Skip to content

Commit

Permalink
chore(ci): add image validations
Browse files Browse the repository at this point in the history 
Signed-off-by: Nathan Klick <[email protected]>
  • Loading branch information
@nathanklick
nathanklick committed Mar 22, 2024
1 parent 268c41f commit 5bf5436
Showing 1 changed file with 72 additions and 2 deletions.
74 changes: 72 additions & 2 deletions .github/workflows/node-zxc-build-release-artifact.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,9 @@ defaults:

env:
LC_ALL: C.UTF-8
DOCKER_MANIFEST_GENERATOR: .github/workflows/support/scripts/generate-docker-artifact-baseline.sh
DOCKER_MANIFEST_PATH: ${{ github.workspace }}/.manifests/docker
SKOPEO_VERSION: v1.14.0

permissions:
id-token: write
Expand Down Expand Up @@ -575,6 +578,74 @@ jobs:
jf-docker-registry: ${{ secrets.jf-docker-registry }}
jf-access-token: ${{ secrets.jf-access-token }}

validate-production-image:
name: Validate Production Image
runs-on: [ self-hosted, Linux, large, ephemeral ]
needs:
- gcp-production-image
- jfr-production-image
if: ${{ inputs.dry-run-enabled != true && !cancelled() && !failure() }}
steps:
- name: Checkout Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Create Manifest Directories
run: |
mkdir -p "${DOCKER_MANIFEST_PATH}/gcp"
mkdir -p "${DOCKER_MANIFEST_PATH}/jfrog"
- name: Generate GCP Manifest
if: gcp
env:
MANIFEST_PATH: ${{ env.DOCKER_MANIFEST_PATH }}/gcp
DOCKER_REGISTRY: ${{ needs.gcp-production-image.outputs.docker-image-prefix }}
DOCKER_TAG: ${{ needs.gcp-production-image.outputs.docker-image-tag }}
run: ${{ env.DOCKER_MANIFEST_GENERATOR }}

- name: Generate JFrog Manifest
id: jfrog
env:
MANIFEST_PATH: ${{ env.DOCKER_MANIFEST_PATH }}/jfrog
DOCKER_REGISTRY: ${{ needs.jfr-production-image.outputs.docker-image-prefix }}
DOCKER_TAG: ${{ needs.jfr-production-image.outputs.docker-image-tag }}
run: ${{ env.DOCKER_MANIFEST_GENERATOR }}

- name: Validate Layers (linux/amd64)
run: |
if ! diff -u "${{ steps.gcp.outputs.path }}/linux-amd64.layers.json" "${{ steps.jfrog.outputs.path }}/linux-amd64.layers.json" >/dev/null 2>&1; then
echo "::group::Layer Differences"
diff -u "${DOCKER_MANIFEST_PATH}/linux-amd64.layers.json" "${{ steps.regen-manifest.outputs.path }}/linux-amd64.layers.json"
echo "::endgroup::"
exit 1
fi
- name: Validate Layers (linux/arm64)
run: |
if ! diff -u "${{ steps.gcp.outputs.path }}/linux-arm64.layers.json" "${{ steps.jfrog.outputs.path }}/linux-arm64.layers.json" >/dev/null 2>&1; then
echo "::group::Layer Differences"
diff -u "${DOCKER_MANIFEST_PATH}/linux-arm64.layers.json" "${{ steps.regen-manifest.outputs.path }}/linux-arm64.layers.json"
echo "::endgroup::"
exit 1
fi
- name: Validate Full Manifest (linux/amd64)
run: |
if ! diff -u "${{ steps.gcp.outputs.path }}/linux-amd64.comparable.json" "${{ steps.jfrog.outputs.path }}/linux-amd64.comparable.json" >/dev/null 2>&1; then
echo "::group::Layer Differences"
diff -u "${DOCKER_MANIFEST_PATH}/linux-amd64.comparable.json" "${{ steps.regen-manifest.outputs.path }}/linux-amd64.comparable.json"
echo "::endgroup::"
exit 1
fi
- name: Validate Full Manifest (linux/arm64)
run: |
if ! diff -u "${{ steps.gcp.outputs.path }}/linux-arm64.comparable.json" "${{ steps.jfrog.outputs.path }}/linux-arm64.comparable.json" >/dev/null 2>&1; then
echo "::group::Layer Differences"
diff -u "${DOCKER_MANIFEST_PATH}/linux-arm64.comparable.json" "${{ steps.regen-manifest.outputs.path }}/linux-arm64.comparable.json"
echo "::endgroup::"
exit 1
fi
evm-mc-publish:
name: Publish EVM to Maven Central
runs-on: [ self-hosted, Linux, large, ephemeral ]
Expand Down Expand Up @@ -836,8 +907,7 @@ jobs:
needs:
- validate
- local-node-images
- gcp-production-image
- jfr-production-image
- validate-production-image
- evm-mc-publish
- sdk-publish
if: ${{ inputs.dry-run-enabled != true && inputs.version-policy == 'specified' && !cancelled() && !failure() }}
Expand Down

0 comments on commit 5bf5436

Please sign in to comment.