image
uses: docker/build-push-action@v3
uses: docker/build-push-action@v5
with:
push: true
platforms: ${{ matrix.platform[1] }}
tags: localhost:5000/${{ github.repository }}/base-${{ matrix.base_image_vsn }}:${{ matrix.platform[0] }}
file: ${{ matrix.platform[0] }}/Dockerfile
context: .
- uses: docker/build-push-action@v3
- uses: docker/build-push-action@v5
with:
platforms: ${{ matrix.platform[1] }}
build-args: |
Expand Down

0 comments on commit b0b69b4

Please sign in to comment.