forked from MariaDB/buildbot
-
Notifications
You must be signed in to change notification settings - Fork 0
236 lines (214 loc) · 8.27 KB
/
bbw_build_container_template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
---
name: bbw-build-container-template
on:
workflow_call:
inputs:
dockerfile:
required: true
type: string
image:
required: true
type: string
platforms:
required: true
type: string
tag:
required: false
type: string
runner:
required: false
type: string
clang_version:
required: false
type: string
branch:
required: false
type: string
install_valgrind:
required: false
type: string
files:
required: false
type: string
nogalera:
required: false
type: string
default: 'true'
noqpress:
required: false
type: string
default: 'false'
jobs:
build:
runs-on: ${{ inputs.runner || 'ubuntu-22.04' }}
services:
registry:
image: registry:2
ports:
- 5000:5000
name: ${{ inputs.image }} (${{ inputs.tag }} ${{ inputs.platforms }})
env:
DEPLOY_IMAGES: false
MAIN_BRANCH: false
WORKDIR: ci_build_images
steps:
- name: Enable Production release - no rebuild
run: echo "MAIN_BRANCH=true" >> $GITHUB_ENV
if: github.ref == 'refs/heads/main'
#runs always.
- uses: actions/checkout@v4
- name: Set up env vars
run: |
set -vx
[[ -n "${{ inputs.image }}" ]] || {
echo "Missing base image (FROM)"
exit 1
}
if [[ -n "${{ inputs.tag }}" ]]; then
echo "IMG=${{ inputs.tag }}" >>$GITHUB_ENV
else
TAG_TMP=${{ inputs.image }}
echo "IMG=${TAG_TMP/:/}" >>$GITHUB_ENV
fi
echo "REPO=bb-worker" >>$GITHUB_ENV
- name: Generate Dockerfile and necessary files
if: ${{ env.MAIN_BRANCH == 'false' }}
run: |
cd ${{ env.WORKDIR }}
if [ "${{ inputs.noqpress }}" == "true" ]; then
cat ${{ inputs.dockerfile }} buildbot-worker.Dockerfile >$GITHUB_WORKSPACE/Dockerfile
else
cat ${{ inputs.dockerfile }} qpress.Dockerfile buildbot-worker.Dockerfile >$GITHUB_WORKSPACE/Dockerfile
cp -r qpress $GITHUB_WORKSPACE
fi
if [ "${{ inputs.nogalera }}" == true ]; then
sed -i -e '/ci.mariadb.org\/galera/d' -e '/galera-4/d' -e '/WSREP_PROVIDER/d' $GITHUB_WORKSPACE/Dockerfile
fi
- name: Copy files on runner
if: ${{ inputs.files && env.MAIN_BRANCH == 'false' }}
run: |
for file in $(echo '${{ inputs.files }}' | jq -c '.[]'); do
source=$(echo $file | jq -r '.source')
target=$(echo $file | jq -r '.target')
cp $source $target
done
- name: No wsrep on 32 bit platforms
if: ${{ contains(inputs.platforms, 'linux/386') && env.MAIN_BRANCH == 'false' }}
run: |
sed -i -e '/WSREP_PROVIDER/d' $GITHUB_WORKSPACE/Dockerfile
- name: Check Dockerfile with hadolint
if: ${{ env.MAIN_BRANCH == 'false' }}
run: |
docker run -i -v $(pwd):/mnt -w /mnt ghcr.io/hadolint/hadolint:latest hadolint /mnt/Dockerfile
- name: Install qemu-user-static
if: ${{ env.MAIN_BRANCH == 'false' }}
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
- name: Build image
if: ${{ env.MAIN_BRANCH == 'false' }}
run: |
podman manifest create ${{ env.REPO }}:${{ env.IMG }}
for arch in $(echo ${{ inputs.platforms }} | sed 's/,/ /g'); do
msg="Build $arch:"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
podman buildx build --tag ${{ env.REPO }}:${{ env.IMG }}-${arch//\//-} \
--platform $arch \
--manifest ${{ env.REPO }}:${{ env.IMG }} \
-f $GITHUB_WORKSPACE/Dockerfile \
--build-arg BASE_IMAGE=${{ inputs.image }} \
--build-arg CLANG_VERSION=${{ inputs.clang_version }} \
--build-arg MARIADB_BRANCH=${{ inputs.branch }} \
--build-arg INSTALL_VALGRIND="${{ inputs.install_valgrind }}"
done
podman images
- name: Push images to local registry
if: ${{ env.MAIN_BRANCH == 'false'}}
run: |
podman manifest push --tls-verify=0 \
--all ${{ env.REPO }}:${{ env.IMG }} \
docker://localhost:5000/${{ env.REPO }}:${{ env.IMG }}
- name: Check multi-arch container
if: ${{ env.MAIN_BRANCH == 'false' }}
run: |
# make some space on the runner
if [[ -d $HOME/.local/share/containers ]]; then
sudo rm -rf $HOME/.local/share/containers
fi
for p in ${{ inputs.platforms }}; do
platform="${p/,/}"
image="localhost:5000/bb-worker:${{ env.IMG }}"
msg="Testing docker image $image on platform $platform"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
docker pull -q --platform "$platform" "$image"
docker run -i "$image" buildbot-worker --version
docker run -i "$image" dumb-init twistd --pidfile= -y /home/buildbot/buildbot.tac
if [ "${{ inputs.noqpress }}" == "false" ]; then
docker run -u root -i "$image" bash -c "touch /tmp/foo && qpress -r /tmp /root/qpress.qp"
fi
done
- name: Check for registry credentials
run: |
missing=()
[[ -n "${{ secrets.QUAY_USER }}" ]] || missing+=(QUAY_USER)
[[ -n "${{ secrets.QUAY_TOKEN }}" ]] || missing+=(QUAY_TOKEN)
for i in "${missing[@]}"; do
echo "Missing github secret: $i"
done
if (( ${#missing[@]} == 0 )); then
echo "DEPLOY_IMAGES=true" >> $GITHUB_ENV
else
echo "Not pushing images to registry"
fi
- name: Login to ghcr.io
if: ${{ env.DEPLOY_IMAGES == 'true' }}
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: ghcr.io - push dev tag
if: ${{ env.DEPLOY_IMAGES == 'true' && env.MAIN_BRANCH == 'false' }}
run: |
msg="Push docker image to ghcr.io (${{ env.IMG }})"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
skopeo copy --all --src-tls-verify=0 \
docker://localhost:5000/${{ env.REPO }}:${{ env.IMG }} \
docker://ghcr.io/${GITHUB_REPOSITORY,,}/${{ env.REPO }}:dev_${{ env.IMG }}
- name: ghcr.io - move tag to production
if: ${{ env.DEPLOY_IMAGES == 'true' && env.MAIN_BRANCH == 'true' }}
run: |
msg="Update tag (dev_${{ env.IMG }} --> ${{ env.IMG }})"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
skopeo copy --all --src-tls-verify=0 \
docker://ghcr.io/${GITHUB_REPOSITORY,,}/${{ env.REPO }}:dev_${{ env.IMG }} \
docker://ghcr.io/${GITHUB_REPOSITORY,,}/${{ env.REPO }}:${{ env.IMG }}
- name: Login to quay.io
if: ${{ env.DEPLOY_IMAGES == 'true' }}
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: quay.io - push dev tag
if: ${{ env.DEPLOY_IMAGES == 'true' && env.MAIN_BRANCH == 'false' }}
run: |
msg="Push docker image to quay.io (${{ env.IMG }})"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
skopeo copy --all --src-tls-verify=0 \
docker://localhost:5000/${{ env.REPO }}:${{ env.IMG }} \
docker://quay.io/mariadb-foundation/${{ env.REPO }}:dev_${{ env.IMG }}
- name: quay.io - move tag to production
if: ${{ env.DEPLOY_IMAGES == 'true' && env.MAIN_BRANCH =='true' }}
run: |
msg="Update tag (dev_${{ env.IMG }} --> ${{ env.IMG }})"
line="${msg//?/=}"
printf "\n${line}\n${msg}\n${line}\n"
skopeo copy --all --src-tls-verify=0 \
docker://quay.io/mariadb-foundation/${{ env.REPO }}:dev_${{ env.IMG }} \
docker://quay.io/mariadb-foundation/${{ env.REPO }}:${{ env.IMG }}