nwaku/.github/workflows/container-image.yml
2024-10-15 20:31:38 +02:00

100 lines
3.1 KiB
YAML

name: container-image-build
on:
workflow_call:
inputs:
image_tag:
type: string
default: ${{ github.event.number }}
outputs:
image:
description: The resulting image link
value: ${{ jobs.build-docker-image.outputs.image }}
env:
NPROC: 2
MAKEFLAGS: "-j${NPROC}"
NIMFLAGS: "--parallelBuild:${NPROC}"
# This workflow should not run for outside contributors
# If org secrets are not available, we'll avoid building and publishing the docker image and we'll pass the workflow
jobs:
build-docker-image:
strategy:
matrix:
os: [ubuntu-22.04]
runs-on: ${{ matrix.os }}
timeout-minutes: 60
name: docker-build-${{ matrix.os }}
outputs:
image: ${{ steps.build.outputs.image }}
steps:
- name: Check secrets
id: secrets
continue-on-error: true
run: |
if [[ -z "$QUAY_PASSWORD" || -z "$QUAY_USER" ]]; then
echo "User does not have access to secrets, skipping workflow"
exit 1
fi
env:
QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }}
QUAY_USER: ${{ secrets.QUAY_USER }}
- name: Checkout code
if: ${{ steps.secrets.outcome == 'success' }}
uses: actions/checkout@v3
- name: Get submodules hash
id: submodules
if: ${{ steps.secrets.outcome == 'success' }}
run: |
echo "hash=$(git submodule status | awk '{print $1}' | sort | shasum -a 256 | sed 's/[ -]*//g')" >> $GITHUB_OUTPUT
- name: Cache submodules
if: ${{ steps.secrets.outcome == 'success' }}
uses: actions/cache@v3
with:
path: |
vendor/
.git/modules
key: ${{ runner.os }}-vendor-modules-${{ steps.submodules.outputs.hash }}
- name: Build binaries
id: build
if: ${{ steps.secrets.outcome == 'success' }}
run: |
make -j${NPROC} V=1 QUICK_AND_DIRTY_COMPILER=1 NIMFLAGS="-d:disableMarchNative -d:postgres -d:chronicles_colors:none" wakunode2
SHORT_REF=$(git rev-parse --short HEAD)
TAG=$([ "${PR_NUMBER}" == "" ] && echo "${SHORT_REF}" || echo "${PR_NUMBER}")
IMAGE=quay.io/wakuorg/nwaku-pr:${TAG}
echo "image=${IMAGE}" >> $GITHUB_OUTPUT
echo "commit_hash=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
docker login -u ${QUAY_USER} -p ${QUAY_PASSWORD} quay.io
docker build -t ${IMAGE} -f docker/binaries/Dockerfile.bn.amd64 --label quay.expires-after=30d .
docker push ${IMAGE}
env:
QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }}
QUAY_USER: ${{ secrets.QUAY_USER }}
PR_NUMBER: ${{ inputs.image_tag}}
- name: Comment PR
uses: thollander/actions-comment-pull-request@v2
if: ${{ github.event_name == 'pull_request' && steps.secrets.outcome == 'success' }}
with:
message: |
You can find the image built from this PR at
```
${{steps.build.outputs.image}}
```
Built from ${{ steps.build.outputs.commit_hash }}
comment_tag: execution-rln-v${{ matrix.rln_version }}