From ff118aab1e14c809b9d83346db6c53c22e569302 Mon Sep 17 00:00:00 2001 From: Mason Tran Date: Wed, 19 Jun 2024 15:05:35 -0400 Subject: [PATCH] fixup! [actions] upload docker image tar to artifacts --- .github/workflows/build.yml | 45 ++++++++++--- .github/workflows/docker.yml | 115 ++++++++++++++++++--------------- docker/Dockerfile | 17 ++++- docker/base.Dockerfile | 25 +++++++ docker/ot-efr32-dev.Dockerfile | 21 ++++++ 5 files changed, 159 insertions(+), 64 deletions(-) create mode 100644 docker/base.Dockerfile create mode 100644 docker/ot-efr32-dev.Dockerfile diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d3dae446..48510b41 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,20 +29,33 @@ name: Build on: - workflow_run: - workflows: [Publish to DockerHub] - types: [completed] + workflow_call: -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || (github.repository == 'openthread/ot-efr32' && github.run_id) || github.ref }} - cancel-in-progress: true +# concurrency: +# group: ${{ github.workflow }}-${{ github.event.pull_request.number || (github.repository == 'openthread/ot-efr32' && github.run_id) || github.ref }} +# cancel-in-progress: true + +permissions: + packages: read jobs: + generate-metadata: + name: Generate required metadata + runs-on: ubuntu-22.04 + outputs: + owner: ${{ steps.lowercase_owner.outputs.REPOSITORY_OWNER }} + steps: + - name: Lowercase GitHub repository owner + id: lowercase_owner + run: | + echo "REPOSITORY_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT" + arm-gcc: name: arm-gcc-${{ matrix.gcc_ver }} runs-on: ubuntu-22.04 + needs: generate-metadata container: - image: siliconlabsinc/ot-efr32-dev:latest + image: ghcr.io/${{ needs.generate-metadata.outputs.owner }}/ot-efr32-dev:${{ github.sha }} options: --user 1001 strategy: fail-fast: false @@ -80,7 +93,7 @@ jobs: - name: Build run: | export PATH=${HOME}/.local/${{ matrix.gcc_extract_dir }}/bin:$PATH - script/test + script/build brd4151a - name: Gather SLC generated files if: failure() @@ -99,3 +112,19 @@ jobs: with: name: build-${{ matrix.gcc_ver }} path: artifact + + - name: Lowercase GitHub repository owner + id: lowercase_owner + if: always() + run: | + echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]' + + - name: Delete image + uses: bots-house/ghcr-delete-image-action@v1.1.0 + if: always() + with: + owner: ${{ steps.lowercase_owner.outputs.stdout }} + name: ot-efr32-dev + # NOTE: using Personal Access Token + token: ${{ secrets.PAT }} + tag: ${{ github.sha }} diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 3b54a25d..5dfbdf90 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -29,11 +29,10 @@ name: Docker env: - TEST_TAG: siliconlabsinc/ot-efr32-dev:test SHA_TAG: siliconlabsinc/ot-efr32-dev:${{ github.sha }} LATEST_TAG: siliconlabsinc/ot-efr32-dev:latest - DOCKER_IMAGE_ARTIFACT_NAME: ot-efr32-dev-image-${{ github.sha }}-${{ github.event_name}} - DOCKER_IMAGE_TAR: ot-efr32-dev-image-${{ github.sha }}.tar + DOCKER_IMAGE_ARTIFACT_NAME: ot-efr32-dev-image-${{ github.sha }}-${{ github.event_name}}.tar + REPO_OWNER: '' on: push: @@ -48,7 +47,7 @@ concurrency: cancel-in-progress: true permissions: # added using https://github.com/step-security/secure-workflows - contents: read + packages: write jobs: build: @@ -66,32 +65,53 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + with: + platforms: linux/amd64 - name: Build and export to Docker context uses: docker/build-push-action@v5 with: + build-args: | + BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') context: . file: docker/Dockerfile - # load: true - build-args: | - - BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') - platforms: - linux/amd64 + load: true tags: | - ${{ env.TEST_TAG }} ${{ env.SHA_TAG }} cache-from: type=gha cache-to: type=gha,mode=max - outputs: type=oci,dest=${{ env.DOCKER_IMAGE_TAR}} - # - name: Container image sanity checks - # run: | - # # Download container-structure-test - # curl -LO https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-amd64 \ - # && chmod +x container-structure-test-linux-amd64 + - name: Inspect Docker image + run: docker inspect ${{ env.SHA_TAG }} + + - name: Container image sanity checks + run: | + # Download container-structure-test + curl -LO https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-amd64 \ + && chmod +x container-structure-test-linux-amd64 - # # Run tests - # ./container-structure-test-linux-amd64 test --config docker/test-ot-efr32-dev.yml --image ${{ env.TEST_TAG }} + # Run tests + ./container-structure-test-linux-amd64 test --config docker/test-ot-efr32-dev.yml --image ${{ env.SHA_TAG }} + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Lowercase GitHub repository owner + id: lowercase_owner + run: | + echo "REPOSITORY_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT" + + - name: Tag Docker image + run: | + docker tag ${{ env.SHA_TAG }} ghcr.io/${{ steps.lowercase_owner.outputs.REPOSITORY_OWNER }}/ot-efr32-dev:${{ github.sha }} + + - name: Push Docker image + run: | + docker push ghcr.io/${{ steps.lowercase_owner.outputs.REPOSITORY_OWNER }}/ot-efr32-dev:${{ github.sha }} # - name: Create LFS file hash list # run: git -C third_party/silabs/gecko_sdk lfs ls-files -l | cut -d' ' -f1 | sort > .lfs-assets-id @@ -108,59 +128,48 @@ jobs: # - name: Test build inside container # run: | - # docker run -v ${{ github.workspace }}:/ot-efr32/ --user $(id -u) --rm ${{ env.TEST_TAG }} script/build --skip-silabs-apps brd4151a + # docker run -v ${{ github.workspace }}:/ot-efr32/ --user $(id -u) --rm ${{ env.SHA_TAG }} script/build --skip-silabs-apps brd4151a - - name: Upload docker image - uses: actions/upload-artifact@v4.3.3 - with: - name: ${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} - path: ${{ env.DOCKER_IMAGE_TAR }} + # - name: Upload docker image + # uses: actions/upload-artifact@v4.3.3 + # with: + # name: ${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} + # path: /tmp/${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} - publish: - name: Publish to DockerHub + publish-dockerhub: + name: Tag `latest` and publish to DockerHub runs-on: ubuntu-22.04 needs: [build] if: | github.repository == 'SiliconLabs/ot-efr32' && - github.event_name != 'pull_request' + github.event_name != 'pull_request' && + github.ref == 'refs/heads/main' steps: - name: Login to DockerHub + if: github.ref == 'refs/heads/main' uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Download Docker image + id: download uses: actions/download-artifact@v4.1.7 with: name: ${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} - - - name: Show downloaded Docker image - run: ls -ahl ${{ github.workspace }} + path: /tmp - name: Load Docker image - run: docker load -i ${{ github.workspace }}/${{ env.DOCKER_IMAGE_TAR }} - - - name: Build and push - uses: docker/build-push-action@v5 - if: github.ref == 'refs/heads/main' - with: - context: . - file: docker/Dockerfile - push: true - tags: | - ${{ env.SHA_TAG }} - platforms: - linux/amd64 + run: | + docker load --input ${{ steps.download.outputs.download-path }}/${{ env.DOCKER_IMAGE_ARTIFACT_NAME }} + docker inspect ${{ env.SHA_TAG }} - name: Tag `latest` and push - uses: docker/build-push-action@v5 - if: github.ref == 'refs/heads/main' - with: - context: . - file: docker/Dockerfile - push: true - tags: | - ${{ env.LATEST_TAG }} - platforms: - linux/amd64 + run: | + docker tag ${{ env.SHA_TAG }} ${{ env.LATEST_TAG }} + docker push ${{ env.LATEST_TAG }} + + trigger_build: + name: Trigger Build Workflow + uses: ./.github/workflows/build.yml + needs: [build] diff --git a/docker/Dockerfile b/docker/Dockerfile index b9d9d6bd..9858f8c7 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,4 +1,7 @@ -FROM ubuntu:22.04 +ARG BASE_IMAGE='ubuntu:22.04' +ARG BUILD_DATE + +FROM ${BASE_IMAGE} as base ENV TZ="America/New_York" ENV repo_dir="/ot-efr32" @@ -23,8 +26,11 @@ RUN ./script/bootstrap arm_toolchain COPY ./requirements.txt . RUN ./script/bootstrap python +# ============================================================================== + # Label the build date before downloading slc to force slc to always be downloaded during a docker build -ARG BUILD_DATE + +FROM base AS ot-efr32-dev LABEL build_date=${BUILD_DATE} COPY ./script/bootstrap_silabs \ @@ -34,8 +40,13 @@ RUN mkdir ${SLC_INSTALL_DIR} && \ ./script/bootstrap silabs +# Change workdir to root temporarily +WORKDIR / + # Clone repo for convenience ARG REPO_URL="https://github.com/openthread/ot-efr32" -WORKDIR / +ENV repo_dir="/ot-efr32" RUN rm -rf ${repo_dir} && git clone ${REPO_URL} ${repo_dir} + +# Change workdir back to repo WORKDIR ${repo_dir} diff --git a/docker/base.Dockerfile b/docker/base.Dockerfile new file mode 100644 index 00000000..212e33af --- /dev/null +++ b/docker/base.Dockerfile @@ -0,0 +1,25 @@ +ARG BASE_IMAGE='ubuntu:22.04' +FROM ${BASE_IMAGE} as base + +ENV TZ="America/New_York" +ENV repo_dir="/ot-efr32" +WORKDIR ${repo_dir} + +# Install packages +RUN apt-get update && \ + apt-get -y install --no-install-recommends \ + sudo \ + tzdata \ + && rm -rf /var/lib/apt/lists/* + +# Copy scripts +COPY ./script/bootstrap \ + ./script/ + +# Install system packages and ARM toolchain +RUN ./script/bootstrap packages && rm -rf /var/lib/apt/lists/* +RUN ./script/bootstrap arm_toolchain + +# Install Python packages +COPY ./requirements.txt . +RUN ./script/bootstrap python diff --git a/docker/ot-efr32-dev.Dockerfile b/docker/ot-efr32-dev.Dockerfile new file mode 100644 index 00000000..79bb0ca2 --- /dev/null +++ b/docker/ot-efr32-dev.Dockerfile @@ -0,0 +1,21 @@ +ARG BASE_IMAGE='siliconlabsinc/ot-efr32-dev:base' + +FROM ${BASE_IMAGE} AS ot-efr32-dev + +COPY ./script/bootstrap_silabs \ + ./script/ +ENV SLC_INSTALL_DIR=/opt/slc_cli +RUN mkdir ${SLC_INSTALL_DIR} && \ + ./script/bootstrap silabs + + +# Change workdir to root temporarily +WORKDIR / + +# Clone repo for convenience +ARG REPO_URL="https://github.com/openthread/ot-efr32" +ENV repo_dir="/ot-efr32" +RUN rm -rf ${repo_dir} && git clone ${REPO_URL} ${repo_dir} + +# Change workdir back to repo +WORKDIR ${repo_dir}