diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 26dae5e7..30f6b871 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,20 +29,33 @@ name: Build on: - workflow_run: - workflows: [Publish to DockerHub] - types: [completed] + workflow_call: -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || (github.repository == 'openthread/ot-efr32' && github.run_id) || github.ref }} - cancel-in-progress: true +# concurrency: +# group: ${{ github.workflow }}-${{ github.event.pull_request.number || (github.repository == 'openthread/ot-efr32' && github.run_id) || github.ref }} +# cancel-in-progress: true + +permissions: + packages: read jobs: + lowercase_owner: + name: Lowercase GitHub repository owner + runs-on: ubuntu-22.04 + outputs: + owner: ${{ steps.lowercase_owner.outputs.REPOSITORY_OWNER }} + steps: + - name: Lowercase GitHub repository owner + id: lowercase_owner + run: | + echo "REPOSITORY_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT" + arm-gcc: name: arm-gcc-${{ matrix.gcc_ver }} runs-on: ubuntu-22.04 + needs: lowercase_owner container: - image: siliconlabsinc/ot-efr32-dev:${{ github.sha }} + image: ghcr.io/${{ needs.lowercase_owner.outputs.owner }}/ot-efr32-dev:${{ github.sha }} options: --user 1001 strategy: fail-fast: false @@ -80,7 +93,7 @@ jobs: - name: Build run: | export PATH=${HOME}/.local/${{ matrix.gcc_extract_dir }}/bin:$PATH - script/test + script/build brd4151a - name: Gather SLC generated files if: failure() @@ -99,3 +112,19 @@ jobs: with: name: build-${{ matrix.gcc_ver }} path: artifact + + - name: Lowercase GitHub repository owner + id: lowercase_owner + if: always() + run: | + echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]' + + - name: Delete image + uses: bots-house/ghcr-delete-image-action@v1.1.0 + if: always() + with: + owner: ${{ steps.lowercase_owner.outputs.stdout }} + name: ot-efr32-dev + # NOTE: using Personal Access Token + token: ${{ secrets.PAT }} + tag: ${{ github.sha }} diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 70728cc3..b369006d 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -32,6 +32,7 @@ env: SHA_TAG: siliconlabsinc/ot-efr32-dev:${{ github.sha }} LATEST_TAG: siliconlabsinc/ot-efr32-dev:latest DOCKER_IMAGE_ARTIFACT_NAME: ot-efr32-dev-image-${{ github.sha }}-${{ github.event_name}}.tar + REPO_OWNER: '' on: push: @@ -46,7 +47,7 @@ concurrency: cancel-in-progress: true permissions: # added using https://github.com/step-security/secure-workflows - contents: read + packages: write jobs: build: @@ -70,6 +71,8 @@ jobs: - name: Build and export to Docker context uses: docker/build-push-action@v5 with: + build-args: | + BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') context: . file: docker/Dockerfile load: true @@ -90,14 +93,34 @@ jobs: # Run tests ./container-structure-test-linux-amd64 test --config docker/test-ot-efr32-dev.yml --image ${{ env.SHA_TAG }} - - name: Export Docker image to tarball - uses: docker/build-push-action@v5 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 with: - context: . - file: docker/Dockerfile - tags: | - ${{ env.SHA_TAG }} - outputs: type=docker,dest=/tmp/${{ env.DOCKER_IMAGE_ARTIFACT_NAME}} + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Lowercase GitHub repository owner + id: lowercase_owner + run: | + echo "REPOSITORY_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT" + + - name: Tag Docker image + run: | + docker tag ${{ env.SHA_TAG }} ghcr.io/${{ steps.lowercase_owner.outputs.REPOSITORY_OWNER }}/ot-efr32-dev:${{ github.sha }} + + - name: Push Docker image + run: | + docker push ghcr.io/${{ steps.lowercase_owner.outputs.REPOSITORY_OWNER }}/ot-efr32-dev:${{ github.sha }} + + # - name: Export Docker image to tarball + # uses: docker/build-push-action@v5 + # with: + # context: . + # file: docker/Dockerfile + # tags: | + # ${{ env.SHA_TAG }} + # outputs: type=docker,dest=/tmp/${{ env.DOCKER_IMAGE_ARTIFACT_NAME}} # - name: Create LFS file hash list # run: git -C third_party/silabs/gecko_sdk lfs ls-files -l | cut -d' ' -f1 | sort > .lfs-assets-id @@ -116,21 +139,60 @@ jobs: # run: | # docker run -v ${{ github.workspace }}:/ot-efr32/ --user $(id -u) --rm ${{ env.SHA_TAG }} script/build --skip-silabs-apps brd4151a - - name: Upload docker image - uses: actions/upload-artifact@v4.3.3 - with: - name: ${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} - path: /tmp/${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} - - publish: - name: Publish to DockerHub + # - name: Upload docker image + # uses: actions/upload-artifact@v4.3.3 + # with: + # name: ${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} + # path: /tmp/${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} + + # publish-ghcr: + # name: Publish to GitHub Container Registry + # runs-on: ubuntu-22.04 + # needs: [build] + # steps: + # - name: Log in to the Container registry + # uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 + # with: + # registry: ghcr.io + # username: ${{ github.actor }} + # password: ${{ secrets.GITHUB_TOKEN }} + + # - name: Download Docker image + # id: download + # uses: actions/download-artifact@v4.1.7 + # with: + # name: ${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} + # path: /tmp + + # - name: Load Docker image + # run: | + # docker load --input ${{ steps.download.outputs.download-path }}/${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} + # docker inspect ${{ env.SHA_TAG }} + + # - name: Lowercase GitHub repository owner + # id: lowercase_owner + # run: | + # echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]' + + # - name: Tag Docker image + # run: | + # docker tag ${{ env.SHA_TAG }} ghcr.io/${{ steps.lowercase_owner.outputs.stdout }}/ot-efr32-dev:${{ github.sha }} + + # - name: Push Docker image + # run: | + # docker push ${{ env.SHA_TAG }} + + publish-dockerhub: + name: Tag `latest` and publish to DockerHub runs-on: ubuntu-22.04 needs: [build] if: | github.repository == 'SiliconLabs/ot-efr32' && - github.event_name != 'pull_request' + github.event_name != 'pull_request' && + github.ref == 'refs/heads/main' steps: - name: Login to DockerHub + if: github.ref == 'refs/heads/main' uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: username: ${{ secrets.DOCKER_USERNAME }} @@ -146,14 +208,14 @@ jobs: - name: Load Docker image run: | docker load --input ${{ steps.download.outputs.download-path }}/${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} - docker image ls -a - - - name: Push Docker image - run: | - docker push ${{ env.SHA_TAG }} + docker inspect ${{ env.SHA_TAG }} - name: Tag `latest` and push - if: github.ref == 'refs/heads/main' run: | docker tag ${{ env.SHA_TAG }} ${{ env.LATEST_TAG }} docker push ${{ env.LATEST_TAG }} + + trigger_build: + name: Trigger Build Workflow + uses: ./.github/workflows/build.yml + needs: [build] diff --git a/docker/Dockerfile b/docker/Dockerfile index 60bc3da4..9858f8c7 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,4 +1,6 @@ ARG BASE_IMAGE='ubuntu:22.04' +ARG BUILD_DATE + FROM ${BASE_IMAGE} as base ENV TZ="America/New_York" @@ -26,7 +28,10 @@ RUN ./script/bootstrap python # ============================================================================== +# Label the build date before downloading slc to force slc to always be downloaded during a docker build + FROM base AS ot-efr32-dev +LABEL build_date=${BUILD_DATE} COPY ./script/bootstrap_silabs \ ./script/