Skip to content

Auto Build Image Plugins #12

Auto Build Image Plugins

Auto Build Image Plugins #12

name: Auto Build Image Plugins
# final packed image : ${ONLINE_REGISTER}/${IMAGE_REPO}/${IMAGE_NAME}:${inputs.tag}
# image dockerfile path on the repo: ${IMAGE_ROOT_PATH}/${IMAGE_NAME}/Dockerfile
env:
IMAGE_NAME: spiderpool-plugins
IMAGE_REPO: ${{ github.repository }}
ONLINE_REGISTER: ghcr.io
IMAGE_ROOT_PATH: images
BUILD_PLATFORM: linux/amd64,linux/arm64
ONLINE_REGISTER_USER: ${{ github.actor }}
ONLINE_REGISTER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
on:
workflow_dispatch:
inputs:
ref:
description: 'sha, Tag'
required: true
default: main
tag:
description: 'image tag'
required: true
default: v0.8.0
cni_version:
description: 'the version of cni-plugins, leave empty for latest release'
required: false
default: ""
ovs_version:
description: 'the version of ovs-cni plugin, leave empty for latest release'
required: false
default: ""
rdma_version:
description: 'the version of rdma-cni plugin, leave empty for latest main code'
required: false
default: ""
ibsriov_version:
description: 'the version of ib-sriov plugin, leave empty for latest release'
required: false
default: ""
ipoib_version:
description: 'the version of ipoib plugin, leave empty for latest release'
required: false
default: ""
push:
branches:
- main
paths:
# can not use env here
- images/spiderpool-plugins/**
permissions: write-all
# concurrency:
# group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.pull_request.number || github.sha }}
# cancel-in-progress: true
jobs:
build-and-push:
timeout-minutes: 30
environment: release-base-images
runs-on: ubuntu-latest
steps:
- name: Set up Docker Buildx
uses: docker/[email protected]
- name: Inspect builder
run: |
echo "Name: ${{ steps.buildx.outputs.name }}"
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
echo "Status: ${{ steps.buildx.outputs.status }}"
echo "Flags: ${{ steps.buildx.outputs.flags }}"
echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
- name: Set up QEMU
id: qemu
uses: docker/[email protected]
- name: Get Code Version Before Checkout
id: get_event_version
continue-on-error: false
run: |
if [ -n "${{ github.event.inputs.cni_version }}" ]; then
cni_version=${{ github.event.inputs.cni_version }}
else
cni_version=$(curl --retry 10 -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/containernetworking/plugins/releases/latest | jq '.tag_name' | tr -d '"')
if [ -z "${cni_version}" ] ; then
echo "unable to get cni version" && exit 1
fi
fi
if [ -n "${{ github.event.inputs.ovs_version }}" ]; then
ovs_version=${{ github.event.inputs.ovs_version }}
else
ovs_version=$(curl --retry 10 -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/k8snetworkplumbingwg/ovs-cni/releases/latest | jq '.tag_name' | tr -d '"')
if [ -z "${ovs_version}" ] ; then
echo "unable to get ovs version" && exit 1
fi
fi
if [ -n "${{ github.event.inputs.rdma_version }}" ]; then
rdma_version=${{ github.event.inputs.rdma_version }}
else
# rdma don't release any more, we use main branch to build.
git clone https://github.com/k8snetworkplumbingwg/rdma-cni.git
cd rdma-cni && rdma_version=$(git show -s --format='format:%H') && cd ..
fi
if [ -n "${{ github.event.inputs.ibsriov_version }}" ]; then
ibsriov_version="${{ github.event.inputs.ibsriov_version }}"
else
ibsriov_version=$(curl --retry 10 -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/k8snetworkplumbingwg/ib-sriov-cni/releases/latest | jq '.tag_name' | tr -d '"')
if [ -z "${ibsriov_version}" ] ; then
echo "unable to get ibsriov version" && exit 1
fi
fi
if [ -n "${{ github.event.inputs.ipoib_version }}" ]; then
ipoib_version="${{ github.event.inputs.ipoib_version }}"
else
ipoib_version=$(curl --retry 10 -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/Mellanox/ipoib-cni/releases/latest | jq '.tag_name' | tr -d '"')
if [ -z "${ipoib_version}" ] ; then
echo "unable to get ipoib version" && exit 1
fi
fi
if ${{ github.event_name == 'workflow_dispatch' }}; then
ref=${{ github.event.inputs.ref }}
tag=${{ github.event.inputs.tag }}
elif ${{ github.event_name == 'push' }} ; then
echo "event_ref=${{ github.ref }}" >> $GITHUB_OUTPUT
echo "event_tag=${{ github.sha }}" >> $GITHUB_OUTPUT
else
echo "unexpected event"
exit 1
fi
echo "event_ref=${ref}" >> $GITHUB_OUTPUT
echo "event_tag=${tag}" >> $GITHUB_OUTPUT
echo "image tag: ${tag}"
echo "cni version: ${cni_version}"
echo "ovs version: ${ovs_version}"
echo "rdma version: ${rdma_version}"
echo "ibsriov version : ${ibsriov_version}"
echo "ipoib version : ${ipoib_version}"
echo "event_cni_version=${cni_version}" >> $GITHUB_OUTPUT
echo "event_ovs_version=${ovs_version}" >> $GITHUB_OUTPUT
echo "event_rdma_version=${rdma_version}" >> $GITHUB_OUTPUT
echo "event_ibsriov_version=${ibsriov_version}" >> $GITHUB_OUTPUT
echo "event_ipoib_version=${ipoib_version}" >> $GITHUB_OUTPUT
- name: Checkout Source Code
uses: actions/checkout@v4
with:
persist-credentials: false
# fetch-depth: 0
ref: ${{ steps.get_event_version.outputs.event_ref }}
- name: Getting Build Arg
id: arg
run: |
GIT_COMMIT_HASH=$( git show -s --format='format:%H')
GIT_COMMIT_TIME=$( git show -s --format='format:%aI')
echo "commit_hash=${GIT_COMMIT_HASH}" >> $GITHUB_OUTPUT
echo "commit_time=${GIT_COMMIT_TIME}" >> $GITHUB_OUTPUT
# check whether we have upload the same base image to online register , if so, we could not build it
- name: Checking if tag already exists
id: tag-in-repositories
shell: bash
run: |
if docker buildx imagetools inspect ${{ env.ONLINE_REGISTER }}/${{ env.IMAGE_REPO }}/${{ env.IMAGE_NAME }}:${{ steps.get_event_version.outputs.event_tag }} &>/dev/null; then
echo ::set-output name=exists::"true"
echo "the target base image exist , no need to build it "
else
echo ::set-output name=exists::"false"
echo "the target base image does not exist , build it "
fi
- name: Login to online register
if: ${{ steps.tag-in-repositories.outputs.exists == 'false' }}
uses: docker/[email protected]
with:
username: ${{ env.ONLINE_REGISTER_USER }}
password: ${{ env.ONLINE_REGISTER_PASSWORD }}
registry: ${{ env.ONLINE_REGISTER }}
- name: Release build ${{ env.IMAGE_NAME }}
if: ${{ steps.tag-in-repositories.outputs.exists == 'false' }}
uses: docker/[email protected]
continue-on-error: false
id: docker_build_release
with:
context: ./${{ env.IMAGE_ROOT_PATH }}/${{ env.IMAGE_NAME }}
file: ./${{ env.IMAGE_ROOT_PATH }}/${{ env.IMAGE_NAME }}/Dockerfile
push: true
provenance: false
github-token: ${{ secrets.WELAN_PAT }}
platforms: ${{ env.BUILD_PLATFORM }}
tags: |
${{ env.ONLINE_REGISTER }}/${{ env.IMAGE_REPO }}/${{ env.IMAGE_NAME }}:${{ steps.get_event_version.outputs.event_tag }}
build-args: |
GIT_COMMIT_HASH=${{ steps.arg.outputs.commit_hash }}
GIT_COMMIT_TIME=${{ steps.arg.outputs.commit_time }}
CNI_VERSION=${{ steps.get_event_version.outputs.event_cni_version }}
OVS_VERSION=${{ steps.get_event_version.outputs.event_ovs_version }}
RDMA_VERSION=${{ steps.get_event_version.outputs.event_rdma_version }}
IB_SRIOV_VERSION=${{ steps.get_event_version.outputs.event_ibsriov_version }}
IPOIB_VERSION=${{ steps.get_event_version.outputs.event_ipoib_version }}
- name: Image Release Digest
if: ${{ steps.tag-in-repositories.outputs.exists == 'false' }}
shell: bash
run: |
mkdir -p image-digest/
echo "## ${{ env.IMAGE_NAME }}" > image-digest/${{ env.IMAGE_NAME }}.txt
echo "" >> image-digest/${{ env.IMAGE_NAME }}.txt
echo "\`${{ env.ONLINE_REGISTER }}/${{ env.IMAGE_REPO }}/${{ env.IMAGE_NAME }}:${{ steps.get_event_version.outputs.event_tag }}@${{ steps.docker_build_release.outputs.digest }}\`" >> image-digest/${{ env.IMAGE_NAME }}.txt
echo "" >> image-digest/${{ env.IMAGE_NAME }}.txt
- name: Upload artifact digests
if: ${{ steps.tag-in-repositories.outputs.exists == 'false' }}
uses: actions/[email protected]
with:
name: image-digest ${{ env.IMAGE_NAME }}
path: image-digest
retention-days: 1
image-digests:
name: Display Digests
runs-on: ubuntu-latest
needs: build-and-push
steps:
- name: Downloading Image Digests
shell: bash
run: |
mkdir -p image-digest/
- name: Download digests of all images built
uses: actions/download-artifact@v3
with:
path: image-digest/
- name: Image Digests Output
shell: bash
run: |
cd image-digest/
find -type f | sort | xargs -d '\n' cat