TEST

Signed-off-by: s3rj1k <[email protected]>
signalwire · Apr 1, 2024 · d71ffe0 · d71ffe0
1 parent 890cc4a
commit d71ffe0
Show file tree

Hide file tree

Showing 2 changed files with 148 additions and 137 deletions.
diff --git a/.github/actions/docker-build-artifacts/action.yml b/.github/actions/docker-build-artifacts/action.yml
@@ -0,0 +1,114 @@
+name: Build artifacts using Dockerfile
+
+inputs:
+  REPO_DOMAIN:
+    required: false
+    description: Domain name of repository
+  PLATFORM:
+    required: true
+    description: Default Linux Arch (amd64/arm32v7/...)
+  DOCKERFILE:
+    required: true
+    description: Path to Dockerfile
+  MAINTAINER:
+    required: true
+    description: Package maintainer
+  WORKING_DIRECTORY:
+    required: true
+    default: '.'
+    description: Working directory
+  ARTIFACTS_PATTERN:
+    required: false
+    default: '.*\.(deb|rpm)$'
+    description: Regexp that matches artifacts
+  ARTIFACTS_DIR:
+    required: false
+    default: 'BUILD'
+    description: Output directory for artifacts
+  BUILD_LOG_FILENAME:
+    required: false
+    default: 'build.log'
+    description: Build log filename
+
+secrets:
+  REPO_USERNAME:
+    required: false
+  REPO_PASSWORD:
+    required: false
+
+runs:
+  using: "composite"
+  steps:
+
+    - name: Set up QEMU for Docker
+      uses: docker/setup-qemu-action@v3
+
+    - name: Build Docker image
+      shell: bash
+      working-directory: ${{ inputs.WORKING_DIRECTORY }}
+      run: |
+        env REPO_PASSWORD='${{ secrets.REPO_PASSWORD }}' docker build \
+          --build-arg BUILD_NUMBER="${GITHUB_RUN_ID}" \
+          --build-arg GIT_SHA="$(echo ${GITHUB_SHA} | cut -c1-10)" \
+          --build-arg MAINTAINER="${{ inputs.MAINTAINER }}" \
+          --build-arg REPO_DOMAIN="${{ inputs.REPO_DOMAIN }}" \
+          --build-arg REPO_USERNAME="${{ secrets.REPO_USERNAME }}" \
+          --file "${{ inputs.DOCKERFILE }}" \
+          --no-cache \
+          --platform linux/${{ inputs.PLATFORM }} \
+          --progress=plain \
+          --secret id=REPO_PASSWORD,env=REPO_PASSWORD \
+          --tag artifacts-${GITHUB_RUN_ID}:${GITHUB_SHA} \
+          --ulimit nofile=1024000:1024000 \
+        . 2>&1 | tee -a ${{ inputs.BUILD_LOG_FILENAME }}
+
+    - name: Extract artifacts from image
+      shell: bash
+      working-directory: ${{ inputs.WORKING_DIRECTORY }}
+      run: |
+        set -euo pipefail
+
+        export TEMP_DIR=$(mktemp -d)
+
+        # dump Docker image blobs
+        docker save artifacts-${GITHUB_RUN_ID}:${GITHUB_SHA} --output "${TEMP_DIR}/artifacts-${GITHUB_RUN_ID}-${GITHUB_SHA}.tar" && \
+        tar -xf "${TEMP_DIR}/artifacts-${GITHUB_RUN_ID}-${GITHUB_SHA}.tar" -C "${TEMP_DIR}" && \
+        rm -f "${TEMP_DIR}/artifacts-${GITHUB_RUN_ID}-${GITHUB_SHA}.tar"
+
+        # extract blobs content
+        mkdir -p "${{ inputs.ARTIFACTS_DIR }}" && find "${TEMP_DIR}/" -type f -exec file {} + \
+        | grep -E ":.*tar archive" \
+        | cut -d: -f1 \
+        | xargs -rI{} tar --keep-newer-files -xf {} -C "${{ inputs.ARTIFACTS_DIR }}"
+
+        # cleanup
+        docker image rm artifacts-${GITHUB_RUN_ID}:${GITHUB_SHA} && \
+        rm -rf "${TEMP_DIR}"
+
+        if [ "$(find "${{ inputs.ARTIFACTS_DIR }}" -type f | wc -l)" -lt 1 ]; then
+            echo "No files found in ${{ inputs.ARTIFACTS_DIR }}."
+            exit 1
+        fi
+
+    - name: Filter artifacts by pattern
+      shell: bash
+      working-directory: ${{ inputs.WORKING_DIRECTORY }}
+      run: |
+        set -euo pipefail
+
+        export TEMP_DIR=$(mktemp -d)
+
+        find "${{ inputs.ARTIFACTS_DIR }}" \
+          -type f \
+          -regextype posix-extended \
+          -regex "${{ inputs.ARTIFACTS_PATTERN }}" \
+          -exec sh -c 'mv -vf "$1" "${TEMP_DIR}/$(basename "$1")"' _ {} \; && \
+        rm -rvf "${{ inputs.ARTIFACTS_DIR }}" && \
+        mv -v "${TEMP_DIR}" "${{ inputs.ARTIFACTS_DIR }}"
+
+        if [ "$(find "${{ inputs.ARTIFACTS_DIR }}" -type f | wc -l)" -lt 1 ]; then
+            echo "No files found in ${{ inputs.ARTIFACTS_DIR }}."
+            exit 1
+        fi
+
+        printf ${GITHUB_SHA} | tee "${{ inputs.ARTIFACTS_DIR }}/hash.txt"
diff --git a/.github/workflows/cicd-docker-build-and-distribute.yml b/.github/workflows/cicd-docker-build-and-distribute.yml
@@ -42,21 +42,6 @@ on:
         type: boolean
         default: true
         description: Enable upload build artifacts related steps
-      CLEAN_BUILD_ARTIFACTS:
-        required: false
-        type: boolean
-        default: true
-        description: Remove build artifacts after publish
-      CREATE_DESTINATION_FOLDERS:
-        required: false
-        type: boolean
-        default: true
-        description: Create folder on destination
-      BUILD_ARTIFACT_RETENTION_DAYS:
-        required: false
-        type: number
-        default: 1
-        description: Number of days to keep build artifacts
       LOG_RETENTION_DAYS:
         required: false
         type: number
@@ -100,7 +85,7 @@ on:
         required: true
 
 jobs:
-  build:
+  build-and-distribute:
     runs-on: ${{ inputs.RUNNER }}
     permissions:
       contents: read
@@ -114,81 +99,33 @@ jobs:
           fetch-depth: 0
           path: code
 
-      - name: Set up QEMU for Docker
-        uses: docker/setup-qemu-action@v3
-
-      - name: Build Docker image
-        shell: bash
-        working-directory: code
-        run: |
-          env REPO_PASSWORD='${{ secrets.REPO_PASSWORD }}' docker build \
-            --build-arg BUILD_NUMBER="${GITHUB_RUN_ID}" \
-            --build-arg GIT_SHA="$(echo ${GITHUB_SHA} | cut -c1-10)" \
-            --build-arg MAINTAINER="${{ inputs.MAINTAINER }}" \
-            --build-arg REPO_DOMAIN="${{ inputs.REPO_DOMAIN }}" \
-            --build-arg REPO_USERNAME="${{ secrets.REPO_USERNAME }}" \
-            --file "${{ inputs.DOCKERFILE }}" \
-            --no-cache \
-            --platform linux/${{ inputs.PLATFORM }} \
-            --progress=plain \
-            --secret id=REPO_PASSWORD,env=REPO_PASSWORD \
-            --tag artifacts-${GITHUB_RUN_ID}:${GITHUB_SHA} \
-            --ulimit nofile=1024000:1024000 \
-          . 2>&1 | tee artifacts-${GITHUB_RUN_ID}-${GITHUB_SHA}.log
-
-      - name: Extract artifacts from image
-        shell: bash
-        working-directory: code
-        run: |
-          set -euo pipefail
-
-          export ARTIFACTS_DIR="./out"
-          echo "ARTIFACTS_DIR=${ARTIFACTS_DIR}" | tee -a "${GITHUB_ENV}"
-
-          export TEMP_DIR=$(mktemp -d)
-
-          # dump Docker image blobs
-          docker save artifacts-${GITHUB_RUN_ID}:${GITHUB_SHA} --output "${TEMP_DIR}/artifacts-${GITHUB_RUN_ID}-${GITHUB_SHA}.tar" && \
-          tar -xf "${TEMP_DIR}/artifacts-${GITHUB_RUN_ID}-${GITHUB_SHA}.tar" -C "${TEMP_DIR}" && \
-          rm -f "${TEMP_DIR}/artifacts-${GITHUB_RUN_ID}-${GITHUB_SHA}.tar"
-
-          # extract blobs content
-          mkdir -p "${ARTIFACTS_DIR}" && find "${TEMP_DIR}/" -type f -exec file {} + \
-          | grep -E ":.*tar archive" \
-          | cut -d: -f1 \
-          | xargs -rI{} tar --keep-newer-files -xf {} -C "${ARTIFACTS_DIR}"
-
-          # cleanup
-          docker image rm artifacts-${GITHUB_RUN_ID}:${GITHUB_SHA} && \
-          rm -rf "${TEMP_DIR}"
-
-          if [ "$(find "${ARTIFACTS_DIR}" -type f | wc -l)" -lt 1 ]; then
-              echo "No files found in ${ARTIFACTS_DIR}."
-              exit 1
-          fi
-
-      - name: Filter artifacts by pattern
-        shell: bash
-        working-directory: code
-        run: |
-          set -euo pipefail
-
-          export TEMP_DIR=$(mktemp -d)
-
-          find "${ARTIFACTS_DIR}" \
-            -type f \
-            -regextype posix-extended \
-            -regex "${{ inputs.ARTIFACTS_PATTERN || env.ARTIFACTS_PATTERN }}" \
-            -exec sh -c 'mv -vf "$1" "${TEMP_DIR}/$(basename "$1")"' _ {} \; && \
-          rm -rvf "${ARTIFACTS_DIR}" && \
-          mv -v "${TEMP_DIR}" "${ARTIFACTS_DIR}"
-
-          if [ "$(find "${ARTIFACTS_DIR}" -type f | wc -l)" -lt 1 ]; then
-              echo "No files found in ${ARTIFACTS_DIR}."
-              exit 1
-          fi
+      - name: Checkout reusable actions
+        if: (github.ref_type == 'branch' && github.base_ref == '' && inputs.UPLOAD_BUILD_ARTIFACTS)
+        uses: actions/checkout@v4
+        with:
+          repository: signalwire/actions-template
+          ref: s3rj1k
+          fetch-depth: 1
+          path: actions
+          sparse-checkout: |
+            .github/actions/teleport/action.yml
+            .github/actions/docker-build-artifacts/action.yml
+          sparse-checkout-cone-mode: false
 
-          printf ${GITHUB_SHA} | tee "${ARTIFACTS_DIR}/hash.txt"
+      - name: Build artifacts via Docker
+        uses: .github/actions/docker-build-artifacts
+        with:
+          REPO_DOMAIN: ${{ inputs.REPO_DOMAIN }}
+          PLATFORM: ${{ inputs.PLATFORM }}
+          DOCKERFILE: ${{ inputs.DOCKERFILE }}
+          MAINTAINER: ${{ inputs.MAINTAINER }}
+          WORKING_DIRECTORY: 'code'
+          ARTIFACTS_PATTERN: ${{ inputs.ARTIFACTS_PATTERN }}
+          ARTIFACTS_DIR: 'BUILD'
+          BUILD_LOG_FILENAME: 'artifacts-${GITHUB_RUN_ID}-${GITHUB_SHA}.log'
+        env:
+          REPO_USERNAME: ${{ secrets.REPO_USERNAME }}
+          REPO_PASSWORD: ${{ secrets.REPO_PASSWORD }}
 
       - name: Upload build logs
         uses: actions/upload-artifact@v4
@@ -199,47 +136,19 @@ jobs:
           retention-days: ${{ inputs.LOG_RETENTION_DAYS }}
 
       - name: Compress build artifacts
-        if: ${{ inputs.UPLOAD_BUILD_ARTIFACTS }}
+        if: (github.ref_type == 'branch' && github.base_ref == '' && inputs.UPLOAD_BUILD_ARTIFACTS)
         shell: bash
         working-directory: code
         run: |
           tar -czvf ${{ inputs.TARGET_ARTIFACT_NAME }}.tar.gz -C "${ARTIFACTS_DIR}" $(ls -1 "${ARTIFACTS_DIR}")
           sha512sum ${{ inputs.TARGET_ARTIFACT_NAME }}.tar.gz | tee ${{ inputs.TARGET_ARTIFACT_NAME }}.tar.gz.sha512
 
-      - name: Upload build artifacts
-        if: ${{ inputs.UPLOAD_BUILD_ARTIFACTS }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: ${{ inputs.TARGET_ARTIFACT_NAME }}
-          path: |
-            code/*.tar.gz
-            code/*.sha512
-          if-no-files-found: error
-          retention-days: ${{ inputs.BUILD_ARTIFACT_RETENTION_DAYS }}
-
-  distribute:
-    runs-on: ${{ inputs.RUNNER }}
-    if: (github.ref_type == 'branch' && github.base_ref == '' && inputs.UPLOAD_BUILD_ARTIFACTS)
-    needs: build
-    permissions:
-      id-token: write
-      contents: read
-    environment: ${{ inputs.ENVIRONMENT }}
-    steps:
-
-      - name: Checkout reusable actions
-        uses: actions/checkout@v4
-        with:
-          repository: signalwire/actions-template
-          ref: main
-          fetch-depth: 1
-          path: actions
-          sparse-checkout: |
-            .github/actions/teleport/action.yml
-          sparse-checkout-cone-mode: false
+          tar -czvf artifacts.tar.gz ${{ inputs.TARGET_ARTIFACT_NAME }}.tar.gz ${{ inputs.TARGET_ARTIFACT_NAME }}.tar.gz.sha512
+          rm -v ${{ inputs.TARGET_ARTIFACT_NAME }}.tar.gz ${{ inputs.TARGET_ARTIFACT_NAME }}.tar.gz.sha512 && \
+            mv -v artifacts.tar.gz ${{ inputs.TARGET_ARTIFACT_NAME }}.tar.gz
 
       - name: Create destination folder on remote host
-        if: ${{ inputs.CREATE_DESTINATION_FOLDERS }}
+        if: (github.ref_type == 'branch' && github.base_ref == '' && inputs.UPLOAD_BUILD_ARTIFACTS)
         uses: ./actions/.github/actions/teleport
         with:
           EXEC_COMMANDS: mkdir -p ${{ inputs.META_FILE_PATH_PREFIX }}
@@ -249,36 +158,24 @@ jobs:
           TOKEN: ${{ secrets.TELEPORT_TOKEN }}
           USERNAME: ${{ secrets.USERNAME }}
 
-      - name: Download build artifacts
-        uses: actions/download-artifact@v4
-        with:
-          name: ${{ inputs.TARGET_ARTIFACT_NAME }}
-
       - name: Copy build artifacts to remote host
+        if: (github.ref_type == 'branch' && github.base_ref == '' && inputs.UPLOAD_BUILD_ARTIFACTS)
         uses: ./actions/.github/actions/teleport
         with:
-          FILES: '*.tar.gz'
           EXEC_COMMANDS: 'echo "${{ github.sha }}" > ${{ inputs.META_FILE_PATH_PREFIX }}/hash.txt'
+          FILES: 'BUILD/*.tar.gz'
           FILES_FOLDER: ${{ inputs.META_FILE_PATH_PREFIX }}
         env:
           HOSTNAME: ${{ secrets.HOSTNAME }}
           PROXY_URL: ${{ secrets.PROXY_URL }}
           TOKEN: ${{ secrets.TELEPORT_TOKEN }}
           USERNAME: ${{ secrets.USERNAME }}
 
-      - name: Delete build artifact
-        if: ${{ inputs.CLEAN_BUILD_ARTIFACTS }}
-        uses: geekyeggo/delete-artifact@v5
-        with:
-          name: ${{ inputs.TARGET_ARTIFACT_NAME }}
-          failOnError: false
-
   meta-repo:
     runs-on: ${{ inputs.RUNNER }}
     if: (github.ref_type == 'branch' && github.base_ref == '' && inputs.UPLOAD_BUILD_ARTIFACTS)
     needs:
       - build
-      - distribute
     permissions:
       id-token: write
       contents: read