Auto Build Image CI #352
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Auto Build Image CI | |
env: | |
ONLINE_REGISTER: ghcr.io | |
BUILD_PLATFORM: linux/amd64,linux/arm64 | |
ONLINE_REGISTER_USER: ${{ github.actor }} | |
ONLINE_REGISTER_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | |
on: | |
workflow_run: | |
workflows: | |
- "Image CI Cache Cleaner" | |
branches: | |
- main | |
- release-* | |
types: | |
- completed | |
# called by daily build and push image | |
workflow_call: | |
inputs: | |
ref: | |
required: true | |
type: string | |
push: | |
required: true | |
type: string | |
outputs: | |
imageTag: | |
description: "tag of image ci" | |
value: ${{ jobs.build_and_push_prs.outputs.imageTag }} | |
# concurrency: | |
# group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.pull_request.number || github.sha }} | |
# cancel-in-progress: true | |
jobs: | |
build_and_push_prs: | |
runs-on: ubuntu-latest | |
# run if filters.src was changed | |
outputs: | |
imageTag: ${{ steps.tag.outputs.tag }} | |
e2e: ${{ steps.tag.outputs.e2e }} | |
strategy: | |
matrix: | |
include: | |
- name: spiderpool-agent | |
dockerfile: ./images/spiderpool-agent/Dockerfile | |
context: ./ | |
- name: spiderpool-controller | |
dockerfile: ./images/spiderpool-controller/Dockerfile | |
context: ./ | |
steps: | |
- name: Set up Docker Buildx | |
uses: docker/[email protected] | |
# commit sha is used for image tag | |
- name: Getting image tag | |
id: tag | |
run: | | |
echo ${{ github.event_name }} | |
if ${{ inputs.ref != '' }}; then | |
echo "trigger by workflow_call" | |
echo ::set-output name=tag::${{ inputs.ref }} | |
echo ::set-output name=push::${{ inputs.push }} | |
elif ${{ github.event_name == 'push' }} ; then | |
echo "trigger by push" | |
echo ::set-output name=tag::${{ github.sha }} | |
echo ::set-output name=push::false | |
elif ${{ github.event_name == 'pull_request_target' }} ; then | |
echo "trigger by pull_request_target" | |
echo ::set-output name=tag::${{ github.event.pull_request.head.sha }} | |
echo ::set-output name=push::false | |
elif ${{ github.event_name == 'workflow_run' }} ; then | |
echo "trigger by workflow_run" | |
echo ::set-output name=tag::main | |
echo ::set-output name=push::false | |
else | |
echo "trigger by ${{ github.event_name }}" | |
echo ::set-output name=tag::${{ github.sha }} | |
echo ::set-output name=push::false | |
fi | |
- name: Login to online register | |
uses: docker/[email protected] | |
if: ${{ steps.tag.outputs.push == 'true' }} | |
with: | |
username: ${{ env.ONLINE_REGISTER_USER }} | |
password: ${{ env.ONLINE_REGISTER_PASSWORD }} | |
registry: ${{ env.ONLINE_REGISTER }} | |
# checkout the changed code | |
- name: Checkout Source Code | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
ref: ${{ steps.tag.outputs.tag }} | |
- name: Getting Build Arg | |
id: arg | |
continue-on-error: false | |
run: | | |
GIT_COMMIT_VERSION=$( git show -s --format='format:%H') | |
GIT_COMMIT_TIME=$( git show -s --format='format:%aI') | |
echo ::set-output name=commitver::${GIT_COMMIT_VERSION} | |
echo ::set-output name=committime::${GIT_COMMIT_TIME} | |
# ============= get cache =========== | |
# Load Golang cache build from GitHub | |
# Cache dependencies and build outputs in GitHub Actions | |
# the github will keep the cache for 7 days at most | |
# we could see cache-hit result for this step | |
- name: Load ${{ matrix.name }} Golang cache build from GitHub | |
uses: actions/cache@v3 | |
id: cache | |
with: | |
# if find the cache mapping to "key" , will restore to "path" | |
# when the key doesn't match an existing cache. A list of restore-keys is useful when you are restoring a cache from another branch | |
path: /tmp/.cache/${{ matrix.name }} | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-${{ matrix.name }}-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-${{ matrix.name }}- | |
${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}- | |
${{ runner.os }}-go- | |
- name: Create ${{ matrix.name }} cache directory | |
if: ${{ steps.cache.outputs.cache-hit != 'true' }} | |
shell: bash | |
run: | | |
mkdir -p /tmp/.cache/${{ matrix.name }} | |
# Import GitHub's cache build to docker cache | |
- name: Copy ${{ matrix.name }} Golang cache to docker cache | |
uses: docker/[email protected] | |
with: | |
context: /tmp/.cache/${{ matrix.name }} | |
file: ./images/cache/Dockerfile | |
github-token: ${{ secrets.WELAN_PAT }} | |
push: false | |
platforms: linux/amd64 | |
target: import-cache | |
# ========== main branch pushes , build 2 images | |
# build normal image | |
- name: CI Build ${{ matrix.name }} | |
if: ${{ github.event_name != 'pull_request_target' }} | |
uses: docker/[email protected] | |
continue-on-error: false | |
id: docker_build_ci_master | |
with: | |
context: . | |
file: ${{ matrix.dockerfile }} | |
# Only push when the event name was a GitHub push, this is to avoid | |
# re-pushing the image tags when we only want to re-create the Golang | |
# docker cache after the workflow "Image CI Cache Cleaner" was terminated. | |
push: ${{ steps.tag.outputs.push }} | |
provenance: false | |
platforms: linux/amd64,linux/arm64 | |
github-token: ${{ secrets.WELAN_PAT }} | |
tags: | | |
${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }} | |
build-args: | | |
GIT_COMMIT_VERSION=${{ steps.arg.outputs.commitver }} | |
GIT_COMMIT_TIME=${{ steps.arg.outputs.committime }} | |
VERSION=${{ steps.tag.outputs.tag }} | |
# build debug image who turn on race and deadlock detection | |
- name: CI race detection Build ${{ matrix.name }} | |
if: ${{ github.event_name != 'pull_request_target' }} | |
uses: docker/[email protected] | |
continue-on-error: false | |
id: docker_build_ci_master_detect_race_condition | |
with: | |
context: . | |
file: ${{ matrix.dockerfile }} | |
# Only push when the event name was a GitHub push, this is to avoid | |
# re-pushing the image tags when we only want to re-create the Golang | |
# docker cache after the workflow "Image CI Cache Cleaner" was terminated. | |
push: ${{ steps.tag.outputs.push }} | |
platforms: linux/amd64 | |
outputs: type=tar,dest=/tmp/${{ matrix.name }}-race.tar | |
github-token: ${{ secrets.WELAN_PAT }} | |
tags: | | |
${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}-race | |
build-args: | | |
RACE=1 | |
GIT_COMMIT_VERSION=${{ steps.arg.outputs.commitver }} | |
GIT_COMMIT_TIME=${{ steps.arg.outputs.committime }} | |
VERSION=${{ steps.tag.outputs.tag }} | |
- name: CI Image Releases digests | |
if: ${{ github.event_name != 'pull_request_target' }} | |
shell: bash | |
run: | | |
mkdir -p image-digest/ | |
echo "${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}@${{ steps.docker_build_ci_master.outputs.digest }}" > image-digest/${{ matrix.name }}.txt | |
echo "${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}-race@${{ steps.docker_build_ci_master_detect_race_condition.outputs.digest }}" >> image-digest/${{ matrix.name }}.txt | |
# =========== trigger by PR updates , build 2 images | |
- name: CI Build ${{ matrix.name }} | |
if: ${{ github.event_name == 'pull_request_target' }} | |
uses: docker/[email protected] | |
continue-on-error: false | |
id: docker_build_ci_pr | |
with: | |
context: . | |
file: ${{ matrix.dockerfile }} | |
push: ${{ steps.tag.outputs.push }} | |
provenance: false | |
github-token: ${{ secrets.WELAN_PAT }} | |
platforms: linux/amd64,linux/arm64 | |
tags: | | |
${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }} | |
build-args: | | |
GIT_COMMIT_VERSION=${{ steps.arg.outputs.commitver }} | |
GIT_COMMIT_TIME=${{ steps.arg.outputs.committime }} | |
VERSION=${{ steps.tag.outputs.tag }} | |
- name: CI race detection Build ${{ matrix.name }} | |
if: ${{ github.event_name == 'pull_request_target' }} | |
uses: docker/[email protected] | |
continue-on-error: false | |
id: docker_build_ci_pr_detect_race_condition | |
with: | |
context: . | |
file: ${{ matrix.dockerfile }} | |
push: ${{ steps.tag.outputs.push }} | |
platforms: linux/amd64 | |
github-token: ${{ secrets.WELAN_PAT }} | |
outputs: type=tar,dest=/tmp/${{ matrix.name }}-race.tar | |
tags: | | |
${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}-race | |
build-args: | | |
RACE=1 | |
GIT_COMMIT_VERSION=${{ steps.arg.outputs.commitver }} | |
GIT_COMMIT_TIME=${{ steps.arg.outputs.committime }} | |
VERSION=${{ steps.tag.outputs.tag }} | |
- name: CI Image Releases digests | |
if: ${{ github.event_name == 'pull_request_target' }} | |
shell: bash | |
run: | | |
mkdir -p image-digest/ | |
echo "${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}@${{ steps.docker_build_ci_pr.outputs.digest }}" > image-digest/${{ matrix.name }}.txt | |
echo "${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}-race@${{ steps.docker_build_ci_pr_detect_race_condition.outputs.digest }}" >> image-digest/${{ matrix.name }}.txt | |
# Upload artifact digests | |
- name: Upload artifact digests | |
uses: actions/[email protected] | |
with: | |
name: image-digest-${{ matrix.name }} | |
path: image-digest | |
retention-days: 1 | |
# Upload artifact race images tar | |
- name: Upload artifact race image tar | |
uses: actions/[email protected] | |
with: | |
name: image-tar-${{ matrix.name }} | |
path: /tmp/${{ matrix.name }}-race.tar | |
retention-days: 1 | |
# ============= restore cache =========== | |
# Store docker's golang's cache build locally only on the main branch | |
- name: Store ${{ matrix.name }} Golang cache build locally | |
if: ${{ github.event_name != 'pull_request_target' && steps.cache.outputs.cache-hit != 'true' }} | |
uses: docker/[email protected] | |
with: | |
context: . | |
file: ./images/cache/Dockerfile | |
push: false | |
outputs: type=local,dest=/tmp/docker-cache-${{ matrix.name }} | |
platforms: linux/amd64 | |
target: export-cache | |
# Store docker's golang's cache build locally only on the main branch | |
- name: Store ${{ matrix.name }} Golang cache in GitHub cache path | |
if: ${{ github.event_name != 'pull_request_target' && steps.cache.outputs.cache-hit != 'true' }} | |
shell: bash | |
run: | | |
mkdir -p /tmp/.cache/${{ matrix.name }}/ | |
if [ -f /tmp/docker-cache-${{ matrix.name }}/tmp/go-build-cache.tar.gz ]; then | |
cp /tmp/docker-cache-${{ matrix.name }}/tmp/go-build-cache.tar.gz /tmp/.cache/${{ matrix.name }}/ | |
fi | |
if [ -f /tmp/docker-cache-${{ matrix.name }}/tmp/go-pkg-cache.tar.gz ]; then | |
cp /tmp/docker-cache-${{ matrix.name }}/tmp/go-pkg-cache.tar.gz /tmp/.cache/${{ matrix.name }}/ | |
fi | |
image-digests: | |
name: Display Digests | |
runs-on: ubuntu-latest | |
needs: build_and_push_prs | |
steps: | |
- name: Downloading Image Digests | |
shell: bash | |
run: | | |
mkdir -p image-digest/ | |
- name: Download digests of all images built | |
uses: actions/download-artifact@v3 | |
with: | |
path: image-digest/ | |
name: image-digest-spiderpool-agent | |
- name: Download digests of all images built | |
uses: actions/download-artifact@v3 | |
with: | |
path: image-digest/ | |
name: image-digest-spiderpool-controller | |
- name: Image Digests Output | |
shell: bash | |
run: | | |
cd image-digest/ | |
find -type f | sort | xargs -d '\n' cat |