Skip to content

Auto Build Image CI #352

Auto Build Image CI

Auto Build Image CI #352

name: Auto Build Image CI
env:
ONLINE_REGISTER: ghcr.io
BUILD_PLATFORM: linux/amd64,linux/arm64
ONLINE_REGISTER_USER: ${{ github.actor }}
ONLINE_REGISTER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
on:
workflow_run:
workflows:
- "Image CI Cache Cleaner"
branches:
- main
- release-*
types:
- completed
# called by daily build and push image
workflow_call:
inputs:
ref:
required: true
type: string
push:
required: true
type: string
outputs:
imageTag:
description: "tag of image ci"
value: ${{ jobs.build_and_push_prs.outputs.imageTag }}
# concurrency:
# group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.pull_request.number || github.sha }}
# cancel-in-progress: true
jobs:
build_and_push_prs:
runs-on: ubuntu-latest
# run if filters.src was changed
outputs:
imageTag: ${{ steps.tag.outputs.tag }}
e2e: ${{ steps.tag.outputs.e2e }}
strategy:
matrix:
include:
- name: spiderpool-agent
dockerfile: ./images/spiderpool-agent/Dockerfile
context: ./
- name: spiderpool-controller
dockerfile: ./images/spiderpool-controller/Dockerfile
context: ./
steps:
- name: Set up Docker Buildx
uses: docker/[email protected]
# commit sha is used for image tag
- name: Getting image tag
id: tag
run: |
echo ${{ github.event_name }}
if ${{ inputs.ref != '' }}; then
echo "trigger by workflow_call"
echo ::set-output name=tag::${{ inputs.ref }}
echo ::set-output name=push::${{ inputs.push }}
elif ${{ github.event_name == 'push' }} ; then
echo "trigger by push"
echo ::set-output name=tag::${{ github.sha }}
echo ::set-output name=push::false
elif ${{ github.event_name == 'pull_request_target' }} ; then
echo "trigger by pull_request_target"
echo ::set-output name=tag::${{ github.event.pull_request.head.sha }}
echo ::set-output name=push::false
elif ${{ github.event_name == 'workflow_run' }} ; then
echo "trigger by workflow_run"
echo ::set-output name=tag::main
echo ::set-output name=push::false
else
echo "trigger by ${{ github.event_name }}"
echo ::set-output name=tag::${{ github.sha }}
echo ::set-output name=push::false
fi
- name: Login to online register
uses: docker/[email protected]
if: ${{ steps.tag.outputs.push == 'true' }}
with:
username: ${{ env.ONLINE_REGISTER_USER }}
password: ${{ env.ONLINE_REGISTER_PASSWORD }}
registry: ${{ env.ONLINE_REGISTER }}
# checkout the changed code
- name: Checkout Source Code
uses: actions/checkout@v4
with:
persist-credentials: false
ref: ${{ steps.tag.outputs.tag }}
- name: Getting Build Arg
id: arg
continue-on-error: false
run: |
GIT_COMMIT_VERSION=$( git show -s --format='format:%H')
GIT_COMMIT_TIME=$( git show -s --format='format:%aI')
echo ::set-output name=commitver::${GIT_COMMIT_VERSION}
echo ::set-output name=committime::${GIT_COMMIT_TIME}
# ============= get cache ===========
# Load Golang cache build from GitHub
# Cache dependencies and build outputs in GitHub Actions
# the github will keep the cache for 7 days at most
# we could see cache-hit result for this step
- name: Load ${{ matrix.name }} Golang cache build from GitHub
uses: actions/cache@v3
id: cache
with:
# if find the cache mapping to "key" , will restore to "path"
# when the key doesn't match an existing cache. A list of restore-keys is useful when you are restoring a cache from another branch
path: /tmp/.cache/${{ matrix.name }}
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-${{ matrix.name }}-${{ github.sha }}
restore-keys: |
${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-${{ matrix.name }}-
${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-
${{ runner.os }}-go-
- name: Create ${{ matrix.name }} cache directory
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
shell: bash
run: |
mkdir -p /tmp/.cache/${{ matrix.name }}
# Import GitHub's cache build to docker cache
- name: Copy ${{ matrix.name }} Golang cache to docker cache
uses: docker/[email protected]
with:
context: /tmp/.cache/${{ matrix.name }}
file: ./images/cache/Dockerfile
github-token: ${{ secrets.WELAN_PAT }}
push: false
platforms: linux/amd64
target: import-cache
# ========== main branch pushes , build 2 images
# build normal image
- name: CI Build ${{ matrix.name }}
if: ${{ github.event_name != 'pull_request_target' }}
uses: docker/[email protected]
continue-on-error: false
id: docker_build_ci_master
with:
context: .
file: ${{ matrix.dockerfile }}
# Only push when the event name was a GitHub push, this is to avoid
# re-pushing the image tags when we only want to re-create the Golang
# docker cache after the workflow "Image CI Cache Cleaner" was terminated.
push: ${{ steps.tag.outputs.push }}
provenance: false
platforms: linux/amd64,linux/arm64
github-token: ${{ secrets.WELAN_PAT }}
tags: |
${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}
build-args: |
GIT_COMMIT_VERSION=${{ steps.arg.outputs.commitver }}
GIT_COMMIT_TIME=${{ steps.arg.outputs.committime }}
VERSION=${{ steps.tag.outputs.tag }}
# build debug image who turn on race and deadlock detection
- name: CI race detection Build ${{ matrix.name }}
if: ${{ github.event_name != 'pull_request_target' }}
uses: docker/[email protected]
continue-on-error: false
id: docker_build_ci_master_detect_race_condition
with:
context: .
file: ${{ matrix.dockerfile }}
# Only push when the event name was a GitHub push, this is to avoid
# re-pushing the image tags when we only want to re-create the Golang
# docker cache after the workflow "Image CI Cache Cleaner" was terminated.
push: ${{ steps.tag.outputs.push }}
platforms: linux/amd64
outputs: type=tar,dest=/tmp/${{ matrix.name }}-race.tar
github-token: ${{ secrets.WELAN_PAT }}
tags: |
${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}-race
build-args: |
RACE=1
GIT_COMMIT_VERSION=${{ steps.arg.outputs.commitver }}
GIT_COMMIT_TIME=${{ steps.arg.outputs.committime }}
VERSION=${{ steps.tag.outputs.tag }}
- name: CI Image Releases digests
if: ${{ github.event_name != 'pull_request_target' }}
shell: bash
run: |
mkdir -p image-digest/
echo "${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}@${{ steps.docker_build_ci_master.outputs.digest }}" > image-digest/${{ matrix.name }}.txt
echo "${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}-race@${{ steps.docker_build_ci_master_detect_race_condition.outputs.digest }}" >> image-digest/${{ matrix.name }}.txt
# =========== trigger by PR updates , build 2 images
- name: CI Build ${{ matrix.name }}
if: ${{ github.event_name == 'pull_request_target' }}
uses: docker/[email protected]
continue-on-error: false
id: docker_build_ci_pr
with:
context: .
file: ${{ matrix.dockerfile }}
push: ${{ steps.tag.outputs.push }}
provenance: false
github-token: ${{ secrets.WELAN_PAT }}
platforms: linux/amd64,linux/arm64
tags: |
${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}
build-args: |
GIT_COMMIT_VERSION=${{ steps.arg.outputs.commitver }}
GIT_COMMIT_TIME=${{ steps.arg.outputs.committime }}
VERSION=${{ steps.tag.outputs.tag }}
- name: CI race detection Build ${{ matrix.name }}
if: ${{ github.event_name == 'pull_request_target' }}
uses: docker/[email protected]
continue-on-error: false
id: docker_build_ci_pr_detect_race_condition
with:
context: .
file: ${{ matrix.dockerfile }}
push: ${{ steps.tag.outputs.push }}
platforms: linux/amd64
github-token: ${{ secrets.WELAN_PAT }}
outputs: type=tar,dest=/tmp/${{ matrix.name }}-race.tar
tags: |
${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}-race
build-args: |
RACE=1
GIT_COMMIT_VERSION=${{ steps.arg.outputs.commitver }}
GIT_COMMIT_TIME=${{ steps.arg.outputs.committime }}
VERSION=${{ steps.tag.outputs.tag }}
- name: CI Image Releases digests
if: ${{ github.event_name == 'pull_request_target' }}
shell: bash
run: |
mkdir -p image-digest/
echo "${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}@${{ steps.docker_build_ci_pr.outputs.digest }}" > image-digest/${{ matrix.name }}.txt
echo "${{ env.ONLINE_REGISTER }}/${{ github.repository }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}-race@${{ steps.docker_build_ci_pr_detect_race_condition.outputs.digest }}" >> image-digest/${{ matrix.name }}.txt
# Upload artifact digests
- name: Upload artifact digests
uses: actions/[email protected]
with:
name: image-digest-${{ matrix.name }}
path: image-digest
retention-days: 1
# Upload artifact race images tar
- name: Upload artifact race image tar
uses: actions/[email protected]
with:
name: image-tar-${{ matrix.name }}
path: /tmp/${{ matrix.name }}-race.tar
retention-days: 1
# ============= restore cache ===========
# Store docker's golang's cache build locally only on the main branch
- name: Store ${{ matrix.name }} Golang cache build locally
if: ${{ github.event_name != 'pull_request_target' && steps.cache.outputs.cache-hit != 'true' }}
uses: docker/[email protected]
with:
context: .
file: ./images/cache/Dockerfile
push: false
outputs: type=local,dest=/tmp/docker-cache-${{ matrix.name }}
platforms: linux/amd64
target: export-cache
# Store docker's golang's cache build locally only on the main branch
- name: Store ${{ matrix.name }} Golang cache in GitHub cache path
if: ${{ github.event_name != 'pull_request_target' && steps.cache.outputs.cache-hit != 'true' }}
shell: bash
run: |
mkdir -p /tmp/.cache/${{ matrix.name }}/
if [ -f /tmp/docker-cache-${{ matrix.name }}/tmp/go-build-cache.tar.gz ]; then
cp /tmp/docker-cache-${{ matrix.name }}/tmp/go-build-cache.tar.gz /tmp/.cache/${{ matrix.name }}/
fi
if [ -f /tmp/docker-cache-${{ matrix.name }}/tmp/go-pkg-cache.tar.gz ]; then
cp /tmp/docker-cache-${{ matrix.name }}/tmp/go-pkg-cache.tar.gz /tmp/.cache/${{ matrix.name }}/
fi
image-digests:
name: Display Digests
runs-on: ubuntu-latest
needs: build_and_push_prs
steps:
- name: Downloading Image Digests
shell: bash
run: |
mkdir -p image-digest/
- name: Download digests of all images built
uses: actions/download-artifact@v3
with:
path: image-digest/
name: image-digest-spiderpool-agent
- name: Download digests of all images built
uses: actions/download-artifact@v3
with:
path: image-digest/
name: image-digest-spiderpool-controller
- name: Image Digests Output
shell: bash
run: |
cd image-digest/
find -type f | sort | xargs -d '\n' cat