From ba41b5a23205c77f1a1f548c72ffc6146c80ce3c Mon Sep 17 00:00:00 2001 From: Slava <20563034+veaceslavdoina@users.noreply.github.com> Date: Thu, 17 Aug 2023 06:04:50 +0300 Subject: [PATCH] Add reusable workflow for Docker (codex-storage/cs-codex-dist-tests/issues/42) (#518) --- .github/workflows/docker-dist-tests.yml | 30 ++++ .github/workflows/docker-reusable.yml | 199 ++++++++++++++++++++++++ .github/workflows/docker.yml | 130 +--------------- 3 files changed, 235 insertions(+), 124 deletions(-) create mode 100644 .github/workflows/docker-dist-tests.yml create mode 100644 .github/workflows/docker-reusable.yml diff --git a/.github/workflows/docker-dist-tests.yml b/.github/workflows/docker-dist-tests.yml new file mode 100644 index 00000000..d322194a --- /dev/null +++ b/.github/workflows/docker-dist-tests.yml @@ -0,0 +1,30 @@ +name: Docker - Dist-Tests + + +on: + push: + branches: + - master + tags: + - 'v*.*.*' + paths-ignore: + - '**/*.md' + - '.gitignore' + - '.github/**' + - '!.github/workflows/docker-dist-tests.yml' + - '!.github/workflows/docker-reusable.yml' + - 'docker/**' + - '!docker/codex.Dockerfile' + - '!docker/docker-entrypoint.sh' + workflow_dispatch: + + +jobs: + build-and-push: + name: Build and Push + uses: ./.github/workflows/docker-reusable.yml + with: + nimflags: '-d:disableMarchNative -d:codex_enable_api_debug_peers=true -d:codex_enable_simulated_proof_failures' + nat_ip_auto: true + tag_suffix: dist-tests + secrets: inherit diff --git a/.github/workflows/docker-reusable.yml b/.github/workflows/docker-reusable.yml new file mode 100644 index 00000000..6c566dfc --- /dev/null +++ b/.github/workflows/docker-reusable.yml @@ -0,0 +1,199 @@ +name: Docker - Reusable + + +on: + workflow_call: + inputs: + docker_file: + default: docker/codex.Dockerfile + description: Dockerfile + required: false + type: string + docker_repo: + default: codexstorage/nim-codex + description: DockerHub repository + required: false + type: string + make_parallel: + default: 4 + description: Make parallel + required: false + type: number + nimflags: + default: '-d:disableMarchNative' + description: Nim flags for builds + required: false + type: string + nat_ip_auto: + default: false + description: Enable NAT IP auto + required: false + type: boolean + tag_latest: + default: true + description: Set latest tag for Docker images + required: false + type: boolean + tag_sha: + default: true + description: Set Git short commit as Docker tag + required: false + type: boolean + tag_suffix: + default: '' + description: Suffix for Docker images tag + required: false + type: string + + +env: + DOCKER_FILE: ${{ inputs.docker_file }} + DOCKER_REPO: ${{ inputs.docker_repo }} + MAKE_PARALLEL: ${{ inputs.make_parallel }} + NIMFLAGS: ${{ inputs.nimflags }} + NAT_IP_AUTO: ${{ inputs.nat_ip_auto }} + TAG_LATEST: ${{ inputs.tag_latest }} + TAG_SHA: ${{ inputs.tag_sha }} + TAG_SUFFIX: ${{ inputs.tag_suffix }} + + +jobs: + # Build platform specific image + build: + strategy: + fail-fast: true + matrix: + target: + - os: linux + arch: amd64 + - os: linux + arch: arm64 + include: + - target: + os: linux + arch: amd64 + builder: ubuntu-22.04 + - target: + os: linux + arch: arm64 + builder: buildjet-4vcpu-ubuntu-2204-arm + + name: Build ${{ matrix.target.os }}/${{ matrix.target.arch }} + runs-on: ${{ matrix.builder }} + env: + PLATFORM: ${{ format('{0}/{1}', 'linux', matrix.target.arch) }} + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Docker - Meta + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.DOCKER_REPO }} + + - name: Docker - Set up Buildx + uses: docker/setup-buildx-action@v2 + + - name: Docker - Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Docker - Build and Push by digest + id: build + uses: docker/build-push-action@v4 + with: + context: . + file: ${{ env.DOCKER_FILE }} + platforms: ${{ env.PLATFORM }} + push: true + build-args: | + MAKE_PARALLEL=${{ env.MAKE_PARALLEL }} + NIMFLAGS=${{ env.NIMFLAGS }} + NAT_IP_AUTO=${{ env.NAT_IP_AUTO }} + labels: ${{ steps.meta.outputs.labels }} + outputs: type=image,name=${{ env.DOCKER_REPO }},push-by-digest=true,name-canonical=true,push=true + + - name: Docker - Export digest + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + + - name: Docker - Upload digest + uses: actions/upload-artifact@v3 + with: + name: digests + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + + # Publish multi-platform image + publish: + name: Publish multi-platform image + runs-on: ubuntu-latest + needs: build + steps: + - name: Docker - Variables + run: | + # Adjust custom suffix when set and + if [[ -n "${{ env.TAG_SUFFIX }}" ]]; then + echo "TAG_SUFFIX=-${{ env.TAG_SUFFIX }}" >>$GITHUB_ENV + fi + # Disable SHA tags on tagged release + if [[ ${{ startsWith(github.ref, 'refs/tags/') }} == "true" ]]; then + echo "TAG_SHA=false" >>$GITHUB_ENV + fi + # Handle latest and latest-custom using raw + if [[ ${{ env.TAG_SHA }} == "false" ]]; then + echo "TAG_LATEST=false" >>$GITHUB_ENV + echo "TAG_RAW=true" >>$GITHUB_ENV + if [[ -z "${{ env.TAG_SUFFIX }}" ]]; then + echo "TAG_RAW_VALUE=latest" >>$GITHUB_ENV + else + echo "TAG_RAW_VALUE=latest-{{ env.TAG_SUFFIX }}" >>$GITHUB_ENV + fi + else + echo "TAG_RAW=false" >>$GITHUB_ENV + fi + + - name: Docker - Download digests + uses: actions/download-artifact@v3 + with: + name: digests + path: /tmp/digests + + - name: Docker - Set up Buildx + uses: docker/setup-buildx-action@v2 + + - name: Docker - Meta + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.DOCKER_REPO }} + flavor: | + latest=${{ env.TAG_LATEST }} + suffix=${{ env.TAG_SUFFIX }},onlatest=true + tags: | + type=semver,pattern={{version}} + type=raw,enable=${{ env.TAG_RAW }},value=latest + type=sha,enable=${{ env.TAG_SHA }} + + - name: Docker - Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Docker - Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.DOCKER_REPO }}@sha256:%s ' *) + + - name: Docker - Inspect image + run: | + docker buildx imagetools inspect ${{ env.DOCKER_REPO }}:${{ steps.meta.outputs.version }} diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 62017f18..b826b050 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -6,139 +6,21 @@ on: branches: - master tags: - - "v*.*.*" + - 'v*.*.*' paths-ignore: - '**/*.md' - '.gitignore' - '.github/**' - '!.github/workflows/docker.yml' + - '!.github/workflows/docker-reusable.yml' - 'docker/**' - '!docker/codex.Dockerfile' - '!docker/docker-entrypoint.sh' workflow_dispatch: -env: - DOCKER_FILE: docker/codex.Dockerfile - DOCKER_REPO: codexstorage/nim-codex - MAKE_PARALLEL: 4 - NIMFLAGS: '-d:disableMarchNative -d:codex_enable_api_debug_peers=true' - NIMFLAGS_RELEASE: '-d:disableMarchNative' - NAT_IP_AUTO: true - NAT_IP_AUTO_RELEASE: false - - jobs: - # Build platform specific image - build: - strategy: - fail-fast: true - matrix: - target: - - os: linux - arch: amd64 - - os: linux - arch: arm64 - include: - - target: - os: linux - arch: amd64 - builder: ubuntu-22.04 - - target: - os: linux - arch: arm64 - builder: buildjet-4vcpu-ubuntu-2204-arm - - name: Build ${{ matrix.target.os }}/${{ matrix.target.arch }} - runs-on: ${{ matrix.builder }} - outputs: - tags-linux-amd64: ${{ steps.tags.outputs.tags-linux-amd64 }} - tags-linux-arm64: ${{ steps.tags.outputs.tags-linux-arm64 }} - env: - PLATFORM: ${{ format('{0}/{1}', 'linux', matrix.target.arch) }} - SUFFIX: ${{ format('{0}-{1}', 'linux', matrix.target.arch) }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Docker - Variables - run: | - # Release - if [[ ${{ startsWith(github.ref, 'refs/tags/') }} == "true" ]]; then - echo "NIMFLAGS=${{ env.NIMFLAGS_RELEASE }}" >>$GITHUB_ENV - echo "NAT_IP_AUTO=${{ env.NAT_IP_AUTO_RELEASE }}" >>$GITHUB_ENV - fi - - - name: Docker - Meta - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.DOCKER_REPO }} - flavor: | - latest=false - tags: | - type=semver,pattern={{version}},suffix=-${{ env.SUFFIX }} - type=sha,suffix=-${{ env.SUFFIX }},enable=${{ !startsWith(github.ref, 'refs/tags/') }} - - - name: Docker - Set tags output - id: tags - run: | - if [[ '${{ matrix.target.os }}' == 'linux' && '${{ matrix.target.arch }}' == 'amd64' ]]; then - echo "tags-linux-amd64=${{ steps.meta.outputs.tags }}" >> "$GITHUB_OUTPUT" - elif [[ '${{ matrix.target.os }}' == 'linux' && '${{ matrix.target.arch }}' == 'arm64' ]]; then - echo "tags-linux-arm64=${{ steps.meta.outputs.tags }}" >> "$GITHUB_OUTPUT" - fi - - - name: Docker - Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Docker - Build and Push - uses: docker/build-push-action@v4 - with: - context: . - file: ${{ env.DOCKER_FILE }} - platforms: ${{ env.PLATFORM }} - push: true - build-args: | - MAKE_PARALLEL=${{ env.MAKE_PARALLEL }} - NIMFLAGS=${{ env.NIMFLAGS }} - NAT_IP_AUTO=${{ env.NAT_IP_AUTO }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - # Publish single image - publish: - name: Push single image - runs-on: ubuntu-latest - needs: build - steps: - - name: Docker - Meta - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.DOCKER_REPO }} - tags: | - type=semver,pattern={{version}} - type=sha,enable=${{ !startsWith(github.ref, 'refs/tags/') }} - - - name: Docker - Set tags - run: | - # Transform multi-line tags in to the comma-seperated - TAGS=$(echo "${{ steps.meta.outputs.tags }}" | tr '\n' ',' | awk '{gsub(/,$/,"");}1') - echo "TAGS=${TAGS}" >>$GITHUB_ENV - - - name: Docker - Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Docker - Create and push manifest images - uses: Noelware/docker-manifest-action@master - with: - inputs: ${{ env.TAGS }} - images: ${{ needs.build.outputs.tags-linux-amd64 }},${{ needs.build.outputs.tags-linux-arm64 }} - push: true + build-and-push: + name: Build and Push + uses: ./.github/workflows/docker-reusable.yml + secrets: inherit