From dd2bb5ad7e1f92e12854ba5651ba4030e5f64cd2 Mon Sep 17 00:00:00 2001 From: Adenn Tumba Date: Tue, 1 Oct 2024 16:59:01 -0300 Subject: [PATCH 1/5] add multi-platform image --- .../build-mailroom-push-tag-shared.yaml | 91 ++++++++++++++++++- 1 file changed, 86 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-mailroom-push-tag-shared.yaml b/.github/workflows/build-mailroom-push-tag-shared.yaml index 84abb5464..6b29a4b7c 100644 --- a/.github/workflows/build-mailroom-push-tag-shared.yaml +++ b/.github/workflows/build-mailroom-push-tag-shared.yaml @@ -10,7 +10,20 @@ on: jobs: docker: runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + platform: + - linux/amd64 + - linux/arm64 steps: + - name: Check out the repo + uses: actions/checkout@v4 + if: github.event_name != 'pull_request' + with: + ref: "${{env.GITHUB_SHA}}" + token: ${{ secrets.DEVOPS_GITHUB_PERMANENT_TOKEN }} + - name: Set variables run: | TAG="$( echo "${GITHUB_REF}" | cut -d'/' -f3 )" @@ -36,6 +49,8 @@ jobs: echo "MANIFESTS_REPOSITORY=weni-ai/kubernetes-manifests-platform" | tee -a "${GITHUB_ENV}" echo "MANIFESTS_APPLICATION=weni-flows/mailroom" | tee -a "${GITHUB_ENV}" echo "MANIFESTS_PATCH_TARGET=deployment.json" | tee -a "${GITHUB_ENV}" + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" | tee -a "${GITHUB_ENV}" - name: Check out the repo uses: actions/checkout@v3 @@ -43,20 +58,21 @@ jobs: ref: "${{env.GITHUB_SHA}}" - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ secrets.ECR_SHARED }} username: ${{ secrets.AWS_ACCESS_KEY_ID_SHARED }} password: ${{ secrets.AWS_SECRET_ACCESS_KEY_SHARED }} - name: Build and push - Mailroom Image - uses: docker/build-push-action@v3 + id: build + uses: docker/build-push-action@v6 with: context: . labels: | @@ -64,10 +80,75 @@ jobs: commit=${{env.COMMIT_SHA}} repository=${{env.IMAGE_SOURCE_URL}} file: docker/Dockerfile - platforms: linux/amd64,linux/arm64 + platforms: ${{ matrix.platform }} push: true tags: "${{env.IMAGE_TAG}}" no-cache: true + outputs: type=image,name=${{ secrets.ECR }}/mailroom,push-by-digest=true,name-canonical=true,push=true + + - name: Export digest + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + + - name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + merge: + runs-on: ubuntu-latest + needs: + - docker + steps: + - name: Set variables + run: | + TAG="$( echo "${GITHUB_REF}" | cut -d'/' -f3 )" + if grep -qs -e '^.*.*-develop' <<< "${TAG}" ; then + echo "Found environment: DEVELOP - ${TAG}" + echo "MANIFESTS_ENVIRONMENT=develop" | tee -a "${GITHUB_ENV}" + elif grep -qs -e '^.*.*-staging' <<< "${TAG}" ; then + echo "Found environment: STAGING - ${TAG}" + echo "MANIFESTS_ENVIRONMENT=staging" | tee -a "${GITHUB_ENV}" + elif grep -qs -e '^.*.*' <<< "${TAG}" ; then + echo "No environment found, assuming: PRODUCTION - ${TAG}" + echo "MANIFESTS_ENVIRONMENT=production" | tee -a "${GITHUB_ENV}" + else + echo 'Not a valid tag. Skipping...' + exit 1 + fi + echo "TAG=$TAG" | tee -a "${GITHUB_ENV}" + VERSION="${TAG}" + echo "VERSION=${VERSION}" | tee -a "${GITHUB_ENV}" + echo "COMMIT_SHA=$GITHUB_SHA" | tee -a "${GITHUB_ENV}" + echo "IMAGE_TAG=${{ secrets.ECR }}/mailroom:$TAG" | tee -a "${GITHUB_ENV}" + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-* + merge-multiple: true + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to ECR + uses: docker/login-action@v3 + if: github.event_name != 'pull_request' + with: + registry: ${{ secrets.ECR_SHARED }} + username: ${{ secrets.AWS_ACCESS_KEY_ID_SHARED }} + password: ${{ secrets.AWS_SECRET_ACCESS_KEY_SHARED }} + + - name: Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create -t "${{ env.IMAGE_TAG }}" \ + $(printf '${{ secrets.ECR }}/mailrom@sha256:%s ' *) - name: Check out Kubernetes Manifests uses: actions/checkout@master From 2bce9791160040741027ae0b6dd0bb840d16bc02 Mon Sep 17 00:00:00 2001 From: Adenn Tumba Date: Tue, 1 Oct 2024 17:32:09 -0300 Subject: [PATCH 2/5] change variable secrets.ECR to secrets.ECR_SHARED --- .github/workflows/build-mailroom-push-tag-shared.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-mailroom-push-tag-shared.yaml b/.github/workflows/build-mailroom-push-tag-shared.yaml index 6b29a4b7c..dc9c6ce02 100644 --- a/.github/workflows/build-mailroom-push-tag-shared.yaml +++ b/.github/workflows/build-mailroom-push-tag-shared.yaml @@ -84,7 +84,7 @@ jobs: push: true tags: "${{env.IMAGE_TAG}}" no-cache: true - outputs: type=image,name=${{ secrets.ECR }}/mailroom,push-by-digest=true,name-canonical=true,push=true + outputs: type=image,name=${{ secrets.ECR_SHARED }}/mailroom,push-by-digest=true,name-canonical=true,push=true - name: Export digest run: | @@ -125,7 +125,7 @@ jobs: VERSION="${TAG}" echo "VERSION=${VERSION}" | tee -a "${GITHUB_ENV}" echo "COMMIT_SHA=$GITHUB_SHA" | tee -a "${GITHUB_ENV}" - echo "IMAGE_TAG=${{ secrets.ECR }}/mailroom:$TAG" | tee -a "${GITHUB_ENV}" + echo "IMAGE_TAG=${{ secrets.ECR_SHARED }}/mailroom:$TAG" | tee -a "${GITHUB_ENV}" - name: Download digests uses: actions/download-artifact@v4 with: @@ -148,7 +148,7 @@ jobs: working-directory: /tmp/digests run: | docker buildx imagetools create -t "${{ env.IMAGE_TAG }}" \ - $(printf '${{ secrets.ECR }}/mailrom@sha256:%s ' *) + $(printf '${{ secrets.ECR_SHARED }}/mailrom@sha256:%s ' *) - name: Check out Kubernetes Manifests uses: actions/checkout@master From 84a38e81a2683e07fc39d05437d26855a3bfe05a Mon Sep 17 00:00:00 2001 From: Adenn Tumba Date: Tue, 1 Oct 2024 18:50:56 -0300 Subject: [PATCH 3/5] add comment on push tags and no-cache --- .github/workflows/build-mailroom-push-tag-shared.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-mailroom-push-tag-shared.yaml b/.github/workflows/build-mailroom-push-tag-shared.yaml index dc9c6ce02..04f886dbb 100644 --- a/.github/workflows/build-mailroom-push-tag-shared.yaml +++ b/.github/workflows/build-mailroom-push-tag-shared.yaml @@ -81,9 +81,9 @@ jobs: repository=${{env.IMAGE_SOURCE_URL}} file: docker/Dockerfile platforms: ${{ matrix.platform }} - push: true - tags: "${{env.IMAGE_TAG}}" - no-cache: true + # push: true + # tags: "${{env.IMAGE_TAG}}" + # no-cache: true outputs: type=image,name=${{ secrets.ECR_SHARED }}/mailroom,push-by-digest=true,name-canonical=true,push=true - name: Export digest From 017cc30d4c55228cb04f282064656bfd4c93cf05 Mon Sep 17 00:00:00 2001 From: Adenn Tumba Date: Wed, 2 Oct 2024 00:17:25 -0300 Subject: [PATCH 4/5] fix name tag --- .github/workflows/build-mailroom-push-tag-shared.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-mailroom-push-tag-shared.yaml b/.github/workflows/build-mailroom-push-tag-shared.yaml index 04f886dbb..f9754143a 100644 --- a/.github/workflows/build-mailroom-push-tag-shared.yaml +++ b/.github/workflows/build-mailroom-push-tag-shared.yaml @@ -148,7 +148,7 @@ jobs: working-directory: /tmp/digests run: | docker buildx imagetools create -t "${{ env.IMAGE_TAG }}" \ - $(printf '${{ secrets.ECR_SHARED }}/mailrom@sha256:%s ' *) + $(printf '${{ secrets.ECR_SHARED }}/mailroom@sha256:%s ' *) - name: Check out Kubernetes Manifests uses: actions/checkout@master From b0bd57d52d94c966fe95b5abd257a48d689bb207 Mon Sep 17 00:00:00 2001 From: Adenn Tumba Date: Wed, 2 Oct 2024 16:11:07 -0300 Subject: [PATCH 5/5] add variables on job merge --- .github/workflows/build-mailroom-push-tag-shared.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build-mailroom-push-tag-shared.yaml b/.github/workflows/build-mailroom-push-tag-shared.yaml index f9754143a..26b87447d 100644 --- a/.github/workflows/build-mailroom-push-tag-shared.yaml +++ b/.github/workflows/build-mailroom-push-tag-shared.yaml @@ -126,6 +126,9 @@ jobs: echo "VERSION=${VERSION}" | tee -a "${GITHUB_ENV}" echo "COMMIT_SHA=$GITHUB_SHA" | tee -a "${GITHUB_ENV}" echo "IMAGE_TAG=${{ secrets.ECR_SHARED }}/mailroom:$TAG" | tee -a "${GITHUB_ENV}" + echo "MANIFESTS_REPOSITORY=weni-ai/kubernetes-manifests-platform" | tee -a "${GITHUB_ENV}" + echo "MANIFESTS_APPLICATION=weni-flows/mailroom" | tee -a "${GITHUB_ENV}" + echo "MANIFESTS_PATCH_TARGET=deployment.json" | tee -a "${GITHUB_ENV}" - name: Download digests uses: actions/download-artifact@v4 with: