Skip to content

Workflow file for this run

---
name: bbw container build
on:
push:
paths:
- .github/workflows/bb_containers.yml
- "ci_build_images/**"
pull_request:
paths:
- .github/workflows/bb_containers.yml
- "ci_build_images/**"
jobs:
build:
#runs-on: ubuntu-latest
runs-on: self-hosted
services:
registry:
image: registry:2
ports:
- 5000:5000
name: ${{ matrix.image }} (${{ matrix.tag }} ${{ matrix.platforms }})
strategy:
fail-fast: false
matrix:
include:
# - dockerfile: debian.Dockerfile
# image: debian:10
# branch: 10.11
# platforms: linux/amd64, linux/arm64/v8
# - dockerfile: debian.Dockerfile
# image: debian:11
# branch: 10.11
# platforms: linux/amd64, linux/arm64/v8, linux/ppc64le
- dockerfile: debian.Dockerfile
image: debian:12
tag: debian12
branch: 10.11
platforms: linux/amd64, linux/arm64/v8, linux/ppc64le
# - dockerfile: debian.Dockerfile aocc.Dockerfile
# image: debian:11
# tag: debian11-aocc
# branch: 10.11
# platforms: linux/amd64
# - dockerfile: debian.Dockerfile msan.Dockerfile
# image: debian:11
# branch: 10.11
# tag: debian11-msan
# platforms: linux/amd64
# - dockerfile: debian.Dockerfile
# image: debian:sid
# branch: 10.11
# platforms: linux/amd64, linux/arm64/v8, linux/ppc64le
# - dockerfile: debian.Dockerfile
# image: debian:sid
# tag: debiansid-386
# branch: 10.11
# platforms: linux/386
# - dockerfile: debian.Dockerfile
# image: ubuntu:20.04
# branch: 10.11
# platforms: linux/amd64, linux/arm64/v8, linux/ppc64le, linux/s390x
# - dockerfile: debian.Dockerfile
# image: ubuntu:22.04
# branch: 10.11
# platforms: linux/amd64, linux/arm64/v8, linux/ppc64le, linux/s390x
# - dockerfile: debian.Dockerfile
# image: ubuntu:22.10
# branch: 10.11
# platforms: linux/amd64, linux/arm64/v8
# - dockerfile: debian.Dockerfile
# image: ubuntu:23.04
# branch: 10.11
# platforms: linux/amd64, linux/arm64/v8
# - dockerfile: debian.Dockerfile
# image: ubuntu:23.10
# branch: 10.11
# platforms: linux/amd64, linux/arm64/v8
# - dockerfile: fedora.Dockerfile
# image: fedora:37
# platforms: linux/amd64, linux/arm64/v8
# - dockerfile: fedora.Dockerfile
# image: fedora:38
# platforms: linux/amd64, linux/arm64/v8
# - dockerfile: centos7.Dockerfile pip.Dockerfile
# image: centos:7
# platforms: linux/amd64
# - dockerfile: centos.Dockerfile
# image: quay.io/centos/centos:stream8
# tag: centosstream8
# platforms: linux/amd64, linux/arm64/v8, linux/ppc64le
# - dockerfile: centos.Dockerfile pip.Dockerfile
# image: quay.io/centos/centos:stream9
# tag: centosstream9
# platforms: linux/amd64, linux/arm64/v8, linux/ppc64le
# # //TEMP Error: Unable to find a match: ccache python3-scons (on
# # s390x)
# # platforms: linux/amd64, linux/arm64/v8, linux/ppc64le, linux/s390x
# - dockerfile: rhel7.Dockerfile pip.Dockerfile
# image: rhel7
# platforms: linux/amd64
# - dockerfile: rhel.Dockerfile
# image: ubi8
# tag: rhel8
# platforms: linux/amd64, linux/arm64/v8, linux/ppc64le, linux/s390x
# - dockerfile: rhel.Dockerfile pip.Dockerfile
# image: ubi9
# tag: rhel9
# platforms: linux/amd64, linux/arm64/v8, linux/ppc64le, linux/s390x
# - dockerfile: opensuse.Dockerfile pip.Dockerfile
# image: opensuse/leap:15.3
# tag: opensuse15
# platforms: linux/amd64
env:
BUILD_RHEL: false
DEPLOY_IMAGES: false
WORKDIR: ci_build_images
steps:
- uses: actions/checkout@v2
- name: Set up env vars
run: |
set -vx
[[ -n "${{ matrix.image }}" ]] || {
echo "Missing base image (FROM)"
exit 1
}
if [[ -n "${{ matrix.tag }}" ]]; then
echo "IMG=${{ matrix.tag }}" >>$GITHUB_ENV
else
TAG_TMP=${{ matrix.image }}
echo "IMG=${TAG_TMP/:/}" >>$GITHUB_ENV
fi
echo "REPO=bb-worker" >>$GITHUB_ENV
- name: Check for rhel subscription credentials
if: >
(contains(matrix.dockerfile, 'rhel')) &&
github.ref == 'refs/heads/main'
run: |
missing=()
[[ -n "${{ secrets.RHEL_ORGID }}" ]] || missing+=(RHEL_ORGID)
[[ -n "${{ secrets.RHEL_KEYNAME }}" ]] || missing+=(RHEL_KEYNAME)
for i in "${missing[@]}"; do
echo "Missing github secret: $i"
done
(( ${#missing[@]} == 0 )) || exit 1
echo "BUILD_RHEL=true" >> $GITHUB_ENV
- name: Generate Dockerfile and necessary files
run: |
cd ${{ env.WORKDIR }}
cat ${{ matrix.dockerfile }} common.Dockerfile >$GITHUB_WORKSPACE/Dockerfile
cp -r qpress $GITHUB_WORKSPACE
- name: No wsrep on 32 bit platforms
if: >
(contains(matrix.platforms, 'linux/386'))
run: |
sed -i -e '/WSREP_PROVIDER/d' $GITHUB_WORKSPACE/Dockerfile
- name: Check Dockerfile with hadolint
run: |
docker run -i -v $(pwd):/mnt -w /mnt ghcr.io/hadolint/hadolint:latest hadolint /mnt/Dockerfile
- name: Install qemu-user-static
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
- name: Build image
if: (!contains(matrix.dockerfile, 'rhel'))
run: |
podman manifest create ${{ env.REPO }}:${{ env.IMG }}
for arch in $(echo ${{ matrix.platforms }} | sed 's/,/ /g'); do
msg="Build $arch:"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
podman buildx build --tag ${{ env.REPO }}:${{ env.IMG }}-${arch//\//-} \
--platform $arch \
--manifest ${{ env.REPO }}:${{ env.IMG }} \
-f /home/runner/work/Dockerfile \
--build-arg base_image=${{ matrix.image }} \
--build-arg mariadb_branch=${{ matrix.branch }}
done
podman images
- name: Build image (rhel)
if: ${{ env.BUILD_RHEL == 'true' }}
run: |
# create secrets
echo "${{ secrets.RHEL_ORGID }}" >rhel_orgid
echo "${{ secrets.RHEL_KEYNAME }}" >rhel_keyname
podman manifest create ${{ env.REPO }}:${{ env.IMG }}
for arch in $(echo ${{ matrix.platforms }} | sed 's/,/ /g'); do
msg="Build $arch:"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
podman buildx build --tag ${{ env.REPO }}:${{ env.IMG }}-${arch//\//-} \
--secret id=rhel_orgid,src=./rhel_orgid \
--secret id=rhel_keyname,src=./rhel_keyname \
--platform $arch \
--manifest ${{ env.REPO }}:${{ env.IMG }} \
-f /home/runner/work/Dockerfile \
--build-arg base_image=${{ matrix.image }} \
--build-arg mariadb_branch=${{ matrix.branch }}
done
rm -f rhel_orgid rhel_keyname
podman images
- name: Push images to local registry
if: (!contains(matrix.dockerfile, 'rhel'))
run: |
podman manifest push --tls-verify=0 \
--all ${{ env.REPO }}:${{ env.IMG }} \
docker://localhost:5000/${{ env.REPO }}:${{ env.IMG }}
- name: Push images to local registry (rhel)
if: ${{ env.BUILD_RHEL == 'true' }}
run: |
podman manifest push --tls-verify=0 \
--all ${{ env.REPO }}:${{ env.IMG }} \
docker://localhost:5000/${{ env.REPO }}:${{ env.IMG }}
- name: Check multi-arch container
if: (!contains(matrix.dockerfile, 'rhel'))
run: |
for p in ${{ matrix.platforms }}; do
platform="${p/,/}"
image="localhost:5000/bb-worker:${{ env.IMG }}"
msg="Testing docker image $image on platform $platform"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
docker pull -q --platform "$platform" "$image"
docker run -i "$image" buildbot-worker --version
docker run -i "$image" dumb-init twistd --pidfile= -y /home/buildbot/buildbot.tac
docker run -u root -i "$image" bash -c "touch /tmp/foo && qpress -r /tmp /root/qpress.qp"
done
- name: Check multi-arch container (rhel)
if: ${{ env.BUILD_RHEL == 'true' }}
run: |
for p in ${{ matrix.platforms }}; do
platform="${p/,/}"
image="localhost:5000/bb-worker:${{ env.IMG }}"
msg="Testing docker image $image on platform $platform"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
docker pull -q --platform "$platform" "$image"
docker run -i "$image" buildbot-worker --version
docker run -i "$image" dumb-init twistd --pidfile= -y /home/buildbot/buildbot.tac
docker run -u root -i "$image" bash -c "touch /tmp/foo && qpress -r /tmp /root/qpress.qp"
done
- name: Check for registry credentials
run: |
missing=()
[[ -n "${{ secrets.QUAY_USER }}" ]] || missing+=(QUAY_USER)
[[ -n "${{ secrets.QUAY_TOKEN }}" ]] || missing+=(QUAY_TOKEN)
for i in "${missing[@]}"; do
echo "Missing github secret: $i"
done
if (( ${#missing[@]} == 0 )); then
echo "DEPLOY_IMAGES=true" >> $GITHUB_ENV
else
echo "Not pushing images to registry"
fi
- name: Login to ghcr.io
if: ${{ env.DEPLOY_IMAGES == 'true' }}
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push images to ghcr.io
if: ${{ env.DEPLOY_IMAGES == 'true' }}
run: |
msg="Push docker image to ghcr.io (${{ env.IMG }})"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
skopeo copy --all --src-tls-verify=0 \
docker://localhost:5000/${{ env.REPO }}:${{ env.IMG }} \
docker://ghcr.io/${GITHUB_REPOSITORY,,}/${{ env.REPO }}:${{ env.IMG }}
- name: Login to registry
if: ${{ env.DEPLOY_IMAGES == 'true' }}
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Push images to quay.io
if: ${{ env.DEPLOY_IMAGES == 'true' }}
run: |
msg="Push docker image to quay.io (${{ env.IMG }})"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
skopeo copy --all --src-tls-verify=0 \
docker://localhost:5000/${{ env.REPO }}:${{ env.IMG }} \
docker://quay.io/mariadb-foundation/${{ env.REPO }}:${{ env.IMG }}