Skip to content

Commit

Permalink
chore(ci): convert to reusable workflow
Browse files Browse the repository at this point in the history 
Signed-off-by: Nathan Klick <[email protected]>
  • Loading branch information
@nathanklick
nathanklick committed Mar 22, 2024
1 parent a0ec0d3 commit 69c9645
Show file tree
Hide file tree
Showing 2 changed files with 191 additions and 145 deletions.
152 changes: 7 additions & 145 deletions .github/workflows/node-zxc-build-release-artifact.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -532,154 +532,16 @@ jobs:
printf "\n\n" >> "${GITHUB_STEP_SUMMARY}"
gcp-production-image:
name: Publish Production Image (GCP)
runs-on: [self-hosted, Linux, large, ephemeral]
name: Publish Production Image
uses: ./.github/workflows/zxc-publish-production-image.yaml
needs:
- validate
- build-artifact
steps:
- name: Checkout Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Restore Build Artifacts
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
fail-on-cache-miss: true
path: ~/artifact-build
key: node-build-artifacts-${{ needs.validate.outputs.version }}-${{ github.sha }}

- name: Authenticate to Google Cloud
id: google-auth
uses: google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c # v2.1.2
if: ${{ inputs.dry-run-enabled != true && !cancelled() && !failure() }}
with:
token_format: 'access_token'
workload_identity_provider: "projects/235822363393/locations/global/workloadIdentityPools/hedera-builds-pool/providers/hedera-builds-gh-actions"
service_account: "[email protected]"

- name: Commit Information
id: commit
run: |
echo "source-date=$(git log -1 --pretty=%ct)" >> "${GITHUB_OUTPUT}"
- name: Set Image Registry
id: set-registry
run: |
DOCKER_REGISTRY="gcr.io"
[[ "${{ inputs.version-policy }}" == "branch-commit" ]] && DOCKER_REGISTRY="us-docker.pkg.dev"
echo "docker-registry=${DOCKER_REGISTRY}" >>"${GITHUB_OUTPUT}"
DOCKER_TAG_BASE="gcr.io/hedera-registry"
if [[ "${{ inputs.version-policy }}" == "branch-commit" && "${{ inputs.dry-run-enabled }}" != true ]]; then
DOCKER_TAG_BASE="us-docker.pkg.dev/swirlds-registry/docker-adhoc-commits"
elif [[ "${{ inputs.dry-run-enabled }}" == true ]]; then
DOCKER_TAG_BASE="localhost:5000"
fi
echo "docker-tag-base=${DOCKER_TAG_BASE}" >>"${GITHUB_OUTPUT}"
- name: Install KillAll
run: sudo apt-get update && sudo apt-get install --yes --no-install-recommends psmisc

- name: Create Docker Working Directory
run: |
USER="$(id -un)"
GROUP="$(id -gn)"
sudo mkdir -p /x
sudo chown -vR ${USER}:${GROUP} /x
sudo ls -lah /x
- name: Remove Docker from Self Hosted Runners
run: |
set -x
sudo killall dockerd || true
sudo killall containerd || true
sudo rm -rvf /usr/bin/*containerd* || true
sudo rm -rvf /usr/bin/docker* || true
sudo rm -rvf /usr/local/bin/docker* || true
sudo rm -rvf /usr/local/bin/*lima* || true
- name: Setup Containerd Support
uses: crazy-max/ghaction-setup-containerd@60acbf31e6572da7b83a4ed6b428ed92a35ff4d7 # v3.0.0
with:
containerd-version: v1.7.2

- name: Setup Docker Support
uses: crazy-max/ghaction-setup-docker@d9be6cade441568ba10037bce5221b8f564981f1 # v3.0.0
env:
HOME: /x
with:
version: v24.0.7

- name: Configure Default Docker Context
run: |
set -x
if grep setup-docker-action < <(docker context ls --format '{{ .Name }}') >/dev/null; then
docker context rm -f setup-docker-action
fi
DOCKER_CONTEXT_PATH="$(sudo find /x -name docker.sock | tr -d '[:space:]')"
docker context create setup-docker-action --docker "host=unix://${DOCKER_CONTEXT_PATH}"
docker context use setup-docker-action
- name: Setup QEmu Support
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0

- name: Setup Docker Buildx Support
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
with:
version: v0.12.0
driver-opts: network=host

- name: Setup Local Docker Registry
if: ${{ inputs.dry-run-enabled == true && !cancelled() && !failure() }}
run: docker run -d -p 5000:5000 --restart=always --name registry registry:latest

- name: Docker Login
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
if: ${{ inputs.dry-run-enabled != true && !cancelled() && !failure() }}
with:
registry: ${{ steps.set-registry.outputs.docker-registry }}
username: oauth2accesstoken
password: ${{ steps.google-auth.outputs.access_token }}

- name: Stage SDK Artifacts
run: |
mkdir -p hedera-node/infrastructure/docker/containers/production-next/hedera-network-node/sdk
cp -rvf ~/artifact-build/* hedera-node/infrastructure/docker/containers/production-next/hedera-network-node/sdk/
- name: Build Network Node Image
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
env:
SOURCE_DATE_EPOCH: ${{ steps.commit.outputs.source-date }}
with:
push: true
no-cache: true
platforms: linux/amd64,linux/arm64
build-args: |
SOURCE_DATE_EPOCH=${{ steps.commit.outputs.source-date }}
context: hedera-node/infrastructure/docker/containers/production-next/hedera-network-node
tags: ${{ steps.set-registry.outputs.docker-tag-base }}/hedera-network-node:${{ needs.validate.outputs.version }}

- name: Render Job Summary
run: |
NETWORK_NODE_MAIN_LINK="Not Applicable"
if [[ "${{ inputs.dry-run-enabled }}" != true ]]; then
NETWORK_NODE_MAIN_LINK="[GCP Console](https://${{ steps.set-registry.outputs.docker-tag-base }}/hedera-network-node:${{ needs.validate.outputs.version }})"
fi
printf "### Published Docker Images\n" >> "${GITHUB_STEP_SUMMARY}"
printf "| Image Name | Version | URL | Supported Architectures |\n" >> "${GITHUB_STEP_SUMMARY}"
printf "| ---------- | ------- | --- | ----------------------- |\n" >> "${GITHUB_STEP_SUMMARY}"
printf "| %s | %s | %s | %s |\n" \
"${{ steps.set-registry.outputs.docker-tag-base }}/main-network-node" \
"${{ needs.validate.outputs.version }}" \
"${NETWORK_NODE_MAIN_LINK}" \
"linux/amd64, linux/arm64" >> "${GITHUB_STEP_SUMMARY}"
printf "\n\n" >> "${GITHUB_STEP_SUMMARY}"
with:
version: ${{ needs.validate.outputs.version }}
version-policy: ${{ inputs.version-policy }}
dry-run-enabled: ${{ inputs.dry-run-enabled }}
custom-job-name: "GCP"

evm-mc-publish:
name: Publish EVM to Maven Central
Expand Down
184 changes: 184 additions & 0 deletions .github/workflows/zxc-publish-production-image.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,184 @@
name: "ZXC: Publish Production Image"
on:
workflow_call:
inputs:
version:
description: "Version:"
type: string
required: true
# Valid version policies are as follows: specified, branch-commit, adhoc-commit
version-policy:
description: "Version Policy:"
type: string
required: true
dry-run-enabled:
description: "Perform Dry Run"
type: boolean
required: false
default: false
custom-job-name:
description: "Custom Job Name:"
required: false
type: string
default: "GCP"
outputs:


defaults:
run:
shell: bash

env:
LC_ALL: C.UTF-8

permissions:
id-token: write
contents: read

jobs:
publish-image:
name: ${{ inputs.custom-job-name || 'GCP' }}
runs-on: [self-hosted, Linux, large, ephemeral]
steps:
- name: Checkout Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Restore Build Artifacts
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
fail-on-cache-miss: true
path: ~/artifact-build
key: node-build-artifacts-${{ inputs.version }}-${{ github.sha }}

- name: Authenticate to Google Cloud
id: google-auth
uses: google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c # v2.1.2
if: ${{ inputs.dry-run-enabled != true && !cancelled() && !failure() }}
with:
token_format: 'access_token'
workload_identity_provider: "projects/235822363393/locations/global/workloadIdentityPools/hedera-builds-pool/providers/hedera-builds-gh-actions"
service_account: "[email protected]"

- name: Commit Information
id: commit
run: |
echo "source-date=$(git log -1 --pretty=%ct)" >> "${GITHUB_OUTPUT}"
- name: Set Image Registry
id: set-registry
run: |
DOCKER_REGISTRY="gcr.io"
[[ "${{ inputs.version-policy }}" == "branch-commit" ]] && DOCKER_REGISTRY="us-docker.pkg.dev"
echo "docker-registry=${DOCKER_REGISTRY}" >>"${GITHUB_OUTPUT}"
DOCKER_TAG_BASE="gcr.io/hedera-registry"
if [[ "${{ inputs.version-policy }}" == "branch-commit" && "${{ inputs.dry-run-enabled }}" != true ]]; then
DOCKER_TAG_BASE="us-docker.pkg.dev/swirlds-registry/docker-adhoc-commits"
elif [[ "${{ inputs.dry-run-enabled }}" == true ]]; then
DOCKER_TAG_BASE="localhost:5000"
fi
echo "docker-tag-base=${DOCKER_TAG_BASE}" >>"${GITHUB_OUTPUT}"
- name: Install KillAll
run: sudo apt-get update && sudo apt-get install --yes --no-install-recommends psmisc

- name: Create Docker Working Directory
run: |
USER="$(id -un)"
GROUP="$(id -gn)"
sudo mkdir -p /x
sudo chown -vR ${USER}:${GROUP} /x
sudo ls -lah /x
- name: Remove Docker from Self Hosted Runners
run: |
set -x
sudo killall dockerd || true
sudo killall containerd || true
sudo rm -rvf /usr/bin/*containerd* || true
sudo rm -rvf /usr/bin/docker* || true
sudo rm -rvf /usr/local/bin/docker* || true
sudo rm -rvf /usr/local/bin/*lima* || true
- name: Setup Containerd Support
uses: crazy-max/ghaction-setup-containerd@60acbf31e6572da7b83a4ed6b428ed92a35ff4d7 # v3.0.0
with:
containerd-version: v1.7.2

- name: Setup Docker Support
uses: crazy-max/ghaction-setup-docker@d9be6cade441568ba10037bce5221b8f564981f1 # v3.0.0
env:
HOME: /x
with:
version: v24.0.7

- name: Configure Default Docker Context
run: |
set -x
if grep setup-docker-action < <(docker context ls --format '{{ .Name }}') >/dev/null; then
docker context rm -f setup-docker-action
fi
DOCKER_CONTEXT_PATH="$(sudo find /x -name docker.sock | tr -d '[:space:]')"
docker context create setup-docker-action --docker "host=unix://${DOCKER_CONTEXT_PATH}"
docker context use setup-docker-action
- name: Setup QEmu Support
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0

- name: Setup Docker Buildx Support
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
with:
version: v0.12.0
driver-opts: network=host

- name: Setup Local Docker Registry
if: ${{ inputs.dry-run-enabled == true && !cancelled() && !failure() }}
run: docker run -d -p 5000:5000 --restart=always --name registry registry:latest

- name: Docker Login
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
if: ${{ inputs.dry-run-enabled != true && !cancelled() && !failure() }}
with:
registry: ${{ steps.set-registry.outputs.docker-registry }}
username: oauth2accesstoken
password: ${{ steps.google-auth.outputs.access_token }}

- name: Stage SDK Artifacts
run: |
mkdir -p hedera-node/infrastructure/docker/containers/production-next/hedera-network-node/sdk
cp -rvf ~/artifact-build/* hedera-node/infrastructure/docker/containers/production-next/hedera-network-node/sdk/
- name: Build Network Node Image
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
env:
SOURCE_DATE_EPOCH: ${{ steps.commit.outputs.source-date }}
with:
push: true
no-cache: true
platforms: linux/amd64,linux/arm64
build-args: |
SOURCE_DATE_EPOCH=${{ steps.commit.outputs.source-date }}
context: hedera-node/infrastructure/docker/containers/production-next/hedera-network-node
tags: ${{ steps.set-registry.outputs.docker-tag-base }}/hedera-network-node:${{ inputs.version }}

- name: Render Job Summary
run: |
NETWORK_NODE_MAIN_LINK="Not Applicable"
if [[ "${{ inputs.dry-run-enabled }}" != true ]]; then
NETWORK_NODE_MAIN_LINK="[GCP Console](https://${{ steps.set-registry.outputs.docker-tag-base }}/hedera-network-node:${{ inputs.version }})"
fi
printf "### Published Docker Images\n" >> "${GITHUB_STEP_SUMMARY}"
printf "| Image Name | Version | URL | Supported Architectures |\n" >> "${GITHUB_STEP_SUMMARY}"
printf "| ---------- | ------- | --- | ----------------------- |\n" >> "${GITHUB_STEP_SUMMARY}"
printf "| %s | %s | %s | %s |\n" \
"${{ steps.set-registry.outputs.docker-tag-base }}/main-network-node" \
"${{ inputs.version }}" \
"${NETWORK_NODE_MAIN_LINK}" \
"linux/amd64, linux/arm64" >> "${GITHUB_STEP_SUMMARY}"
printf "\n\n" >> "${GITHUB_STEP_SUMMARY}"

0 comments on commit 69c9645

Please sign in to comment.