From 8d2b6ea27ea20bee42ec4873834f54f28ab93937 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 07:58:43 +1100 Subject: [PATCH 01/43] [DDS-1844] Added gh cli tool. --- images/awx-ee/execution-environment.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index 28ab2ef8..bd11d523 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -73,4 +73,12 @@ additional_build_steps: - RUN curl -L https://github.com/google/yamlfmt/releases/download/v0.10.0/yamlfmt_0.10.0_Linux_x86_64.tar.gz --output /tmp/yamlfmt_0.10.0_Linux_x86_64.tar.gz - RUN tar -C /tmp -xvf /tmp/yamlfmt_0.10.0_Linux_x86_64.tar.gz - RUN chmod +x /tmp/yamlfmt - - RUN mv /tmp/yamlfmt /usr/local/bin \ No newline at end of file + - RUN mv /tmp/yamlfmt /usr/local/bin + - | # Install GitHub gh cli tool + SHELL ["/bin/bash", "-c"] + RUN set -eux; \ + curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \ + && sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \ + && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \ + && sudo apt update \ + && sudo apt install gh -y \ No newline at end of file From f781cb2b043112814060ca6a3279bb3ce53145e0 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 11:49:47 +1100 Subject: [PATCH 02/43] [DDS-1845] Added awx-ee build step. --- .github/workflows/build-deploy.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 2fad1d60..430698f2 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -61,4 +61,12 @@ jobs: ./gh-actions-bake.hcl ${{ steps.meta.outputs.bake-file }} # Target the default group - probably unnecessary. - targets: ${{ matrix.images }} \ No newline at end of file + targets: ${{ matrix.images }} + + - name: Build and push AWX-EE + run: | + pip install --upgrade ansible-builder + cd images/awx-ee + ansible-builder create -f execution-environment.yml + docker buildx create --name sdp-amd-arm --platform linux/amd64,linux/arm64 --use + docker buildx bake --progress=plain --push --provenance false \ No newline at end of file From bd2eea6da4503f5c9be322c4154800f0b84f44a7 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 12:28:08 +1100 Subject: [PATCH 03/43] [DDS-1845] Added bake-action for awx-ee. --- .github/workflows/build-deploy.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 430698f2..10acdddb 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -67,6 +67,14 @@ jobs: run: | pip install --upgrade ansible-builder cd images/awx-ee - ansible-builder create -f execution-environment.yml - docker buildx create --name sdp-amd-arm --platform linux/amd64,linux/arm64 --use - docker buildx bake --progress=plain --push --provenance false \ No newline at end of file + ansible-builder build \ + --file execution-environment.yml \ + --build-arg PYCMD="/usr/local/bin/python3" \ + --build-arg PKGMGR="/usr/bin/apt-get" \ + --verbosity 3 + + - name: Build and push the images + working-directory: ./images/awx-ee + uses: docker/bake-action@v4 + with: + push: true From 051cdb5f4cfd4c4f0c0e643b969499a4b75f3e69 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 12:39:17 +1100 Subject: [PATCH 04/43] [DDS-1845] Fixed workdir declaration. --- .github/workflows/build-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 10acdddb..9e2bed86 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -74,7 +74,7 @@ jobs: --verbosity 3 - name: Build and push the images - working-directory: ./images/awx-ee uses: docker/bake-action@v4 with: push: true + workdir: ./images/awx-ee From bd7976e7388769f33d1fa0b238f9dffdb2daa396 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 12:50:50 +1100 Subject: [PATCH 05/43] [DDS-1845] Moved awx-ee build step to independent workflow. --- .github/workflows/build-deploy-awx-ee.yml | 49 +++++++++++++++++++++++ .github/workflows/build-deploy.yml | 18 +-------- 2 files changed, 50 insertions(+), 17 deletions(-) create mode 100644 .github/workflows/build-deploy-awx-ee.yml diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml new file mode 100644 index 00000000..49f380f6 --- /dev/null +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -0,0 +1,49 @@ +name: build-deploy-bay-images +run-name: Build and deploy Bay images +on: + pull_request: + types: + - closed + - opened + - synchronize + schedule: + - cron: '23 20 * * 0' + workflow_dispatch: + +env: + REGISTRY: ghcr.io +jobs: + buildx: + if: github.event.pull_request.merged == true || contains(fromJson('["schedule", "workflow_dispatch"]'), github.event_name) || github.event_name == 'pull_request' && startsWith(github.head_ref,'build/') + runs-on: ubuntu-latest + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - uses: actions/checkout@v3 + + - name: Login to registry ${{ env.REGISTRY }} + uses: docker/login-action@v2.2.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.REGISTRY_USER }} + password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Build and push AWX-EE + run: | + pip install --upgrade ansible-builder + cd images/awx-ee + ansible-builder build \ + --file execution-environment.yml \ + --build-arg PYCMD="/usr/local/bin/python3" \ + --build-arg PKGMGR="/usr/bin/apt-get" \ + --verbosity 3 + + - name: Build and push the images + uses: docker/bake-action@v4 + with: + push: true + workdir: ./images/awx-ee diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 9e2bed86..2fad1d60 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -61,20 +61,4 @@ jobs: ./gh-actions-bake.hcl ${{ steps.meta.outputs.bake-file }} # Target the default group - probably unnecessary. - targets: ${{ matrix.images }} - - - name: Build and push AWX-EE - run: | - pip install --upgrade ansible-builder - cd images/awx-ee - ansible-builder build \ - --file execution-environment.yml \ - --build-arg PYCMD="/usr/local/bin/python3" \ - --build-arg PKGMGR="/usr/bin/apt-get" \ - --verbosity 3 - - - name: Build and push the images - uses: docker/bake-action@v4 - with: - push: true - workdir: ./images/awx-ee + targets: ${{ matrix.images }} \ No newline at end of file From 593d7c647aa86478cd4a58490526849b1b12b588 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 13:05:31 +1100 Subject: [PATCH 06/43] [DDS-1845] Updated name of awx-ee build workflow. --- .github/workflows/build-deploy-awx-ee.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index 49f380f6..51e6c710 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -1,5 +1,5 @@ -name: build-deploy-bay-images -run-name: Build and deploy Bay images +name: build-deploy-bay-awx-ee +run-name: Build and deploy Bay AWX Execution Environment on: pull_request: types: From 4f60e1e82cddef8056bda8195b5856ae890a25a9 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 13:46:23 +1100 Subject: [PATCH 07/43] [DDS-1845] Specify build image format. --- .github/workflows/build-deploy-awx-ee.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index 51e6c710..8028f0a3 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -37,6 +37,7 @@ jobs: pip install --upgrade ansible-builder cd images/awx-ee ansible-builder build \ + --container-runtime=docker \ --file execution-environment.yml \ --build-arg PYCMD="/usr/local/bin/python3" \ --build-arg PKGMGR="/usr/bin/apt-get" \ From e04031fd42c2829a9a82dc235d42b924895fb76b Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 13:56:19 +1100 Subject: [PATCH 08/43] [DDS-1845] Removed sudo calls. --- images/awx-ee/execution-environment.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index bd11d523..4f755747 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -77,8 +77,8 @@ additional_build_steps: - | # Install GitHub gh cli tool SHELL ["/bin/bash", "-c"] RUN set -eux; \ - curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \ - && sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \ - && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \ - && sudo apt update \ - && sudo apt install gh -y \ No newline at end of file + curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \ + && chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \ + && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null \ + && apt update \ + && apt install gh -y \ No newline at end of file From 0ed36dca6b5b57554e3d5f66fc3a407fa662bdbc Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 14:25:45 +1100 Subject: [PATCH 09/43] [DDS-1845] Updated workflow step names. --- .github/workflows/build-deploy-awx-ee.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index 8028f0a3..da9f249d 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -32,7 +32,7 @@ jobs: username: ${{ secrets.REGISTRY_USER }} password: ${{ secrets.REGISTRY_TOKEN }} - - name: Build and push AWX-EE + - name: Build the AWX-EE image run: | pip install --upgrade ansible-builder cd images/awx-ee @@ -43,7 +43,7 @@ jobs: --build-arg PKGMGR="/usr/bin/apt-get" \ --verbosity 3 - - name: Build and push the images + - name: Push the AWX-EE image uses: docker/bake-action@v4 with: push: true From 710c7e8d16c7ef86d5b85dcbc4b8f3005499102a Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 15:22:17 +1100 Subject: [PATCH 10/43] [DDS-1845] Implemented bake-action for tagging etc. --- .github/workflows/build-deploy-awx-ee.yml | 31 +++++++++++++++++++---- images/awx-ee/docker-bake.hcl | 7 +++-- 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index da9f249d..a113a92f 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -16,6 +16,9 @@ jobs: buildx: if: github.event.pull_request.merged == true || contains(fromJson('["schedule", "workflow_dispatch"]'), github.event_name) || github.event_name == 'pull_request' && startsWith(github.head_ref,'build/') runs-on: ubuntu-latest + defaults: + run: + working-directory: ./images/awx-ee steps: - name: Set up QEMU uses: docker/setup-qemu-action@v2 @@ -32,15 +35,30 @@ jobs: username: ${{ secrets.REGISTRY_USER }} password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v4.6.0 + with: + images: | + ${{ env.REGISTRY }}/${{ github.repository }}/${{ matrix.images }} + tags: | + type=ref,event=pr,enable=${{ github.event.pull_request.merged == false }} + type=raw,value=${{ github.event.pull_request.base.ref }},enable=${{ github.event.pull_request.merged == true }} + type=ref,event=branch,enable=${{ contains(fromJson('["schedule", "workflow_dispatch"]'), github.event_name) }} + labels: | + maintainer=Digital Transformation + repository=${{ github.repositoryUrl }} + org.opencontainers.image.authors=Digital Victoria + org.opencontainers.image.source=https://github.com/${{ github.repository }}/tree/${{ (contains(fromJson('["opened","synchronize"]'), github.event.action)) && github.head_ref || github.event.action == 'closed' && github.base_ref || github.ref_name }}/images/${{ matrix.images }}/Dockerfile + org.opencontainers.image.title=AWX Execution Environment image. + org.opencontainers.image.description=AWX Execution Environment image. + - name: Build the AWX-EE image run: | pip install --upgrade ansible-builder - cd images/awx-ee - ansible-builder build \ - --container-runtime=docker \ + ansible-builder create \ --file execution-environment.yml \ - --build-arg PYCMD="/usr/local/bin/python3" \ - --build-arg PKGMGR="/usr/bin/apt-get" \ --verbosity 3 - name: Push the AWX-EE image @@ -48,3 +66,6 @@ jobs: with: push: true workdir: ./images/awx-ee + files: | + ./docker-bake.hcl + ${{ steps.meta.outputs.bake-file }} diff --git a/images/awx-ee/docker-bake.hcl b/images/awx-ee/docker-bake.hcl index 03806621..fa5c88f6 100644 --- a/images/awx-ee/docker-bake.hcl +++ b/images/awx-ee/docker-bake.hcl @@ -10,14 +10,13 @@ group "default" { targets = ["ee"] } +target "docker-metadata-action" {} + target "ee" { + inherits = ["docker-metadata-action"] context = "./context" dockerfile = "Dockerfile" platforms = ["linux/amd64", "linux/arm64"] - tags = [ - // "singledigital/awx-ee:${IMAGE_TAG}", - "${GHCR}/dpc-sdp/bay/awx-ee:${IMAGE_TAG}" - ] args = { PYCMD = "/usr/local/bin/python3" PKGMGR = "/usr/bin/apt-get" From 414c501f941d4c87ebe691e60d3294ed20d597b7 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 15:36:44 +1100 Subject: [PATCH 11/43] [DDS-1845] Fixed image ref for metadata action. --- .github/workflows/build-deploy-awx-ee.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index a113a92f..b658d4ca 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -41,7 +41,7 @@ jobs: uses: docker/metadata-action@v4.6.0 with: images: | - ${{ env.REGISTRY }}/${{ github.repository }}/${{ matrix.images }} + ${{ env.REGISTRY }}/${{ github.repository }}/awx-ee tags: | type=ref,event=pr,enable=${{ github.event.pull_request.merged == false }} type=raw,value=${{ github.event.pull_request.base.ref }},enable=${{ github.event.pull_request.merged == true }} From 0044054803a5e98919c58a302119d2bc8230b42d Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 15:46:33 +1100 Subject: [PATCH 12/43] [DDS-1845] Removed override. --- images/awx-ee/docker-bake.hcl | 1 - 1 file changed, 1 deletion(-) diff --git a/images/awx-ee/docker-bake.hcl b/images/awx-ee/docker-bake.hcl index fa5c88f6..c707b696 100644 --- a/images/awx-ee/docker-bake.hcl +++ b/images/awx-ee/docker-bake.hcl @@ -15,7 +15,6 @@ target "docker-metadata-action" {} target "ee" { inherits = ["docker-metadata-action"] context = "./context" - dockerfile = "Dockerfile" platforms = ["linux/amd64", "linux/arm64"] args = { PYCMD = "/usr/local/bin/python3" From 108f3f1d812c44b156133f8e54140507b84d015d Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 16:22:15 +1100 Subject: [PATCH 13/43] [DDS-1845] Debug context. --- .github/workflows/build-deploy-awx-ee.yml | 5 +++++ images/awx-ee/docker-bake.hcl | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index b658d4ca..03d2eedc 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -61,6 +61,11 @@ jobs: --file execution-environment.yml \ --verbosity 3 + - name: Debug contents of context dir + run: | + ls -al context + ls -al . + - name: Push the AWX-EE image uses: docker/bake-action@v4 with: diff --git a/images/awx-ee/docker-bake.hcl b/images/awx-ee/docker-bake.hcl index c707b696..6b365a0e 100644 --- a/images/awx-ee/docker-bake.hcl +++ b/images/awx-ee/docker-bake.hcl @@ -14,7 +14,7 @@ target "docker-metadata-action" {} target "ee" { inherits = ["docker-metadata-action"] - context = "./context" + context = "context" platforms = ["linux/amd64", "linux/arm64"] args = { PYCMD = "/usr/local/bin/python3" From 82d69a81c2aeb8fae6c70141931c5a6d788c3935 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 16:33:16 +1100 Subject: [PATCH 14/43] [DDS-1845] Test runtime time for create cmd. --- .github/workflows/build-deploy-awx-ee.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index 03d2eedc..32cb0cc6 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -59,6 +59,7 @@ jobs: pip install --upgrade ansible-builder ansible-builder create \ --file execution-environment.yml \ + --container-runtime docker --verbosity 3 - name: Debug contents of context dir From 060801475e3408f0932c149e533c2e7c2be8f715 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 21:04:14 +1100 Subject: [PATCH 15/43] [DDS-1845] Set output file name for docker. --- .github/workflows/build-deploy-awx-ee.yml | 3 +-- images/awx-ee/docker-bake.hcl | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index 32cb0cc6..81edd110 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -58,8 +58,7 @@ jobs: run: | pip install --upgrade ansible-builder ansible-builder create \ - --file execution-environment.yml \ - --container-runtime docker + --output-filename Dockerfile --verbosity 3 - name: Debug contents of context dir diff --git a/images/awx-ee/docker-bake.hcl b/images/awx-ee/docker-bake.hcl index 6b365a0e..c707b696 100644 --- a/images/awx-ee/docker-bake.hcl +++ b/images/awx-ee/docker-bake.hcl @@ -14,7 +14,7 @@ target "docker-metadata-action" {} target "ee" { inherits = ["docker-metadata-action"] - context = "context" + context = "./context" platforms = ["linux/amd64", "linux/arm64"] args = { PYCMD = "/usr/local/bin/python3" From e07d67487c9188bb0094386aa6f2f2c412caf805 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 21:05:26 +1100 Subject: [PATCH 16/43] [DDS-1845] Removed debug. --- .github/workflows/build-deploy-awx-ee.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index 81edd110..a7cd519a 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -61,11 +61,6 @@ jobs: --output-filename Dockerfile --verbosity 3 - - name: Debug contents of context dir - run: | - ls -al context - ls -al . - - name: Push the AWX-EE image uses: docker/bake-action@v4 with: From cc8f33a8b6c959e0c338738db22867b23d8a973f Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 18 Jan 2024 21:08:31 +1100 Subject: [PATCH 17/43] [DDS-1845] Fixed syntax error. --- .github/workflows/build-deploy-awx-ee.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index a7cd519a..3358291c 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -58,7 +58,7 @@ jobs: run: | pip install --upgrade ansible-builder ansible-builder create \ - --output-filename Dockerfile + --output-filename Dockerfile \ --verbosity 3 - name: Push the AWX-EE image From e4715239c960582a7f090e30a4bc4797f145dfc9 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 08:47:55 +1100 Subject: [PATCH 18/43] [DDS-1845] Build speed comparison. --- .github/workflows/build-deploy-awx-ee.yml | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index 3358291c..740ad85d 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -54,18 +54,21 @@ jobs: org.opencontainers.image.title=AWX Execution Environment image. org.opencontainers.image.description=AWX Execution Environment image. - - name: Build the AWX-EE image + - name: Create context and build instruction file run: | pip install --upgrade ansible-builder - ansible-builder create \ + ansible-builder build \ + --container-runtime=docker \ + --build-arg PKGMGR="/usr/bin/apt-get" \ + --build-arg PYCMD="/usr/local/bin/python3" \ --output-filename Dockerfile \ --verbosity 3 - - name: Push the AWX-EE image - uses: docker/bake-action@v4 - with: - push: true - workdir: ./images/awx-ee - files: | - ./docker-bake.hcl - ${{ steps.meta.outputs.bake-file }} + # - name: Build and push the AWX-EE image + # uses: docker/bake-action@v4 + # with: + # push: true + # workdir: ./images/awx-ee + # files: | + # ./docker-bake.hcl + # ${{ steps.meta.outputs.bake-file }} From 7e5a17ea274f355f8f48dfe4198c11a59a390e6c Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 11:37:50 +1100 Subject: [PATCH 19/43] [DDS-1845] Build speed comparison - consolidate workflow. --- .github/workflows/build-deploy.yml | 9 +++++++++ gh-actions-bake.hcl | 10 +++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 2fad1d60..ba528cf0 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -53,6 +53,15 @@ jobs: org.opencontainers.image.title=${{ matrix.images }} org.opencontainers.image.description=${{ matrix.images }} image for Bay container platform + - name: Create the AWX-EE build instruction file + if: matrix.images == 'awx-ee' + run: | + pip install --upgrade ansible-builder + ansible-builder create \ + --output-filename Dockerfile \ + --verbosity 3 + working-directory: ./images/awx-ee + - name: Build and push the images uses: docker/bake-action@v3.1.0 with: diff --git a/gh-actions-bake.hcl b/gh-actions-bake.hcl index 8915f491..1cc86a2a 100755 --- a/gh-actions-bake.hcl +++ b/gh-actions-bake.hcl @@ -86,4 +86,12 @@ target "ripple-static" { "org.opencontainers.image.description" = "Ripple static site generator image optimised for the Bay container platform" } } - +target "awx-ee" { + inherits = ["docker-metadata-action"] + context = "./awx-ee/context" + platforms = ["linux/amd64", "linux/arm64"] + args = { + PYCMD = "/usr/local/bin/python3" + PKGMGR = "/usr/bin/apt-get" + } +} From 65d02d371a997acd3743696cc8d73598ef39d613 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 15:10:36 +1100 Subject: [PATCH 20/43] [DDS-1845] Moved build inst. file creation. into job. --- .github/workflows/build-deploy.yml | 25 ++++++++++++++++--------- gh-actions-bake.hcl | 2 +- 2 files changed, 17 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index ba528cf0..a42e4196 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -13,6 +13,22 @@ on: env: REGISTRY: ghcr.io jobs: + awx-ee-context: + runs-on: ubuntu-latest + defaults: + run: + working-directory: ./images/awx-ee + strategy: + matrix: + images: ${{ fromJson(vars.IMAGES) }} + steps: + - name: Create the AWX-EE build instruction file + if: matrix.images == 'awx-ee' + run: | + pip install --upgrade ansible-builder + ansible-builder create \ + --output-filename Dockerfile \ + --verbosity 3 buildx: if: github.event.pull_request.merged == true || contains(fromJson('["schedule", "workflow_dispatch"]'), github.event_name) || github.event_name == 'pull_request' && startsWith(github.head_ref,'build/') runs-on: ubuntu-latest @@ -53,15 +69,6 @@ jobs: org.opencontainers.image.title=${{ matrix.images }} org.opencontainers.image.description=${{ matrix.images }} image for Bay container platform - - name: Create the AWX-EE build instruction file - if: matrix.images == 'awx-ee' - run: | - pip install --upgrade ansible-builder - ansible-builder create \ - --output-filename Dockerfile \ - --verbosity 3 - working-directory: ./images/awx-ee - - name: Build and push the images uses: docker/bake-action@v3.1.0 with: diff --git a/gh-actions-bake.hcl b/gh-actions-bake.hcl index 1cc86a2a..6fcfae12 100755 --- a/gh-actions-bake.hcl +++ b/gh-actions-bake.hcl @@ -88,7 +88,7 @@ target "ripple-static" { } target "awx-ee" { inherits = ["docker-metadata-action"] - context = "./awx-ee/context" + context = "./images/awx-ee/context" platforms = ["linux/amd64", "linux/arm64"] args = { PYCMD = "/usr/local/bin/python3" From 2c2e8c0b6a8edb8f41e39b093ef59ecf088a55d7 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 15:18:20 +1100 Subject: [PATCH 21/43] [DDS-1845] Troubleshoot awx-ee path. --- .github/workflows/build-deploy.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index a42e4196..b5440a37 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -17,19 +17,16 @@ jobs: runs-on: ubuntu-latest defaults: run: - working-directory: ./images/awx-ee - strategy: - matrix: - images: ${{ fromJson(vars.IMAGES) }} + working-directory: images/awx-ee steps: - name: Create the AWX-EE build instruction file - if: matrix.images == 'awx-ee' run: | pip install --upgrade ansible-builder ansible-builder create \ --output-filename Dockerfile \ --verbosity 3 buildx: + needs: awx-ee-context if: github.event.pull_request.merged == true || contains(fromJson('["schedule", "workflow_dispatch"]'), github.event_name) || github.event_name == 'pull_request' && startsWith(github.head_ref,'build/') runs-on: ubuntu-latest strategy: From 6759ff8c73d71edc544074a205f1d984af17fabc Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 15:20:23 +1100 Subject: [PATCH 22/43] [DDS-1845] Troubleshoot awx-ee path. --- .github/workflows/build-deploy.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index b5440a37..bb41a338 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -15,12 +15,13 @@ env: jobs: awx-ee-context: runs-on: ubuntu-latest - defaults: - run: - working-directory: images/awx-ee + # defaults: + # run: + # working-directory: images/awx-ee steps: - name: Create the AWX-EE build instruction file run: | + cd images/awx-ee pip install --upgrade ansible-builder ansible-builder create \ --output-filename Dockerfile \ From 79c19b37af0be8b90cc3655bfb31211436f626c8 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 15:23:28 +1100 Subject: [PATCH 23/43] [DDS-1845] Troubleshoot awx-ee path. --- .github/workflows/build-deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index bb41a338..f405781c 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -21,7 +21,8 @@ jobs: steps: - name: Create the AWX-EE build instruction file run: | - cd images/awx-ee + pwd + cd ./images/awx-ee pip install --upgrade ansible-builder ansible-builder create \ --output-filename Dockerfile \ From 42f9b85004e723c79734a9fd5984134f0e87dc16 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 15:31:22 +1100 Subject: [PATCH 24/43] [DDS-1845] Fixed path resolution. --- .github/workflows/build-deploy.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index f405781c..5924d05e 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -15,14 +15,14 @@ env: jobs: awx-ee-context: runs-on: ubuntu-latest - # defaults: - # run: - # working-directory: images/awx-ee + defaults: + run: + working-directory: ./images/awx-ee steps: + - uses: actions/checkout@v3 + - name: Create the AWX-EE build instruction file run: | - pwd - cd ./images/awx-ee pip install --upgrade ansible-builder ansible-builder create \ --output-filename Dockerfile \ From b17e2dbe330bf1113ef1bba712a21f68904675d8 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 15:36:50 +1100 Subject: [PATCH 25/43] [DDS-1845] Updated bakefile awx context. --- gh-actions-bake.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gh-actions-bake.hcl b/gh-actions-bake.hcl index 6fcfae12..5046fe38 100755 --- a/gh-actions-bake.hcl +++ b/gh-actions-bake.hcl @@ -88,7 +88,7 @@ target "ripple-static" { } target "awx-ee" { inherits = ["docker-metadata-action"] - context = "./images/awx-ee/context" + context = "${CONTEXT}/awx-ee/context" platforms = ["linux/amd64", "linux/arm64"] args = { PYCMD = "/usr/local/bin/python3" From 87380a3fdb07322a41933a18a05438b48a7ef6f9 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 15:40:17 +1100 Subject: [PATCH 26/43] [DDS-1845] Debug awx-ee context. --- .github/workflows/build-deploy.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 5924d05e..bbc2bc5c 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -35,6 +35,9 @@ jobs: matrix: images: ${{ fromJson(vars.IMAGES) }} steps: + - name: Create the AWX-EE build instruction file + run: ls -al ./images/awx-ee + - name: Set up QEMU uses: docker/setup-qemu-action@v2 From 650b8803b307c84ea152eb68ee88674b2a5f5ef3 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 15:42:15 +1100 Subject: [PATCH 27/43] [DDS-1845] Debug awx-ee context. --- .github/workflows/build-deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index bbc2bc5c..89756037 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -35,9 +35,6 @@ jobs: matrix: images: ${{ fromJson(vars.IMAGES) }} steps: - - name: Create the AWX-EE build instruction file - run: ls -al ./images/awx-ee - - name: Set up QEMU uses: docker/setup-qemu-action@v2 @@ -46,6 +43,9 @@ jobs: - uses: actions/checkout@v3 + - name: Troubleshoot awx-ee context + run: ls -al ./images/awx-ee + - name: Login to registry ${{ env.REGISTRY }} uses: docker/login-action@v2.2.0 with: From fe166b33cb4dc54c0dc915630d5b2571314ac65e Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 15:57:43 +1100 Subject: [PATCH 28/43] [DDS-1845] Revert to step for awx-ee context creation. --- .github/workflows/build-deploy.yml | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index 89756037..b38de5b1 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -13,22 +13,7 @@ on: env: REGISTRY: ghcr.io jobs: - awx-ee-context: - runs-on: ubuntu-latest - defaults: - run: - working-directory: ./images/awx-ee - steps: - - uses: actions/checkout@v3 - - - name: Create the AWX-EE build instruction file - run: | - pip install --upgrade ansible-builder - ansible-builder create \ - --output-filename Dockerfile \ - --verbosity 3 buildx: - needs: awx-ee-context if: github.event.pull_request.merged == true || contains(fromJson('["schedule", "workflow_dispatch"]'), github.event_name) || github.event_name == 'pull_request' && startsWith(github.head_ref,'build/') runs-on: ubuntu-latest strategy: @@ -43,9 +28,6 @@ jobs: - uses: actions/checkout@v3 - - name: Troubleshoot awx-ee context - run: ls -al ./images/awx-ee - - name: Login to registry ${{ env.REGISTRY }} uses: docker/login-action@v2.2.0 with: @@ -71,6 +53,15 @@ jobs: org.opencontainers.image.title=${{ matrix.images }} org.opencontainers.image.description=${{ matrix.images }} image for Bay container platform + - name: Create the AWX-EE context + if: matrix.images == 'awx-ee' + run: | + pip install --upgrade ansible-builder + ansible-builder create \ + --output-filename Dockerfile \ + --verbosity 3 + working-directory: ./images/awx-ee + - name: Build and push the images uses: docker/bake-action@v3.1.0 with: From 7aa1ca6537ef3af1cf998549380f51e55bd30825 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 16:33:56 +1100 Subject: [PATCH 29/43] [DDS-1845] Updated awx-ee independent workflow. For speed comparison. --- .github/workflows/build-deploy-awx-ee.yml | 24 ++++++++++++++--------- images/awx-ee/docker-bake.hcl | 4 ++-- images/awx-ee/execution-environment.yml | 8 +++++--- 3 files changed, 22 insertions(+), 14 deletions(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index 740ad85d..c29ef1b4 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -46,24 +46,30 @@ jobs: type=ref,event=pr,enable=${{ github.event.pull_request.merged == false }} type=raw,value=${{ github.event.pull_request.base.ref }},enable=${{ github.event.pull_request.merged == true }} type=ref,event=branch,enable=${{ contains(fromJson('["schedule", "workflow_dispatch"]'), github.event_name) }} - labels: | - maintainer=Digital Transformation - repository=${{ github.repositoryUrl }} - org.opencontainers.image.authors=Digital Victoria - org.opencontainers.image.source=https://github.com/${{ github.repository }}/tree/${{ (contains(fromJson('["opened","synchronize"]'), github.event.action)) && github.head_ref || github.event.action == 'closed' && github.base_ref || github.ref_name }}/images/${{ matrix.images }}/Dockerfile - org.opencontainers.image.title=AWX Execution Environment image. - org.opencontainers.image.description=AWX Execution Environment image. - name: Create context and build instruction file run: | pip install --upgrade ansible-builder ansible-builder build \ - --container-runtime=docker \ + --container-runtime docker \ + --tag ${{ steps.meta.outputs.tags }} --build-arg PKGMGR="/usr/bin/apt-get" \ --build-arg PYCMD="/usr/local/bin/python3" \ - --output-filename Dockerfile \ --verbosity 3 + + # Refactored to use bake but it's substantially slower so we'll do a push instead + # see https://github.com/docker/build-push-action/issues/538#issuecomment-1869681934 + # However this approach may be at the cost of multi-arch support. + - name: Test + run: | + docker images + + - name: Push + run: | + docker push --all-tags ${{ env.REGISTRY }}/${{ github.repository }}/awx-ee + + # - name: Build and push the AWX-EE image # uses: docker/bake-action@v4 # with: diff --git a/images/awx-ee/docker-bake.hcl b/images/awx-ee/docker-bake.hcl index c707b696..363fbfd8 100644 --- a/images/awx-ee/docker-bake.hcl +++ b/images/awx-ee/docker-bake.hcl @@ -7,12 +7,12 @@ variable "IMAGE_TAG" { } group "default" { - targets = ["ee"] + targets = ["awx-ee"] } target "docker-metadata-action" {} -target "ee" { +target "awx-ee" { inherits = ["docker-metadata-action"] context = "./context" platforms = ["linux/amd64", "linux/arm64"] diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index 4f755747..27c3dcfa 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -19,9 +19,11 @@ additional_build_steps: append_base: [] prepend_final: - - LABEL org.opencontainers.image.authors="Digital Victoria" - - LABEL org.opencontainers.image.description="Provides an AWX execution environment image optimised for use with SDP." - - LABEL org.opencontainers.image.source="https://github.com/dpc-sdp/bay/blob/6.x/images/awx-ee/context/Dockerfile" + - LABEL maintainer=Digital Transformation + - LABEL org.opencontainers.image.authors=Digital Transformation + - LABEL org.opencontainers.image.title=SDP AWX Execution Environment image. + - LABEL org.opencontainers.image.description="Provides an AWX execution environment image optimised for use with SDP. Built with ansible-builder." + - LABEL org.opencontainers.image.source="https://github.com/dpc-sdp/bay/blob/6.x/images/awx-ee/" - ARG LAGOON_CLI_VERSION=v0.15.4 - ARG NVM_INSTALL_VERSION=v0.39.1 - ARG NODE_VERSION=v14.15.1 From 8c43b85bcd75330e5dcf699bd3c9f83f7d2505eb Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 16:35:59 +1100 Subject: [PATCH 30/43] Trigger actions run. From 90df157a7cd341df230f26ce9dea7cc18ca3a6c8 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 16:39:54 +1100 Subject: [PATCH 31/43] [DDS-1845] Fixed syntax for labels. --- images/awx-ee/execution-environment.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index 27c3dcfa..70acb807 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -19,9 +19,9 @@ additional_build_steps: append_base: [] prepend_final: - - LABEL maintainer=Digital Transformation - - LABEL org.opencontainers.image.authors=Digital Transformation - - LABEL org.opencontainers.image.title=SDP AWX Execution Environment image. + - LABEL maintainer="Digital Transformation" + - LABEL org.opencontainers.image.authors="Digital Transformation" + - LABEL org.opencontainers.image.title="SDP AWX Execution Environment image." - LABEL org.opencontainers.image.description="Provides an AWX execution environment image optimised for use with SDP. Built with ansible-builder." - LABEL org.opencontainers.image.source="https://github.com/dpc-sdp/bay/blob/6.x/images/awx-ee/" - ARG LAGOON_CLI_VERSION=v0.15.4 From bb0279f1b12ac01323468bd22e4c16df1ab5f068 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Fri, 19 Jan 2024 20:25:17 +1100 Subject: [PATCH 32/43] [DDS-1845] Fixed run syntax. --- .github/workflows/build-deploy-awx-ee.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml index c29ef1b4..554ae971 100644 --- a/.github/workflows/build-deploy-awx-ee.yml +++ b/.github/workflows/build-deploy-awx-ee.yml @@ -52,7 +52,7 @@ jobs: pip install --upgrade ansible-builder ansible-builder build \ --container-runtime docker \ - --tag ${{ steps.meta.outputs.tags }} + --tag ${{ steps.meta.outputs.tags }} \ --build-arg PKGMGR="/usr/bin/apt-get" \ --build-arg PYCMD="/usr/local/bin/python3" \ --verbosity 3 From ccdcb23084bac677959f6def15855b768ae61167 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Wed, 24 Jan 2024 10:50:42 +1100 Subject: [PATCH 33/43] [DDS-1845] Added ulimit command to build. --- images/awx-ee/execution-environment.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index 70acb807..d268a480 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -27,6 +27,7 @@ additional_build_steps: - ARG LAGOON_CLI_VERSION=v0.15.4 - ARG NVM_INSTALL_VERSION=v0.39.1 - ARG NODE_VERSION=v14.15.1 + - RUN ulimit -n 1024000 append_final: - | # Required dependencies. From fa6b217ea51db5d0557f30e4f4714abf64d5795a Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Wed, 24 Jan 2024 11:16:14 +1100 Subject: [PATCH 34/43] [DDS-1845] Added ulimit command to append_final. --- images/awx-ee/execution-environment.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index d268a480..21cc60e0 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -27,12 +27,11 @@ additional_build_steps: - ARG LAGOON_CLI_VERSION=v0.15.4 - ARG NVM_INSTALL_VERSION=v0.39.1 - ARG NODE_VERSION=v14.15.1 - - RUN ulimit -n 1024000 append_final: - | # Required dependencies. RUN set -eux; \ - apt-get update && apt-get install -y \ + apt-get update && ulimit -n 1024000 && apt-get install -y \ git git-lfs \ jq \ rsync \ @@ -42,7 +41,7 @@ additional_build_steps: - | # Install php & composer. RUN set -eux; \ curl -sSL https://packages.sury.org/php/README.txt | bash -x; \ - apt-get update && apt-get install -y \ + apt-get update && ulimit -n 1024000 && apt-get install -y \ php8.3-cli \ php8.3-gd \ php8.3-zip; \ @@ -55,7 +54,6 @@ additional_build_steps: curl -LO "https://dl.k8s.io/release/v1.25.12/bin/linux/${arch_linux}/kubectl"; \ chmod +x kubectl; \ mv ./kubectl /usr/local/bin/kubectl; - - RUN curl -L "https://github.com/uselagoon/lagoon-cli/releases/download/$LAGOON_CLI_VERSION/lagoon-cli-$LAGOON_CLI_VERSION-linux-amd64" -o /usr/local/bin/lagoon - RUN chmod +x /usr/local/bin/lagoon - RUN curl -L "https://github.com/github/hub/releases/download/v2.14.2/hub-linux-amd64-2.14.2.tgz" -o /tmp/hub && tar -xvf /tmp/hub -C /tmp && mv /tmp/hub-linux-amd64-2.14.2/bin/hub /usr/local/bin From 47628a0eb91b951156d08256060cab0d58f648a4 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Mon, 29 Jan 2024 12:00:02 +1100 Subject: [PATCH 35/43] Revert "[DDS-1845] Added ulimit command to append_final." This reverts commit 2e64ffc10c590db5f200e1ec0475be23ee901518. --- images/awx-ee/execution-environment.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index 21cc60e0..d268a480 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -27,11 +27,12 @@ additional_build_steps: - ARG LAGOON_CLI_VERSION=v0.15.4 - ARG NVM_INSTALL_VERSION=v0.39.1 - ARG NODE_VERSION=v14.15.1 + - RUN ulimit -n 1024000 append_final: - | # Required dependencies. RUN set -eux; \ - apt-get update && ulimit -n 1024000 && apt-get install -y \ + apt-get update && apt-get install -y \ git git-lfs \ jq \ rsync \ @@ -41,7 +42,7 @@ additional_build_steps: - | # Install php & composer. RUN set -eux; \ curl -sSL https://packages.sury.org/php/README.txt | bash -x; \ - apt-get update && ulimit -n 1024000 && apt-get install -y \ + apt-get update && apt-get install -y \ php8.3-cli \ php8.3-gd \ php8.3-zip; \ @@ -54,6 +55,7 @@ additional_build_steps: curl -LO "https://dl.k8s.io/release/v1.25.12/bin/linux/${arch_linux}/kubectl"; \ chmod +x kubectl; \ mv ./kubectl /usr/local/bin/kubectl; + - RUN curl -L "https://github.com/uselagoon/lagoon-cli/releases/download/$LAGOON_CLI_VERSION/lagoon-cli-$LAGOON_CLI_VERSION-linux-amd64" -o /usr/local/bin/lagoon - RUN chmod +x /usr/local/bin/lagoon - RUN curl -L "https://github.com/github/hub/releases/download/v2.14.2/hub-linux-amd64-2.14.2.tgz" -o /tmp/hub && tar -xvf /tmp/hub -C /tmp && mv /tmp/hub-linux-amd64-2.14.2/bin/hub /usr/local/bin From cd8b111ac853e455c26fb979691a6131a7e463bf Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Mon, 29 Jan 2024 12:00:48 +1100 Subject: [PATCH 36/43] Revert "[DDS-1845] Added ulimit command to build." This reverts commit c591cdfef7edc02ffe98a174cf34a0c6e4f0b96d. --- images/awx-ee/execution-environment.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index d268a480..70acb807 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -27,7 +27,6 @@ additional_build_steps: - ARG LAGOON_CLI_VERSION=v0.15.4 - ARG NVM_INSTALL_VERSION=v0.39.1 - ARG NODE_VERSION=v14.15.1 - - RUN ulimit -n 1024000 append_final: - | # Required dependencies. From f9ab48c27d4d2b5c072c01024c3f9c2ecdb7625a Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Wed, 21 Feb 2024 13:07:18 +1100 Subject: [PATCH 37/43] [DDS-1844] Removed independent AWX EE workflow. --- .github/workflows/build-deploy-awx-ee.yml | 80 ----------------------- 1 file changed, 80 deletions(-) delete mode 100644 .github/workflows/build-deploy-awx-ee.yml diff --git a/.github/workflows/build-deploy-awx-ee.yml b/.github/workflows/build-deploy-awx-ee.yml deleted file mode 100644 index 554ae971..00000000 --- a/.github/workflows/build-deploy-awx-ee.yml +++ /dev/null @@ -1,80 +0,0 @@ -name: build-deploy-bay-awx-ee -run-name: Build and deploy Bay AWX Execution Environment -on: - pull_request: - types: - - closed - - opened - - synchronize - schedule: - - cron: '23 20 * * 0' - workflow_dispatch: - -env: - REGISTRY: ghcr.io -jobs: - buildx: - if: github.event.pull_request.merged == true || contains(fromJson('["schedule", "workflow_dispatch"]'), github.event_name) || github.event_name == 'pull_request' && startsWith(github.head_ref,'build/') - runs-on: ubuntu-latest - defaults: - run: - working-directory: ./images/awx-ee - steps: - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - uses: actions/checkout@v3 - - - name: Login to registry ${{ env.REGISTRY }} - uses: docker/login-action@v2.2.0 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.REGISTRY_USER }} - password: ${{ secrets.REGISTRY_TOKEN }} - - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@v4.6.0 - with: - images: | - ${{ env.REGISTRY }}/${{ github.repository }}/awx-ee - tags: | - type=ref,event=pr,enable=${{ github.event.pull_request.merged == false }} - type=raw,value=${{ github.event.pull_request.base.ref }},enable=${{ github.event.pull_request.merged == true }} - type=ref,event=branch,enable=${{ contains(fromJson('["schedule", "workflow_dispatch"]'), github.event_name) }} - - - name: Create context and build instruction file - run: | - pip install --upgrade ansible-builder - ansible-builder build \ - --container-runtime docker \ - --tag ${{ steps.meta.outputs.tags }} \ - --build-arg PKGMGR="/usr/bin/apt-get" \ - --build-arg PYCMD="/usr/local/bin/python3" \ - --verbosity 3 - - - # Refactored to use bake but it's substantially slower so we'll do a push instead - # see https://github.com/docker/build-push-action/issues/538#issuecomment-1869681934 - # However this approach may be at the cost of multi-arch support. - - name: Test - run: | - docker images - - - name: Push - run: | - docker push --all-tags ${{ env.REGISTRY }}/${{ github.repository }}/awx-ee - - - # - name: Build and push the AWX-EE image - # uses: docker/bake-action@v4 - # with: - # push: true - # workdir: ./images/awx-ee - # files: | - # ./docker-bake.hcl - # ${{ steps.meta.outputs.bake-file }} From 39548f3a72da906b6d84fee57c13ec115cbdc8a5 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Wed, 21 Feb 2024 16:55:35 +1100 Subject: [PATCH 38/43] [DDS-1844] Fixed bay-cli install errors. --- images/php/Dockerfile.cli | 6 ++++-- images/php/Dockerfile.fpm | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/images/php/Dockerfile.cli b/images/php/Dockerfile.cli index c779bd26..85c30821 100644 --- a/images/php/Dockerfile.cli +++ b/images/php/Dockerfile.cli @@ -22,8 +22,10 @@ RUN wget -O /usr/local/bin/dockerize https://github.com/dpc-sdp/dockerize/releas RUN apk add redis --no-cache # Install bay-cli. -RUN wget "https://github.com/dpc-sdp/bay-cli/releases/download/v0.1.0/bay_$(echo ${TARGETPLATFORM:-linux/amd64} | tr '/' '_')" -O /bin/bay && \ - chmod +x /bin/bay +RUN curl -L "https://github.com/dpc-sdp/bay-cli/releases/download/v0.1.1/bay_$(echo ${TARGETPLATFORM:-linux/amd64} | tr '/' '_').tar.gz" --output /tmp/bay_$(echo ${TARGETPLATFORM:-linux/amd64} | tr '/' '_').tar.gz +RUN tar -C /tmp -xvf /tmp/bay_$(echo ${TARGETPLATFORM:-linux/amd64} | tr '/' '_').tar.gz +RUN chmod +x /tmp/bay +RUN mv /tmp/bay /bin/bay RUN mkdir /bay diff --git a/images/php/Dockerfile.fpm b/images/php/Dockerfile.fpm index e845dfd3..1c9767fa 100644 --- a/images/php/Dockerfile.fpm +++ b/images/php/Dockerfile.fpm @@ -24,8 +24,10 @@ RUN apk add --no-cache tzdata \ && echo $TZ > /etc/timezone # Install bay-cli. -RUN wget "https://github.com/dpc-sdp/bay-cli/releases/download/v0.0.1/bay_$(echo ${TARGETPLATFORM:-linux/amd64} | tr '/' '_')" -O /bin/bay && \ - chmod +x /bin/bay +RUN curl -L "https://github.com/dpc-sdp/bay-cli/releases/download/v0.1.1/bay_$(echo ${TARGETPLATFORM:-linux/amd64} | tr '/' '_').tar.gz" --output /tmp/bay_$(echo ${TARGETPLATFORM:-linux/amd64} | tr '/' '_').tar.gz +RUN tar -C /tmp -xvf /tmp/bay_$(echo ${TARGETPLATFORM:-linux/amd64} | tr '/' '_').tar.gz +RUN chmod +x /tmp/bay +RUN mv /tmp/bay /bin/bay ONBUILD ARG BAY_DISABLE_FUNCTIONS=phpinfo,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,system,exec,shell_exec,passthru,phpinfo,show_source,highlight_file,popen,fopen_with_path,dbmopen,dbase_open,filepro,filepro_rowcount,filepro_retrieve,posix_mkfifo ONBUILD ARG BAY_UPLOAD_LIMIT=100M From 18764885de66d5bf54a0af7836cf19e664466281 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Wed, 21 Feb 2024 17:45:46 +1100 Subject: [PATCH 39/43] [DDS-1844] Added noninteractive flag for installs. --- images/awx-ee/execution-environment.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index 70acb807..fd781ed0 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -31,7 +31,7 @@ additional_build_steps: append_final: - | # Required dependencies. RUN set -eux; \ - apt-get update && apt-get install -y \ + apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ git git-lfs \ jq \ rsync \ @@ -41,7 +41,7 @@ additional_build_steps: - | # Install php & composer. RUN set -eux; \ curl -sSL https://packages.sury.org/php/README.txt | bash -x; \ - apt-get update && apt-get install -y \ + apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ php8.3-cli \ php8.3-gd \ php8.3-zip; \ From dff2bc8b8a2120589bf2e950363e6dab9d518e46 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Wed, 21 Feb 2024 18:49:52 +1100 Subject: [PATCH 40/43] [DDS-1844] Testing speed tuning. --- images/awx-ee/execution-environment.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index fd781ed0..8811d915 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -31,17 +31,20 @@ additional_build_steps: append_final: - | # Required dependencies. RUN set -eux; \ - apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ + apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install apt-utils -y + + - | # Required dependencies. + RUN set -eux; \ + DEBIAN_FRONTEND=noninteractive apt-get install -y \ git git-lfs \ jq \ rsync \ zip unzip; \ - rm -rf /var/lib/apt/lists/*; - | # Install php & composer. RUN set -eux; \ curl -sSL https://packages.sury.org/php/README.txt | bash -x; \ - apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ + DEBIAN_FRONTEND=noninteractive apt-get install -y \ php8.3-cli \ php8.3-gd \ php8.3-zip; \ From a0a2a7579203a001edd082df61957e14d67a39d8 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Wed, 21 Feb 2024 20:59:17 +1100 Subject: [PATCH 41/43] [DDS-1844] Reinstate update. --- images/awx-ee/execution-environment.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index 8811d915..21c68cbc 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -35,11 +35,12 @@ additional_build_steps: - | # Required dependencies. RUN set -eux; \ - DEBIAN_FRONTEND=noninteractive apt-get install -y \ + apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ git git-lfs \ jq \ rsync \ zip unzip; \ + rm -rf /var/lib/apt/lists/*; - | # Install php & composer. RUN set -eux; \ From 557ac2cadf34701616f0678bc9e366154a577091 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Wed, 21 Feb 2024 21:32:44 +1100 Subject: [PATCH 42/43] [DDS-1844] Revert changes used to test build speed. --- images/awx-ee/execution-environment.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/images/awx-ee/execution-environment.yml b/images/awx-ee/execution-environment.yml index 21c68cbc..2210a381 100644 --- a/images/awx-ee/execution-environment.yml +++ b/images/awx-ee/execution-environment.yml @@ -29,10 +29,6 @@ additional_build_steps: - ARG NODE_VERSION=v14.15.1 append_final: - - | # Required dependencies. - RUN set -eux; \ - apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install apt-utils -y - - | # Required dependencies. RUN set -eux; \ apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ @@ -45,7 +41,7 @@ additional_build_steps: - | # Install php & composer. RUN set -eux; \ curl -sSL https://packages.sury.org/php/README.txt | bash -x; \ - DEBIAN_FRONTEND=noninteractive apt-get install -y \ + apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ php8.3-cli \ php8.3-gd \ php8.3-zip; \ @@ -87,4 +83,4 @@ additional_build_steps: && chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \ && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null \ && apt update \ - && apt install gh -y \ No newline at end of file + && DEBIAN_FRONTEND=noninteractive apt install gh -y \ No newline at end of file From 91dcf4e65f8ed0a9b56f678d12927eb936effb28 Mon Sep 17 00:00:00 2001 From: Guy Owen Date: Thu, 22 Feb 2024 08:50:43 +1100 Subject: [PATCH 43/43] [DDS-1844] Bumped actions versions to fix dependency errors. --- .github/workflows/build-deploy.yml | 2 +- .github/workflows/vulnerability-scan-build.yml | 2 +- .github/workflows/vulnerability-scan-schedule.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-deploy.yml b/.github/workflows/build-deploy.yml index b38de5b1..eea72040 100644 --- a/.github/workflows/build-deploy.yml +++ b/.github/workflows/build-deploy.yml @@ -24,7 +24,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - uses: actions/checkout@v3 diff --git a/.github/workflows/vulnerability-scan-build.yml b/.github/workflows/vulnerability-scan-build.yml index 2b63e789..4fc8524c 100644 --- a/.github/workflows/vulnerability-scan-build.yml +++ b/.github/workflows/vulnerability-scan-build.yml @@ -21,7 +21,7 @@ jobs: echo "SANITISED-REF-NAME=${{ github.ref_name }}" | tr '/' '-' >> "$GITHUB_OUTPUT" - name: Scan for vulnerabilities id: scan - uses: crazy-max/ghaction-container-scan@v2 + uses: crazy-max/ghaction-container-scan@v3 with: image: ${{ env.REGISTRY }}/${{ github.repository }}/${{ matrix.images }}:${{ steps.sanitise-ref-name.outputs.SANITISED-REF-NAME }} dockerfile: ./images/${{ matrix.images }} diff --git a/.github/workflows/vulnerability-scan-schedule.yml b/.github/workflows/vulnerability-scan-schedule.yml index 6e2823e7..4b99764c 100644 --- a/.github/workflows/vulnerability-scan-schedule.yml +++ b/.github/workflows/vulnerability-scan-schedule.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Scan for vulnerabilities id: scan - uses: crazy-max/ghaction-container-scan@v2 + uses: crazy-max/ghaction-container-scan@v3 with: image: ${{ env.REGISTRY }}/${{ github.repository }}/${{ matrix.images }}:${{matrix.branches}} dockerfile: ./images/${{ matrix.images }}