From bd28452b26d7d0f973df75cb46554205b18c8144 Mon Sep 17 00:00:00 2001 From: Sarah Chen Date: Fri, 13 Sep 2024 13:26:43 -0400 Subject: [PATCH 1/8] Build Docker image in CI --- .github/workflows/docker.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/workflows/docker.yml diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 0000000..01dc5c7 --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,20 @@ +name: build catadog + +on: + # trigger catadog every time a push occurs on any branch + push: + branches: + - "**" + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: checkout + uses: actions/checkout@v4 + - name: build image + run: docker buildx build -t catadog . + - name: test image by starting up a container + run: docker run --rm -d --name catadog catadog + - name: kill container + run: docker container kill catadog From 6372950a090440de3f93c252214b1563de653a2e Mon Sep 17 00:00:00 2001 From: Sarah Chen Date: Tue, 17 Sep 2024 17:15:28 -0400 Subject: [PATCH 2/8] Build image for x86-64 --- .github/workflows/docker.yml | 49 +++++++++++++++++++++++++++++++----- Gemfile | 2 ++ Gemfile.lock | 35 +++++++++++++------------- entrypoint.rb | 4 ++- 4 files changed, 66 insertions(+), 24 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 01dc5c7..b567e45 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -6,15 +6,52 @@ on: branches: - "**" +env: + # push images to the github container registry + REGISTRY: ghrc.io + # store images in the datadog/catadog repository + REPO: datadog/catadog + jobs: build: + strategy: + # in matrix strategy where you're running multiple jobs with different variable combinations, setting fail-fast to false lets jobs continue running despite other failed jobs + fail-fast: false + # not sure if we need a matrix strategy to test multiple different versions of ruby... catadog's base image is ruby 3.4 so maybe we should only have ruby 3.4? + matrix: + include: + - engine: ruby + version: "3.4" runs-on: ubuntu-latest + name: build (${{ matrix.engine }} ${{ matrix.version }}) steps: + - name: set variables + id: vars + run: | + echo "SRC=." >> $GITHUB_OUTPUT + echo "IMAGE=${{ env.REGISTRY }}/${{ env.REPO }}/engines/${{ matrix.engine }}" >> $GITHUB_OUTPUT + echo "TAG=${{ matrix.version }}" >> $GITHUB_OUTPUT + echo "DOCKERFILE=./Dockerfile" >> $GITHUB_OUTPUT + # check out repository code - name: checkout uses: actions/checkout@v4 - - name: build image - run: docker buildx build -t catadog . - - name: test image by starting up a container - run: docker run --rm -d --name catadog catadog - - name: kill container - run: docker container kill catadog + # docker container engine enables advanced buildx features, possibly to allow different platforms (x86_64 and aarch64-linux) + - name: set up docker container engine + run: | + docker buildx create --name=container --driver=docker-container --use --bootstrap + # build x86_64 image + - name: build single-arch image (x86_64) + run: | + docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --output=type=image,push=false --platform linux/x86_64 -f ${{ steps.vars.outputs.DOCKERFILE }} + # tag image so that it can be referenced in testing step. tag separately from build to avoid interference w caching + - name: tag single-arch image (x86_64) + run: | + docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --load --platform linux/x86_64 -f ${{ steps.vars.outputs.DOCKERFILE }} --tag ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} + # test image + - name: test single-arch image (x86_64) + run: | + docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'true' + docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} ruby -e 'puts RUBY_DESCRIPTION' + docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} gem --version + docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} bundle --version + docker run --platform linux/x86_64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'bundle install && bundle exec rake test' diff --git a/Gemfile b/Gemfile index b7a53cb..f4c928c 100644 --- a/Gemfile +++ b/Gemfile @@ -13,3 +13,5 @@ end group :dev do gem "pry" end + +gem "ostruct", "~> 0.6.0" diff --git a/Gemfile.lock b/Gemfile.lock index a1049db..8f1124a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -11,21 +11,22 @@ PATH GEM remote: https://rubygems.org/ specs: - activesupport (7.1.3.4) + activesupport (7.2.1) base64 bigdecimal - concurrent-ruby (~> 1.0, >= 1.0.2) + concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) - mutex_m - tzinfo (~> 2.0) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) ast (2.4.2) base64 (0.2.0) bigdecimal (3.1.8) coderay (1.1.3) - concurrent-ruby (1.3.3) + concurrent-ruby (1.3.4) connection_pool (2.4.1) csv (3.3.0) drb (2.2.1) @@ -41,7 +42,7 @@ GEM ffi (1.17.0-x86_64-linux-gnu) ffi (1.17.0-x86_64-linux-musl) fileutils (1.7.2) - i18n (1.14.5) + i18n (1.14.6) concurrent-ruby (~> 1.0) json (2.7.2) language_server-protocol (3.17.0.3) @@ -49,15 +50,15 @@ GEM listen (3.9.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - logger (1.6.0) + logger (1.6.1) method_source (1.1.0) - minitest (5.24.1) + minitest (5.25.1) msgpack (1.7.2) - mustermann (3.0.1) + mustermann (3.0.3) ruby2_keywords (~> 0.0.1) - mutex_m (0.2.0) - parallel (1.25.1) - parser (3.3.4.1) + ostruct (0.6.0) + parallel (1.26.3) + parser (3.3.5.0) ast (~> 2.4.1) racc pry (0.14.2) @@ -73,11 +74,10 @@ GEM rb-fsevent (0.11.2) rb-inotify (0.11.1) ffi (~> 1.0) - rbs (3.5.2) + rbs (3.5.3) logger regexp_parser (2.9.2) - rexml (3.3.4) - strscan + rexml (3.3.7) rubocop (1.52.1) json (~> 2.3) parallel (~> 1.10) @@ -88,7 +88,7 @@ GEM rubocop-ast (>= 1.28.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.32.0) + rubocop-ast (1.32.3) parser (>= 3.3.1.0) rubocop-performance (1.18.0) rubocop (>= 1.7.0, < 2.0) @@ -134,7 +134,7 @@ GEM tilt (2.4.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.5.0) + unicode-display_width (2.6.0) webrick (1.8.1) PLATFORMS @@ -152,6 +152,7 @@ PLATFORMS DEPENDENCIES catadog! + ostruct (~> 0.6.0) pry rake (~> 13.0) rbs diff --git a/entrypoint.rb b/entrypoint.rb index 38850d9..7915b66 100644 --- a/entrypoint.rb +++ b/entrypoint.rb @@ -1,5 +1,7 @@ if ARGV.empty? || ARGV == %W[bundle exec catadog] exec "bundle exec catadog -h 0.0.0.0" -else +elsif ARGV[0].start_with?("-") exec "bundle exec catadog -h 0.0.0.0 #{ARGV.join(" ")}" +else + exec ARGV.join(" ").to_s end From 667acf73f470fda132a1d5ac0ef553b38eae7568 Mon Sep 17 00:00:00 2001 From: Sarah Chen Date: Wed, 18 Sep 2024 13:20:56 -0400 Subject: [PATCH 3/8] Build image for aarch64-linux --- .github/workflows/docker.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index b567e45..2627a25 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -55,3 +55,21 @@ jobs: docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} gem --version docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} bundle --version docker run --platform linux/x86_64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'bundle install && bundle exec rake test' + + # now build image for aarch64-linux, emulated under qemu + - name: enable aarch64 emulation (x86_64) + run: | + docker run --privileged --rm tonistiigi/binfmt --install arm64 + - name: build single-arch image (aarch64-linux) + run: | + docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --output=type=image,push=false --platform linux/aarch64 -f ${{ steps.vars.outputs.DOCKERFILE }} + - name: tag single-arch image (aarch64-linux) + run: | + docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --load --platform linux/aarch64 -f ${{ steps.vars.outputs.DOCKERFILE }} --tag ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} + - name: test single-arch image (aarch64-linux) + run: | + docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'true' + docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} ruby -e 'puts RUBY_DESCRIPTION' + docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} gem --version + docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} bundle --version + docker run --platform linux/aarch64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'bundle install && bundle exec rake test' From aef20c5b84af058b0dea0b782952459d511bcc0d Mon Sep 17 00:00:00 2001 From: Sarah Chen Date: Wed, 18 Sep 2024 14:23:14 -0400 Subject: [PATCH 4/8] Assemble multi-arch image for a combined push to registry --- .github/workflows/docker.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 2627a25..c6157a0 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -73,3 +73,13 @@ jobs: docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} gem --version docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} bundle --version docker run --platform linux/aarch64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'bundle install && bundle exec rake test' + + # finally assemble multi-arch image for a combined push to the registry. this reruns docker build but because the layers are cached, it's fast + - name: log in to the container registry + if: ${{ inputs.push }} + run: | + echo ${{ secrets.GITHUB_TOKEN }} | docker login ${{ env.REGISTRY }} -u ${{ github.actor }} --password-stdin + - name: Build multi-arch image (x86_64, aarch64) + if: ${{ inputs.push }} + run: | + docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --output=type=image,push=true --build-arg BUILDKIT_INLINE_CACHE=1 --platform linux/x86_64,linux/aarch64 -f ${{ steps.vars.outputs.DOCKERFILE }} --tag ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} From 36a3b2375bb55dab0086e68b08e5033de5635247 Mon Sep 17 00:00:00 2001 From: Sarah Chen Date: Wed, 18 Sep 2024 15:06:17 -0400 Subject: [PATCH 5/8] Update comments --- .github/workflows/docker.yml | 53 ++++++++++++++++++------------------ 1 file changed, 27 insertions(+), 26 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index c6157a0..f8e4ab6 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,54 +1,51 @@ -name: build catadog +name: Build Catadog on: - # trigger catadog every time a push occurs on any branch push: branches: - "**" env: - # push images to the github container registry REGISTRY: ghrc.io - # store images in the datadog/catadog repository REPO: datadog/catadog jobs: build: strategy: - # in matrix strategy where you're running multiple jobs with different variable combinations, setting fail-fast to false lets jobs continue running despite other failed jobs fail-fast: false - # not sure if we need a matrix strategy to test multiple different versions of ruby... catadog's base image is ruby 3.4 so maybe we should only have ruby 3.4? + # Test only ruby 3.4 matrix: include: - engine: ruby version: "3.4" runs-on: ubuntu-latest - name: build (${{ matrix.engine }} ${{ matrix.version }}) + name: Build (${{ matrix.engine }} ${{ matrix.version }}) steps: - - name: set variables + - name: Set variables id: vars run: | echo "SRC=." >> $GITHUB_OUTPUT echo "IMAGE=${{ env.REGISTRY }}/${{ env.REPO }}/engines/${{ matrix.engine }}" >> $GITHUB_OUTPUT echo "TAG=${{ matrix.version }}" >> $GITHUB_OUTPUT echo "DOCKERFILE=./Dockerfile" >> $GITHUB_OUTPUT - # check out repository code - - name: checkout + - name: Checkout uses: actions/checkout@v4 - # docker container engine enables advanced buildx features, possibly to allow different platforms (x86_64 and aarch64-linux) - - name: set up docker container engine + + # Use docker-container engine to enable advanced buildx features + - name: Set up docker container engine run: | docker buildx create --name=container --driver=docker-container --use --bootstrap - # build x86_64 image - - name: build single-arch image (x86_64) + + # Build image for x86-64 + # + # Tag image separately to avoid interference with caching and so that testing step can reference the image + - name: Build single-arch image (x86-64) run: | docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --output=type=image,push=false --platform linux/x86_64 -f ${{ steps.vars.outputs.DOCKERFILE }} - # tag image so that it can be referenced in testing step. tag separately from build to avoid interference w caching - - name: tag single-arch image (x86_64) + - name: Tag single-arch image (x86-64) run: | docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --load --platform linux/x86_64 -f ${{ steps.vars.outputs.DOCKERFILE }} --tag ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} - # test image - - name: test single-arch image (x86_64) + - name: Test single-arch image (x86-64) run: | docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'true' docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} ruby -e 'puts RUBY_DESCRIPTION' @@ -56,17 +53,19 @@ jobs: docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} bundle --version docker run --platform linux/x86_64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'bundle install && bundle exec rake test' - # now build image for aarch64-linux, emulated under qemu - - name: enable aarch64 emulation (x86_64) + # Build image for aarch64-linux, emulated under qemu + # + # Tag image separately to avoid interference with caching and so that testing step can reference the image + - name: Enable aarch64 emulation (x86-64) run: | docker run --privileged --rm tonistiigi/binfmt --install arm64 - - name: build single-arch image (aarch64-linux) + - name: Build single-arch image (aarch64-linux) run: | docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --output=type=image,push=false --platform linux/aarch64 -f ${{ steps.vars.outputs.DOCKERFILE }} - - name: tag single-arch image (aarch64-linux) + - name: Tag single-arch image (aarch64-linux) run: | docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --load --platform linux/aarch64 -f ${{ steps.vars.outputs.DOCKERFILE }} --tag ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} - - name: test single-arch image (aarch64-linux) + - name: Test single-arch image (aarch64-linux) run: | docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'true' docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} ruby -e 'puts RUBY_DESCRIPTION' @@ -74,12 +73,14 @@ jobs: docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} bundle --version docker run --platform linux/aarch64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'bundle install && bundle exec rake test' - # finally assemble multi-arch image for a combined push to the registry. this reruns docker build but because the layers are cached, it's fast - - name: log in to the container registry + # Assemble multi-arch image for a combined push to the registry + # + # Docker build is rerun, but build is fast because the layers are already cached + - name: Log in to the container registry if: ${{ inputs.push }} run: | echo ${{ secrets.GITHUB_TOKEN }} | docker login ${{ env.REGISTRY }} -u ${{ github.actor }} --password-stdin - - name: Build multi-arch image (x86_64, aarch64) + - name: Build multi-arch image (x86-64, aarch64) if: ${{ inputs.push }} run: | docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --output=type=image,push=true --build-arg BUILDKIT_INLINE_CACHE=1 --platform linux/x86_64,linux/aarch64 -f ${{ steps.vars.outputs.DOCKERFILE }} --tag ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} From 042eb00f54918fbdb993076abe2733384721c006 Mon Sep 17 00:00:00 2001 From: Sarah Chen Date: Wed, 18 Sep 2024 17:26:54 -0400 Subject: [PATCH 6/8] Allow user to manually trigger workflow and push images --- .github/workflows/docker.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index f8e4ab6..81fa827 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,6 +1,13 @@ name: Build Catadog on: + workflow_dispatch: + inputs: + push: + description: Push images + required: true + type: boolean + default: true push: branches: - "**" From c515a44e95f73e423c0b3cf6758bc997a1ee9681 Mon Sep 17 00:00:00 2001 From: Sarah Chen Date: Thu, 19 Sep 2024 11:02:40 -0400 Subject: [PATCH 7/8] Rewrite specifically for ruby 3.4 --- .github/workflows/docker.yml | 52 ++++++++++++------------------------ 1 file changed, 17 insertions(+), 35 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 81fa827..6b5b91f 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -12,29 +12,11 @@ on: branches: - "**" -env: - REGISTRY: ghrc.io - REPO: datadog/catadog - jobs: build: - strategy: - fail-fast: false - # Test only ruby 3.4 - matrix: - include: - - engine: ruby - version: "3.4" runs-on: ubuntu-latest - name: Build (${{ matrix.engine }} ${{ matrix.version }}) + name: Build ruby 3.4 steps: - - name: Set variables - id: vars - run: | - echo "SRC=." >> $GITHUB_OUTPUT - echo "IMAGE=${{ env.REGISTRY }}/${{ env.REPO }}/engines/${{ matrix.engine }}" >> $GITHUB_OUTPUT - echo "TAG=${{ matrix.version }}" >> $GITHUB_OUTPUT - echo "DOCKERFILE=./Dockerfile" >> $GITHUB_OUTPUT - name: Checkout uses: actions/checkout@v4 @@ -48,17 +30,17 @@ jobs: # Tag image separately to avoid interference with caching and so that testing step can reference the image - name: Build single-arch image (x86-64) run: | - docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --output=type=image,push=false --platform linux/x86_64 -f ${{ steps.vars.outputs.DOCKERFILE }} + docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --output=type=image,push=false --platform linux/x86_64 -f ./Dockerfile - name: Tag single-arch image (x86-64) run: | - docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --load --platform linux/x86_64 -f ${{ steps.vars.outputs.DOCKERFILE }} --tag ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} + docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --load --platform linux/x86_64 -f ./Dockerfile --tag ghrc.io/datadog/catadog - name: Test single-arch image (x86-64) run: | - docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'true' - docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} ruby -e 'puts RUBY_DESCRIPTION' - docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} gem --version - docker run --platform linux/x86_64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} bundle --version - docker run --platform linux/x86_64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'bundle install && bundle exec rake test' + docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog /bin/sh -c 'true' + docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION' + docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog gem --version + docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog bundle --version + docker run --platform linux/x86_64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghrc.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test' # Build image for aarch64-linux, emulated under qemu # @@ -68,17 +50,17 @@ jobs: docker run --privileged --rm tonistiigi/binfmt --install arm64 - name: Build single-arch image (aarch64-linux) run: | - docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --output=type=image,push=false --platform linux/aarch64 -f ${{ steps.vars.outputs.DOCKERFILE }} + docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --output=type=image,push=false --platform linux/aarch64 -f ./Dockerfile - name: Tag single-arch image (aarch64-linux) run: | - docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --load --platform linux/aarch64 -f ${{ steps.vars.outputs.DOCKERFILE }} --tag ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} + docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --load --platform linux/aarch64 -f ./Dockerfile --tag ghrc.io/datadog/catadog - name: Test single-arch image (aarch64-linux) run: | - docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'true' - docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} ruby -e 'puts RUBY_DESCRIPTION' - docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} gem --version - docker run --platform linux/aarch64 --rm ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} bundle --version - docker run --platform linux/aarch64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} /bin/sh -c 'bundle install && bundle exec rake test' + docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog /bin/sh -c 'true' + docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION' + docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog gem --version + docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog bundle --version + docker run --platform linux/aarch64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghrc.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test' # Assemble multi-arch image for a combined push to the registry # @@ -86,8 +68,8 @@ jobs: - name: Log in to the container registry if: ${{ inputs.push }} run: | - echo ${{ secrets.GITHUB_TOKEN }} | docker login ${{ env.REGISTRY }} -u ${{ github.actor }} --password-stdin + echo ${{ secrets.GITHUB_TOKEN }} | docker login ghrc.io -u ${{ github.actor }} --password-stdin - name: Build multi-arch image (x86-64, aarch64) if: ${{ inputs.push }} run: | - docker buildx build ${{ steps.vars.outputs.SRC }} --builder=container --cache-from=type=registry,ref=${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} --output=type=image,push=true --build-arg BUILDKIT_INLINE_CACHE=1 --platform linux/x86_64,linux/aarch64 -f ${{ steps.vars.outputs.DOCKERFILE }} --tag ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG }} + docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --output=type=image,push=true --build-arg BUILDKIT_INLINE_CACHE=1 --platform linux/x86_64,linux/aarch64 -f ./Dockerfile --tag ghrc.io/datadog/catadog From b21b3049d91896bbf4748fef49b00b9b56369d56 Mon Sep 17 00:00:00 2001 From: Sarah Chen Date: Fri, 20 Sep 2024 13:20:41 -0400 Subject: [PATCH 8/8] Add permissions and fix typos --- .github/workflows/docker.yml | 37 +++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 6b5b91f..96de292 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -15,7 +15,10 @@ on: jobs: build: runs-on: ubuntu-latest - name: Build ruby 3.4 + name: Build Docker image + permissions: + contents: read + packages: write steps: - name: Checkout uses: actions/checkout@v4 @@ -30,17 +33,17 @@ jobs: # Tag image separately to avoid interference with caching and so that testing step can reference the image - name: Build single-arch image (x86-64) run: | - docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --output=type=image,push=false --platform linux/x86_64 -f ./Dockerfile + docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --output=type=image,push=false --platform linux/x86_64 -f ./Dockerfile - name: Tag single-arch image (x86-64) run: | - docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --load --platform linux/x86_64 -f ./Dockerfile --tag ghrc.io/datadog/catadog + docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --load --platform linux/x86_64 -f ./Dockerfile --tag ghcr.io/datadog/catadog - name: Test single-arch image (x86-64) run: | - docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog /bin/sh -c 'true' - docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION' - docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog gem --version - docker run --platform linux/x86_64 --rm ghrc.io/datadog/catadog bundle --version - docker run --platform linux/x86_64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghrc.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test' + docker run --platform linux/x86_64 --rm ghcr.io/datadog/catadog /bin/sh -c 'true' + docker run --platform linux/x86_64 --rm ghcr.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION' + docker run --platform linux/x86_64 --rm ghcr.io/datadog/catadog gem --version + docker run --platform linux/x86_64 --rm ghcr.io/datadog/catadog bundle --version + docker run --platform linux/x86_64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghcr.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test' # Build image for aarch64-linux, emulated under qemu # @@ -50,17 +53,17 @@ jobs: docker run --privileged --rm tonistiigi/binfmt --install arm64 - name: Build single-arch image (aarch64-linux) run: | - docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --output=type=image,push=false --platform linux/aarch64 -f ./Dockerfile + docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --output=type=image,push=false --platform linux/aarch64 -f ./Dockerfile - name: Tag single-arch image (aarch64-linux) run: | - docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --load --platform linux/aarch64 -f ./Dockerfile --tag ghrc.io/datadog/catadog + docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --load --platform linux/aarch64 -f ./Dockerfile --tag ghcr.io/datadog/catadog - name: Test single-arch image (aarch64-linux) run: | - docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog /bin/sh -c 'true' - docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION' - docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog gem --version - docker run --platform linux/aarch64 --rm ghrc.io/datadog/catadog bundle --version - docker run --platform linux/aarch64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghrc.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test' + docker run --platform linux/aarch64 --rm ghcr.io/datadog/catadog /bin/sh -c 'true' + docker run --platform linux/aarch64 --rm ghcr.io/datadog/catadog ruby -e 'puts RUBY_DESCRIPTION' + docker run --platform linux/aarch64 --rm ghcr.io/datadog/catadog gem --version + docker run --platform linux/aarch64 --rm ghcr.io/datadog/catadog bundle --version + docker run --platform linux/aarch64 --rm -v "${PWD}":"${PWD}" -w "${PWD}" ghcr.io/datadog/catadog /bin/sh -c 'bundle install && bundle exec rake test' # Assemble multi-arch image for a combined push to the registry # @@ -68,8 +71,8 @@ jobs: - name: Log in to the container registry if: ${{ inputs.push }} run: | - echo ${{ secrets.GITHUB_TOKEN }} | docker login ghrc.io -u ${{ github.actor }} --password-stdin + echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin - name: Build multi-arch image (x86-64, aarch64) if: ${{ inputs.push }} run: | - docker buildx build . --builder=container --cache-from=type=registry,ref=ghrc.io/datadog/catadog --output=type=image,push=true --build-arg BUILDKIT_INLINE_CACHE=1 --platform linux/x86_64,linux/aarch64 -f ./Dockerfile --tag ghrc.io/datadog/catadog + docker buildx build . --builder=container --cache-from=type=registry,ref=ghcr.io/datadog/catadog --output=type=image,push=true --build-arg BUILDKIT_INLINE_CACHE=1 --platform linux/x86_64,linux/aarch64 -f ./Dockerfile --tag ghcr.io/datadog/catadog