forked from bluerobotics/blueos-docker-base
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
3a5176f
commit a4ae4fb
Showing
1 changed file
with
141 additions
and
91 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,136 +1,186 @@ | ||
name: Test, Build and Deploy Images | ||
|
||
env: | ||
PROJECT: blueos | ||
DOCKER: base | ||
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | ||
IMAGE_LIMIT_SIZE_MB: 600 | ||
|
||
on: | ||
workflow_dispatch: | ||
pull_request: | ||
push: | ||
schedule: | ||
workflow_dispatch: | ||
pull_request: | ||
push: | ||
schedule: | ||
# Run every 6 days to keep our caches alive | ||
- cron: '0 0 */6 * *' | ||
|
||
jobs: | ||
deploy-docker-images: | ||
runs-on: ubuntu-latest | ||
build: | ||
runs-on: ubuntu-22.04 | ||
strategy: | ||
matrix: | ||
docker: [base] | ||
project: [companion] | ||
new_project: [blueos] | ||
platforms: ["linux/arm/v7,linux/arm/v8,linux/amd64"] | ||
platform: | ||
- linux/arm/v7 | ||
- linux/arm64 | ||
- linux/amd64 | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
uses: actions/checkout@v4 | ||
|
||
- name: Prepare | ||
id: prepare | ||
run: | | ||
# Deploy image with the name of the branch, if the build is a git tag, replace tag with the tag name. | ||
# If git tag matches semver, append latest tag to the push. | ||
DOCKER_IMAGE=${DOCKER_USERNAME:-bluerobotics}/${{ matrix.project }}-${{ matrix.docker }} | ||
VERSION=${GITHUB_REF##*/} | ||
echo "buildx-args=VUE_APP_GIT_DESCRIBE=$(git describe --long --always --dirty --all)" >> $GITHUB_OUTPUT | ||
if [[ $GITHUB_REF == refs/tags/* ]]; then | ||
VERSION=${GITHUB_REF#refs/tags/} | ||
fi | ||
echo "DOCKER_IMAGE=${DOCKER_USERNAME:-bluerobotics}/${PROJECT}-${DOCKER}" >> $GITHUB_ENV | ||
TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" | ||
if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then | ||
TAGS="$TAGS --tag ${DOCKER_IMAGE}:latest" | ||
fi | ||
platform=${{ matrix.platform }} | ||
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | ||
- name: Docker meta | ||
id: meta | ||
uses: docker/metadata-action@v5 | ||
with: | ||
images: ${{ env.DOCKER_IMAGE }} | ||
tags: | | ||
type=ref,event=branch | ||
type=ref,event=pr | ||
type=semver,pattern={{version}} | ||
type=semver,pattern={{major}}.{{minor}} | ||
# Add temporary tag for the new project name | ||
TAGS="$TAGS --tag ${DOCKER_USERNAME:-bluerobotics}/${{ matrix.new_project }}-${{ matrix.docker }}:${VERSION}" | ||
echo ::set-output name=docker_image::${DOCKER_IMAGE} | ||
echo ::set-output name=version::${VERSION} | ||
echo ::set-output name=buildx_args:: \ | ||
--build-arg VUE_APP_GIT_DESCRIBE=$(git describe --long --always --dirty --all) \ | ||
--cache-from "type=local,src=/tmp/.buildx-cache" \ | ||
--cache-to "type=local,dest=/tmp/.buildx-cache" \ | ||
${TAGS} \ | ||
--file Dockerfile . | ||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v1 | ||
uses: docker/setup-qemu-action@v3 | ||
with: | ||
platforms: all | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v1 | ||
uses: docker/setup-buildx-action@v3 | ||
with: | ||
version: latest | ||
|
||
- name: Cache Docker layers | ||
uses: actions/cache@v2 | ||
- name: Cache | ||
uses: actions/cache@v4 | ||
id: cache | ||
with: | ||
path: /tmp/.buildx-cache | ||
key: ${{ runner.os }}-buildx-${{ matrix.docker }}-${{ hashFiles('Dockerfile') }} | ||
path: | | ||
var-cache-apt | ||
var-lib-apt | ||
key: ${{ runner.os }}-cache-apt-${{ hashFiles('.github/workflows/test/Dockerfile') }} | ||
restore-keys: | | ||
${{ runner.os }}-buildx-${{ matrix.docker }}-${{ hashFiles('Dockerfile') }} | ||
${{ runner.os }}-buildx-${{ matrix.docker }} | ||
${{ runner.os }}-cache-apt-${DOCKER}} | ||
- name: Docker Buildx (build) | ||
run: | | ||
# Pull latest version of image to help with build speed | ||
IFS=',' read -ra platforms <<< "${{ matrix.platforms }}" | ||
for platform in "${platforms[@]}"; do | ||
docker pull --platform ${platform} ${DOCKER_USERNAME:-bluerobotics}/${{ matrix.project }}-${{ matrix.docker }}:master || true | ||
done | ||
docker buildx build \ | ||
--output "type=image,push=false" \ | ||
--platform ${{ matrix.platforms }} \ | ||
${{ steps.prepare.outputs.buildx_args }} | ||
- name: inject cache into docker | ||
uses: reproducible-containers/buildkit-cache-dance@v3 | ||
with: | ||
cache-map: | | ||
{ | ||
"var-cache-apt": "/var/cache/apt", | ||
"var-lib-apt": "/var/lib/apt" | ||
} | ||
skip-extraction: ${{ steps.cache.outputs.cache-hit }} | ||
|
||
- name: Login to DockerHub | ||
if: success() && github.event_name != 'pull_request' | ||
uses: docker/login-action@v3 | ||
with: | ||
username: ${{ secrets.DOCKER_USERNAME }} | ||
password: ${{ secrets.DOCKER_PASSWORD }} | ||
|
||
- name: Build and push by digest | ||
id: build | ||
uses: docker/build-push-action@v5 | ||
with: | ||
context: . | ||
file: Dockerfile | ||
platforms: ${{ matrix.platform }} | ||
labels: ${{ steps.meta.outputs.labels }} | ||
outputs: type=image,name=${{ env.DOCKER_IMAGE }},push-by-digest=true,name-canonical=true,push=true | ||
build-args: ${{ steps.prepare.outputs.buildx_args }} | ||
tags: ${{ steps.meta.outputs.tags }} | ||
cache-from: type=gha | ||
cache-to: type=gha,mode=max | ||
|
||
- name: Check size | ||
run: | | ||
# Check if the image size is lower than our limit | ||
docker image list | ||
IMAGE_ID=$(docker images -q ${DOCKER_USERNAME:-bluerobotics}/${{ matrix.project }} | head -n 1) | ||
LIMIT_SIZE_MB=600 | ||
IMAGE_SIZE_MB=$(( $(docker inspect $IMAGE_ID --format {{.Size}})/(2**20) )) | ||
IMAGE_ID=$(docker images -q ${DOCKER_USERNAME:-bluerobotics}/${PROJECT} | head -n 1) | ||
IMAGE_SIZE_MB=$(( $(docker inspect $IMAGE_ID --format '{{.Size}}')/(2**20) )) | ||
echo "Core size is: $IMAGE_SIZE_MB MB" | ||
((IMAGE_SIZE_MB < LIMIT_SIZE_MB)) | ||
- name: Login to DockerHub | ||
if: success() && github.event_name != 'pull_request' | ||
uses: crazy-max/ghaction-docker-login@v1 | ||
if (( IMAGE_SIZE_MB >= IMAGE_LIMIT_SIZE_MB )); then | ||
echo "Image size is larger than the limit" | ||
exit 1 | ||
fi | ||
- name: Export digest | ||
run: | | ||
mkdir -p /tmp/digests | ||
digest="${{ steps.build.outputs.digest }}" | ||
touch "/tmp/digests/${digest#sha256:}" | ||
- name: Upload digest | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: digests-${{ env.PLATFORM_PAIR }} | ||
path: /tmp/digests/* | ||
if-no-files-found: error | ||
retention-days: 1 | ||
|
||
# - name: Create image artifact | ||
# # We are serializing each export here because "Currently, multi-platform images cannot be | ||
# # exported with the docker export type." (https://docs.docker.com/engine/reference/commandline/buildx_build/#output) | ||
# run: | | ||
# DOCKER_IMAGE=${DOCKER_USERNAME:-bluerobotics}/${PROJECT}-${DOCKER}} | ||
# GIT_HASH_SHORT=$(git rev-parse --short "$GITHUB_SHA") | ||
# IFS=',' read -ra platforms <<< "${{ matrix.platform }}" | ||
# for platform in "${platforms[@]}"; do | ||
# docker buildx build \ | ||
# --platform $platform \ | ||
# ${{ steps.prepare.outputs.buildx_args }} \ | ||
# --tag ${DOCKER_IMAGE}:${GIT_HASH_SHORT} \ | ||
# --output "type=docker,dest=BlueOS-base-${GIT_HASH_SHORT}.tar" | ||
# done | ||
|
||
# - name: Upload artifact | ||
# uses: actions/upload-artifact@v4 | ||
# with: | ||
# name: BlueOS-base-docker-image.zip | ||
# path: '*.tar' | ||
|
||
merge: | ||
runs-on: ubuntu-latest | ||
needs: | ||
- build | ||
steps: | ||
- name: Download digests | ||
uses: actions/download-artifact@v4 | ||
with: | ||
path: /tmp/digests | ||
pattern: digests-* | ||
merge-multiple: true | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v3 | ||
|
||
- name: Docker meta | ||
id: meta | ||
uses: docker/metadata-action@v5 | ||
with: | ||
images: ${{ env.DOCKER_IMAGE }} | ||
|
||
- name: Login to Docker Hub | ||
uses: docker/login-action@v3 | ||
with: | ||
username: ${{ secrets.DOCKER_USERNAME }} | ||
password: ${{ secrets.DOCKER_PASSWORD }} | ||
|
||
- name: Docker Buildx (push) | ||
if: success() && github.event_name != 'pull_request' | ||
- name: Create manifest list and push | ||
working-directory: /tmp/digests | ||
run: | | ||
docker buildx build \ | ||
--output "type=image,push=true" \ | ||
--platform ${{ matrix.platforms }} \ | ||
${{ steps.prepare.outputs.buildx_args }} | ||
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | ||
$(printf '${{ env.DOCKER_IMAGE }}@sha256:%s ' *) | ||
- name: Inspect image | ||
if: always() && github.event_name != 'pull_request' | ||
run: | | ||
docker buildx imagetools \ | ||
inspect ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} | ||
docker buildx imagetools inspect ${{ env.DOCKER_IMAGE }}:${{ steps.meta.outputs.version }} | ||
- name: Create image artifact | ||
# We are serializing each export here because "Currently, multi-platform images cannot be | ||
# exported with the docker export type." (https://docs.docker.com/engine/reference/commandline/buildx_build/#output) | ||
run: | | ||
DOCKER_IMAGE=${DOCKER_USERNAME:-bluerobotics}/${{ matrix.project }}-${{ matrix.docker }} | ||
GIT_HASH_SHORT=$(git rev-parse --short "$GITHUB_SHA") | ||
IFS=',' read -ra platforms <<< "${{ matrix.platforms }}" | ||
for platform in "${platforms[@]}"; do | ||
docker buildx build \ | ||
--platform $platform \ | ||
${{ steps.prepare.outputs.buildx_args }} \ | ||
--tag ${DOCKER_IMAGE}:${GIT_HASH_SHORT} \ | ||
--output "type=docker,dest=BlueOS-base-${GIT_HASH_SHORT}.tar" | ||
done | ||
- name: Upload artifact | ||
uses: actions/upload-artifact@v2 | ||
with: | ||
name: BlueOS-base-docker-image.zip | ||
path: '*.tar' |